Received: by 2002:a05:6a10:c604:0:0:0:0 with SMTP id y4csp254031pxt;
        Fri, 6 Aug 2021 00:51:07 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzasaux0jXN+4oMXdL84Q648ozWGXLhzBbCdhMt7aBARP9WFYQ2xHoDtGi2tnvwzageX4Z6
X-Received: by 2002:a92:c912:: with SMTP id t18mr1111048ilp.152.1628236267196;
        Fri, 06 Aug 2021 00:51:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1628236267; cv=none;
        d=google.com; s=arc-20160816;
        b=MBr/ZwjpdpTeShLXjckAn1Ors4Od+jcV6VjSkVWw1SPIpCyLWkEf4SgBTUI+IRDlf5
         fo2FB/t3NGJKE70E8DzFCRR8IjooZjnSp3ZEYn53CB5liSay37AcPK/yy+AWy24jS/LL
         XJMqbjRWrbUYnDoAA+6z9IV7WMvkGONBVx9lR/h/sbzbTLmpDqIbExB3SgGMi7F54Q/z
         JvttCCwObtQn4qAiA1vqNDfXnJ+4DSOfCVe9SG61hzejeGMevaQ9mk7zaNHCgzWs91CV
         N0ZeEdpy8nygYI2f+q8lk/W+NCOpbb/yv69z1W0ARrUW0xR/1sr41BNbVY29px6bv7Fg
         tgvw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=J9ZDGAi2DeA1Uj4GuXbhL6mdT9I0KDpKNe6KFA/qRN4=;
        b=Q0LcXleva7oxVUmyLLANPTmPECHOsNcFRtQ3nAmWjed+RKACPxRpe8892qa0KtrdJ0
         a3kSMc6pBYYO0qRC63KqVv9sNibGwcFjxvClYOcfaPX1b7ZHVILfskHV/rkzXclJ7AKv
         oH/LKkVVZHbJTugIfQQAnLr7M4+NhgdABNDxF8LsGE1G+XmR788p9lyxcHIrQbxUyosS
         vtbafFyIGH+nfy5SEnYEL2QEr3jIRppna3371bbh0I+jtCtmkBpykD5ecoxFqu7AnBTo
         nF3FzGaqdSryIQ60v64lhbbXFtRbPM/Tf+/l38ovZL9i4IKNtqnwUhBzcnfGTajpwZsr
         8vmQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=L4fzPjJJ;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id c16si8527932ilr.12.2021.08.06.00.50.55;
        Fri, 06 Aug 2021 00:51:07 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=L4fzPjJJ;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S243036AbhHFFSI (ORCPT <rfc822;linx.orlando.fred@gmail.com>
        + 99 others); Fri, 6 Aug 2021 01:18:08 -0400
Received: from mail.kernel.org ([198.145.29.99]:50386 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S240658AbhHFFSI (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 6 Aug 2021 01:18:08 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id 5A9ED611C9;
        Fri,  6 Aug 2021 05:17:52 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1628227072;
        bh=HHDwMPDhQd31WUDg2yNG4zsdt0gODM4KSj7IzsG0d6o=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=L4fzPjJJUTFkd5AsX6mdvrqupvJcVmu/lzg9vYQCzfJbn6EOH6K4MhWZQ9TnQ4d2+
         BByIuPIBFaYdp2t31KZRJkvaWr3a/oamUBWN2zJdm+Gu50uO/qETmyY5R280+EwItZ
         hL2TJgLVf0AxLKq4LCOZ5vCYrgXIoUDu3F8NjtCg=
Date:   Fri, 6 Aug 2021 07:17:50 +0200
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     Dan Williams <dan.j.williams@intel.com>
Cc:     Andi Kleen <ak@linux.intel.com>,
        Kuppuswamy Sathyanarayanan 
        <sathyanarayanan.kuppuswamy@linux.intel.com>,
        "Rafael J . Wysocki" <rafael@kernel.org>,
        Jonathan Corbet <corbet@lwn.net>,
        Kuppuswamy Sathyanarayanan <knsathya@kernel.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Linux Doc Mailing List <linux-doc@vger.kernel.org>
Subject: Re: [PATCH v1] driver: base: Add driver filter support
Message-ID: <YQzF/utgrJfbZuHh@kroah.com>
References: <YQuZdVuaGG/Cr62y@kroah.com>
 <YQuaJ78y8j1UmBoz@kroah.com>
 <fdf8b6b6-58c3-8392-2fc6-1908a314e991@linux.intel.com>
 <YQwlHrJBw79xhTSI@kroah.com>
 <21db8884-5aa1-3971-79ef-f173a0a95bef@linux.intel.com>
 <YQwpa+LAYt7YZ5dh@kroah.com>
 <1e0967ee-c41e-fd5d-f553-e4d7ab88838c@linux.intel.com>
 <CAPcyv4h26QmPhJKjtUB-VPc4TP95rBAer78OzkgXncg77tFWVw@mail.gmail.com>
 <9b2956f5-3acf-e798-ff0f-002d2d5254db@linux.intel.com>
 <CAPcyv4ju0kzUuamiuE=xC_DoEArk1KxD+n+-TUw0LLTWoSj2VA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAPcyv4ju0kzUuamiuE=xC_DoEArk1KxD+n+-TUw0LLTWoSj2VA@mail.gmail.com>
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Aug 05, 2021 at 06:00:25PM -0700, Dan Williams wrote:
> That said, per-device authorization is a little bit different than
> per-driver trust. Driver trust is easy to reason about for a built-in
> policy, while per-device authorization is easy for userspace to reason
> about for "why is this device not talking to its driver?".

See my other email about how the "per driver" trust is the wrong model,
you need to stick to "per device" trust.  Especially given that you are
giving control of your kernel drivers over to third parties, you already
trust them to do the right thing.

thanks,

greg k-h