From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5CEA3C4167B for ; Thu, 7 Dec 2023 17:24:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1443167AbjLGRYV (ORCPT ); Thu, 7 Dec 2023 12:24:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51758 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235231AbjLGRYT (ORCPT ); Thu, 7 Dec 2023 12:24:19 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 199CC2D56 for ; Thu, 7 Dec 2023 09:23:39 -0800 (PST) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 61DA1C433C8; Thu, 7 Dec 2023 17:23:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1701969811; bh=5ZGbyElS+x41MFLATnYLsznaU+Z7c+doA4GLhjlaIew=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=dkRZ6y5Qj9QrxhwraMvNrHQbxYNnUc2M2Ws9bbkKt+JuGDa4HmB1BPrV1J0phelDG hvhlU7wbIxkEVWP4VkF7WTcgfxvhgSrSPZvgFTvA4zX/pDE/KdKwadzE0oV721g11E ek7H2pt91Li8V97BSTov/77ZSTJMs8jy0w7MymYE0uqYM2K6PZzyRku7gN+8ZUimKI rP5szN53GaJQQKQwCt3/T1d5tjYYxNmv27cLlPIgl9YgOGPL/5dZVYAWECvSLgXZAy jrWDMTAx1RXtudxH21EP4AuhR95sq2kh+jf31AgtqJEJJyT1ZFpijeMAFYIh2r3Stm TddQ5Z7LXvelw== Date: Thu, 7 Dec 2023 09:23:29 -0800 From: Jakub Kicinski To: Aron Silverton Cc: Greg Kroah-Hartman , Saeed Mahameed , Jason Gunthorpe , David Ahern , Arnd Bergmann , Leon Romanovsky , Jiri Pirko , Leonid Bloch , Itay Avraham , linux-kernel@vger.kernel.org, Saeed Mahameed Subject: Re: [PATCH V3 2/5] misc: mlx5ctl: Add mlx5ctl misc driver Message-ID: <20231207092329.3ec04dca@kernel.org> In-Reply-To: References: <20231128162413.GP436702@nvidia.com> <20231128084421.6321b9b2@kernel.org> <20231128175224.GR436702@nvidia.com> <20231128103304.25c2c642@kernel.org> <2023112922-lyricist-unclip-8e78@gregkh> <20231204185210.030a72ca@kernel.org> <20231205204855.52fa5cc1@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 7 Dec 2023 10:41:25 -0600 Aron Silverton wrote: > > I understand that having everything packaged and shipped together makes > > life easier. > > I think it is a requirement. We operate with Secure Boot. The kernel is > locked down. We don't have debugfs access, even if it were sufficient, > and we cannot compile and load modules. Even without Secure Boot, there > may not be a build environment available. This 'no debugfs' requirement is a kernel lockdown thing, I presume? Are we expected to throw debugfs out the window and for all vendors to reimplement their debug functionality via a misc driver taking arbitrary ioctls? Not only does that sound like a complete waste of time and going backward in terms of quality of the interfaces, needing custom vendor tools etc. etc., but also you go from (hopefully somewhat) upstream reviewed debugfs interface to an interface where the only security assurance is vendor telling you "trust me, it's all good".