Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp939405ybx;
        Thu, 7 Nov 2019 05:01:23 -0800 (PST)
X-Google-Smtp-Source: APXvYqzyTMwVbzezy0oLNFg7YqKxleu/1SOpOsK9qTlXfoVHkiuSQ+1orETeIXnxRREbbgwoGVGv
X-Received: by 2002:a17:906:da1d:: with SMTP id fi29mr1983160ejb.26.1573131683099;
        Thu, 07 Nov 2019 05:01:23 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1573131683; cv=none;
        d=google.com; s=arc-20160816;
        b=QKmD3FBlXt3hoMNslSXQ1j2ZCV+zvg37N22xreS1eOyeK+e4jVbckGlUqmHk5/UnXB
         A+dMxwJ8SQQCT0/MmVJl5eZGol1QHN1S8xpKGEOYw8TkhXWxyjZF89kJTukbtUVfsYqX
         +pIe+QaG1DjlGBvNHmirSjq/7lyAOUvD2HzQ81DtbbUftbe8qTEDk9GA0IgzQd1feF6j
         Xl7LpN/GtLqpTJj6jL1IWmAtSoruCw1UWYB9g1qVV52bD5mVZ+IH+ct7MbRK/OMuheBk
         M0cZJlvQN6PMVykoJYeTwbPEl1mocTWLwCtD5QY0yUg9Rcnke8d6Vw4MoHmU64goREy/
         m2hg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=HJRrFzv6R+t3It90SR2pfswcazZC/78XC5UB+2amOgo=;
        b=ABtsSIJ3IWPF0mz24CR0+mRE+T+oMJ2CbccN8P5uD51aNGu9zqjhwmtZE5Svn7u3NH
         BYRGYVdcJbWVzdZa0qFgcrZF8g82n7vO9SpjcNahCFG9P62Eh3ub+PJ2PpprcBvBGxJI
         hNp+rpfPOoaxl1B5vBZ2slyIQptyZDPLRSJX+naDGCNJD+/DDjvwEhWPi38Qe4iJ3QM3
         EkLUomCUy6KruXZl852q5URDO64SZqSXKZQSiSADhvYjJSQSvcyPP9QQA4Mtt+O8TJYe
         6STLYGXJRpsFZLbWyoroOSnzCH0iglcJAW6v2HnrOrkiXzPmsNhLCBfcwylEncWmHdtw
         wRNA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id qp14si1366614ejb.274.2019.11.07.05.00.56;
        Thu, 07 Nov 2019 05:01:23 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2388532AbfKGM6V (ORCPT <rfc822;crosarcplusplustest@gmail.com>
        + 99 others); Thu, 7 Nov 2019 07:58:21 -0500
Received: from wtarreau.pck.nerim.net ([62.212.114.60]:14770 "EHLO 1wt.eu"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726873AbfKGM6U (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 7 Nov 2019 07:58:20 -0500
Received: (from willy@localhost)
        by pcw.home.local (8.15.2/8.15.2/Submit) id xA7Cuckt015707;
        Thu, 7 Nov 2019 13:56:38 +0100
Date:   Thu, 7 Nov 2019 13:56:38 +0100
From:   Willy Tarreau <w@1wt.eu>
To:     hpa@zytor.com
Cc:     Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@kernel.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        LKML <linux-kernel@vger.kernel.org>,
        the arch/x86 maintainers <x86@kernel.org>,
        Stephen Hemminger <stephen@networkplumber.org>,
        Juergen Gross <jgross@suse.com>,
        Sean Christopherson <sean.j.christopherson@intel.com>
Subject: Re: [patch 5/9] x86/ioport: Reduce ioperm impact for sane usage
 further
Message-ID: <20191107125638.GB15642@1wt.eu>
References: <20191106193459.581614484@linutronix.de>
 <20191106202806.241007755@linutronix.de>
 <CAHk-=wjXcS--G3Wd8ZGEOdCNRAWPaUneyN1ryShQL-_yi1kvOA@mail.gmail.com>
 <20191107082541.GF30739@gmail.com>
 <20191107091704.GA15536@1wt.eu>
 <alpine.DEB.2.21.1911071058260.4256@nanos.tec.linutronix.de>
 <71DE81AC-3AD4-47B3-9CBA-A2C7841A3370@zytor.com>
 <20191107102756.GD15536@1wt.eu>
 <5AAEF116-EC9D-4C58-878F-9D27189E123A@zytor.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5AAEF116-EC9D-4C58-878F-9D27189E123A@zytor.com>
User-Agent: Mutt/1.6.1 (2016-04-27)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Nov 07, 2019 at 02:50:20AM -0800, hpa@zytor.com wrote:
> You get access to the ports you are assigned, just like pages you are
> assigned... the rest is kernel policy, or, for that matter, privileged
> userspace (get permissions to the necessary ports, then drop privilege... the
> usual stuff.)

I agree, my point is that there's already no policy checking at the
moment ports are assigned, hence a process having the permissions to
request just port 0x70-0x71 to read the hwclock will also have permission
to request access to the sensor chip a 0x2E and trigger a watchdog
reset or stop the CPU fan. Thus any policy enforcement is solely done
by the requesting process itself, assuming it doesn't simply use iopl()
already, which grants everything.

This is why I'm really wondering if the real use cases that need all
this stuff still exist at all in practice.

Willy