From: Dan Williams <dan.j.williams@intel.com>
To: Ben Cheatham <benjamin.cheatham@amd.com>,
Dan Williams <dan.j.williams@intel.com>,
<jonathan.cameron@huawei.com>, <rafael@kernel.org>,
<james.morse@arm.com>, <tony.luck@intel.com>, <bp@alien8.de>
Cc: <dave@stogolabs.net>, <dave.jiang@intel.com>,
<alison.schofield@intel.com>, <vishal.l.verma@intel.com>,
<ira.weiny@intel.com>, <linux-cxl@vger.kernel.org>,
<linux-acpi@vger.kernel.org>
Subject: Re: [PATCH v13 2/4] EINJ: Add CXL error type support
Date: Wed, 21 Feb 2024 12:41:33 -0800 [thread overview]
Message-ID: <65d65ffdd40f_5c76294ce@dwillia2-mobl3.amr.corp.intel.com.notmuch> (raw)
In-Reply-To: <5a650a49-8f80-4ade-8844-61f88172cecd@amd.com>
Ben Cheatham wrote:
>
>
> On 2/21/24 11:43 AM, Dan Williams wrote:
> > Ben Cheatham wrote:
> >> Remove CXL protocol error types from the EINJ module and move them to
> >> a new einj_cxl module. The einj_cxl module implements the necessary
> >> handling for CXL protocol error injection and exposes an API for the
> >> CXL core to use said functionality. Because the CXL error types
> >> require special handling, only allow them to be injected through the
> >> einj_cxl module and return an error when attempting to inject through
> >> "regular" EINJ.
> >
> > So Robustness Principle says be conservative in what you send and
> > liberal in what you accept. So cleaning up the reporting of CXL
> > capabilities over to the new interface is consistent with that
> > principle, but not removing the ability to inject via the legacy
> > interface. Especially since that has been the status quo for a few
> > kernel cycles is there a good reason to actively prevent usage of that
> > path?
> >
>
> For CXL 2.0+ ports it's fine since EINJ only expects an SBDF which is
> pretty readily accessible by the user. CXL 1.1/1.0 ports however, it's a bit
> of a headache. It would require the user to find the address of the RCRB
> for the port and supply that to the EINJ module. I originally had this option
> anyway, but I think it got shot down for being too obtuse to use (I think by
> you, but it's been a while xD). If you think it's still worthwhile I can
> remove the restriction for both types of ports or just the 2.0+ ports.
So, to be clear, yes I NAKd that being the primary interface, and I am
not changing my mind on it being too obtuse to inflict on end users.
However, just because it is too obtuse to be the primary interface does
not mean that if someone runs that gauntlet, or has expert knowledge of
where RCRB is located, that they be tripped up at the last moment from
specifying that parameter via the legacy path.
So consider it an undocumented feature, and I think it only ends up
being a one line change to let that parameter through, if it can be done
safely.
That said, if there is any concern about input validation and safety
then keep the policy as you have it.
> For CXL 1.0/1.1 ports there's also the security issue of being able to inject
> to any address since the way it works is by skipping the memory address
> checks, but since this is a debug module I don't think it's that big
> of a deal.
Say more here, this seems like just the safety issue I just mentioned
that would justify forcing folks through the CXL interface. Depending on
how severe this is it might also require backporting the removal of CXL
injection from older kernels.
The main concern would be whether einj needs to disabled when kernel
lockdown is enabled.
next prev parent reply other threads:[~2024-02-21 20:41 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-20 22:11 [PATCH v13 0/4] cxl, EINJ: Update EINJ for CXL error types Ben Cheatham
2024-02-20 22:11 ` [PATCH v13 1/4] EINJ: Migrate to a platform driver Ben Cheatham
2024-02-21 6:18 ` Dan Williams
2024-02-21 20:27 ` Ben Cheatham
2024-02-20 22:11 ` [PATCH v13 2/4] EINJ: Add CXL error type support Ben Cheatham
2024-02-21 17:43 ` Dan Williams
2024-02-21 20:27 ` Ben Cheatham
2024-02-21 20:34 ` Ben Cheatham
2024-02-21 20:41 ` Dan Williams [this message]
2024-02-21 21:00 ` Ben Cheatham
2024-02-21 22:05 ` Dan Williams
2024-02-23 1:13 ` Davidlohr Bueso
2024-02-23 15:33 ` Ben Cheatham
2024-02-22 7:49 ` kernel test robot
2024-02-20 22:11 ` [PATCH v13 3/4] cxl/core: Add CXL EINJ debugfs files Ben Cheatham
2024-02-21 17:48 ` Dan Williams
2024-02-21 20:27 ` Ben Cheatham
2024-02-20 22:11 ` [PATCH v13 4/4] EINJ, Documentation: Update EINJ kernel doc Ben Cheatham
2024-02-21 20:27 ` Dan Williams
2024-02-20 23:04 ` [PATCH v13 0/4] cxl, EINJ: Update EINJ for CXL error types Dan Williams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=65d65ffdd40f_5c76294ce@dwillia2-mobl3.amr.corp.intel.com.notmuch \
--to=dan.j.williams@intel.com \
--cc=alison.schofield@intel.com \
--cc=benjamin.cheatham@amd.com \
--cc=bp@alien8.de \
--cc=dave.jiang@intel.com \
--cc=dave@stogolabs.net \
--cc=ira.weiny@intel.com \
--cc=james.morse@arm.com \
--cc=jonathan.cameron@huawei.com \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-cxl@vger.kernel.org \
--cc=rafael@kernel.org \
--cc=tony.luck@intel.com \
--cc=vishal.l.verma@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox