diff mbox series

[V2,2/2] cxl/doe: Request exclusive DOE access

Message ID 20220824232450.723179-3-ira.weiny@intel.com
State Superseded
Headers show
Series CXL: Taint user access to DOE mailbox config space | expand

Commit Message

Ira Weiny Aug. 24, 2022, 11:24 p.m. UTC
From: Ira Weiny <ira.weiny@intel.com>

The PCIE Data Object Exchange (DOE) mailbox is a protocol run over
configuration cycles.  It assumes one initiator at a time.  While the
kernel has control of the mailbox user space writes could interfere with
the kernel access.

Mark DOE mailbox config space exclusive when iterated by the CXL driver.

Signed-off-by: Ira Weiny <ira.weiny@intel.com>
---
 drivers/cxl/pci.c             | 5 +++++
 include/uapi/linux/pci_regs.h | 1 +
 2 files changed, 6 insertions(+)

Comments

Jonathan Cameron Aug. 25, 2022, 2:59 p.m. UTC | #1
On Wed, 24 Aug 2022 16:24:50 -0700
ira.weiny@intel.com wrote:

> From: Ira Weiny <ira.weiny@intel.com>
> 
> The PCIE Data Object Exchange (DOE) mailbox is a protocol run over
> configuration cycles.  It assumes one initiator at a time.  While the
> kernel has control of the mailbox user space writes could interfere with
> the kernel access.
> 
> Mark DOE mailbox config space exclusive when iterated by the CXL driver.
> 
> Signed-off-by: Ira Weiny <ira.weiny@intel.com>
> ---
>  drivers/cxl/pci.c             | 5 +++++
>  include/uapi/linux/pci_regs.h | 1 +
>  2 files changed, 6 insertions(+)
> 
> diff --git a/drivers/cxl/pci.c b/drivers/cxl/pci.c
> index faeb5d9d7a7a..5b833eb91543 100644
> --- a/drivers/cxl/pci.c
> +++ b/drivers/cxl/pci.c
> @@ -418,6 +418,11 @@ static void devm_cxl_pci_create_doe(struct cxl_dev_state *cxlds)
>  			continue;
>  		}
>  
> +		if (!pci_request_config_region_exclusive(pdev, off,
> +							 PCI_DOE_CAP_SIZE,
> +							 dev_name(dev)))
> +			pci_err(pdev, "Failed to exclude DOE registers\n");
> +
>  		if (xa_insert(&cxlds->doe_mbs, off, doe_mb, GFP_KERNEL)) {
>  			dev_err(dev, "xa_insert failed to insert MB @ %x\n",
>  				off);
> diff --git a/include/uapi/linux/pci_regs.h b/include/uapi/linux/pci_regs.h
> index 57b8e2ffb1dd..f2396bcd09cc 100644
> --- a/include/uapi/linux/pci_regs.h
> +++ b/include/uapi/linux/pci_regs.h
> @@ -1119,6 +1119,7 @@
>  #define  PCI_DOE_STATUS_DATA_OBJECT_READY	0x80000000  /* Data Object Ready */
>  #define PCI_DOE_WRITE		0x10    /* DOE Write Data Mailbox Register */
>  #define PCI_DOE_READ		0x14    /* DOE Read Data Mailbox Register */
> +#define PCI_DOE_CAP_SIZE	(0x14 + 4)	/* Size of this register block */
Equivalents in this file don't build _SIZE from previous register - they just
give it directly.  Hence change this to 0x18.
Also, it seems that _SIZEOF is the common naming for this in this file.
There are a few _SIZE such as PCI_MSIX_ENTRY_SIZE but many more _SIZEOF

>  
>  /* DOE Data Object - note not actually registers */
>  #define PCI_DOE_DATA_OBJECT_HEADER_1_VID		0x0000ffff
diff mbox series

Patch

diff --git a/drivers/cxl/pci.c b/drivers/cxl/pci.c
index faeb5d9d7a7a..5b833eb91543 100644
--- a/drivers/cxl/pci.c
+++ b/drivers/cxl/pci.c
@@ -418,6 +418,11 @@  static void devm_cxl_pci_create_doe(struct cxl_dev_state *cxlds)
 			continue;
 		}
 
+		if (!pci_request_config_region_exclusive(pdev, off,
+							 PCI_DOE_CAP_SIZE,
+							 dev_name(dev)))
+			pci_err(pdev, "Failed to exclude DOE registers\n");
+
 		if (xa_insert(&cxlds->doe_mbs, off, doe_mb, GFP_KERNEL)) {
 			dev_err(dev, "xa_insert failed to insert MB @ %x\n",
 				off);
diff --git a/include/uapi/linux/pci_regs.h b/include/uapi/linux/pci_regs.h
index 57b8e2ffb1dd..f2396bcd09cc 100644
--- a/include/uapi/linux/pci_regs.h
+++ b/include/uapi/linux/pci_regs.h
@@ -1119,6 +1119,7 @@ 
 #define  PCI_DOE_STATUS_DATA_OBJECT_READY	0x80000000  /* Data Object Ready */
 #define PCI_DOE_WRITE		0x10    /* DOE Write Data Mailbox Register */
 #define PCI_DOE_READ		0x14    /* DOE Read Data Mailbox Register */
+#define PCI_DOE_CAP_SIZE	(0x14 + 4)	/* Size of this register block */
 
 /* DOE Data Object - note not actually registers */
 #define PCI_DOE_DATA_OBJECT_HEADER_1_VID		0x0000ffff