Received: by 2002:a05:6a10:c604:0:0:0:0 with SMTP id y4csp660363pxt; Fri, 6 Aug 2021 10:31:34 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzv4jJA8bkln13ri+bjbCIoo8hqTE1E4h1bnwwHiic1UUXO4kSZnAzlFs3tguAN7RX0FcOs X-Received: by 2002:a92:da07:: with SMTP id z7mr1565516ilm.73.1628271093999; Fri, 06 Aug 2021 10:31:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1628271093; cv=none; d=google.com; s=arc-20160816; b=PnE79VM9dCVe8DU+TZRo+MB4oeHoLz5QRywcdJAxk78j2pfCLQH25xuTTiqYR/IYXW EisfOHs9DrIc0tHPi+dhZ4cPlagsdszSJ47NONvhgcV5YNpzIzNvNLf402JBf0AilIme NhUUaJB2O5Ls56DtEu1lfV0uoc8kP05S0EnUr8gHf4746y83QtKc0nVSobHugHR1B5Xz BUjV4P6ZzP8oCuN51OS9/ixAnlLRnVAfgUVZogxvriu8ItOKpXs4C1LmgCt7JAlcjIau L0f4ukG1YF1B5gnE408xQQK3ysUVOGPZBsWKdafySK3A5UcEWLkUVtvSNHjFqkAYDutE 3Yxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :organization:references:in-reply-to:message-id:subject:cc:to:from :date; bh=UU1fgcOisV7rOIH9Z/Rqx3AvcRqqhrxj8oW77PsofAw=; b=WzWvBs701JU5MpyB2gOzWZzcygfgaTZTlUM+dnkBNrHklgo7jwUF1LCTWYOdk2xCdG SEV2y/iXZtcnf0UKRFfzQ+Ag/uzcCCe+ekgBljVkFAfkT5VwVRuwuWA8gJGGq3D/lE2B f/hUJAgiBMskugdQQCJBj3o1JR5fWNCs3oJYWvlpOjpF2ldfsnt6iZDIya39fdQPS7vu ThEYUlnswz4V3plFWMQaJdla9FasYtPSC4m0RcS+viovhuyOKX32aoVt9cDdFDVFzu0L fxMB+b1wrqDNWtVaU9YIZesYF65hBEmANhnXbJ/UR2ZJjLs8QEbDgZ3J4NWdgCxmIqOq qh7Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=huawei.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q17si10371763ilm.64.2021.08.06.10.31.21; Fri, 06 Aug 2021 10:31:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S245376AbhHFLQ1 (ORCPT + 99 others); Fri, 6 Aug 2021 07:16:27 -0400 Received: from frasgout.his.huawei.com ([185.176.79.56]:3604 "EHLO frasgout.his.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229836AbhHFLQ1 (ORCPT ); Fri, 6 Aug 2021 07:16:27 -0400 Received: from fraeml744-chm.china.huawei.com (unknown [172.18.147.206]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4Gh2w70PJGz6BCPp; Fri, 6 Aug 2021 19:15:51 +0800 (CST) Received: from lhreml710-chm.china.huawei.com (10.201.108.61) by fraeml744-chm.china.huawei.com (10.206.15.225) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.2; Fri, 6 Aug 2021 13:16:09 +0200 Received: from localhost (10.52.123.57) by lhreml710-chm.china.huawei.com (10.201.108.61) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.2; Fri, 6 Aug 2021 12:16:08 +0100 Date: Fri, 6 Aug 2021 12:15:38 +0100 From: Jonathan Cameron To: Dan Williams CC: Greg Kroah-Hartman , "Kuppuswamy, Sathyanarayanan" , Andi Kleen , "Rafael J . Wysocki" , "Jonathan Corbet" , Kuppuswamy Sathyanarayanan , Linux Kernel Mailing List , "Linux Doc Mailing List" Subject: Re: [PATCH v1] driver: base: Add driver filter support Message-ID: <20210806121538.00004e7d@Huawei.com> In-Reply-To: References: <21db8884-5aa1-3971-79ef-f173a0a95bef@linux.intel.com> <7d6751b1-c476-51d3-25c6-b65c0e93d23b@linux.intel.com> Organization: Huawei Technologies Research and Development (UK) Ltd. X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.33; i686-w64-mingw32) MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Originating-IP: [10.52.123.57] X-ClientProxiedBy: lhreml740-chm.china.huawei.com (10.201.108.190) To lhreml710-chm.china.huawei.com (10.201.108.61) X-CFilter-Loop: Reflected Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 5 Aug 2021 12:52:30 -0700 Dan Williams wrote: > [ add Jonathan ] > > On Thu, Aug 5, 2021 at 12:28 PM Greg Kroah-Hartman > wrote: > > > > On Thu, Aug 05, 2021 at 12:18:12PM -0700, Dan Williams wrote: > > > On Thu, Aug 5, 2021 at 12:12 PM Greg Kroah-Hartman > > > wrote: > > > > > > > > On Thu, Aug 05, 2021 at 11:53:52AM -0700, Kuppuswamy, Sathyanarayanan wrote: > > > > > I am not sure how USB and Thunderbolt "authorzied" model works. But I > > > > > don't think it prevents built-in driver probes during kernel boot right? > > > > > > > > Yes it does. > > > > > > > > Again Intel created this framework well over a decade ago for busses > > > > that it deemed that it did not want to "trust" to instantly probe > > > > drivers for and made it part of the Wireless USB specification. > > > > > > > > Then Intel went and added the same framework to Thunderbolt for the same > > > > reason. > > > > > > > > To ignore this work is quite odd, you might want to talk to your > > > > coworkers... > > > > > > Sometimes we need upstream to connect us wayward drones back into the > > > hive mind. Forgive me for not immediately recognizing that the > > > existing 'authorized' mechanisms might be repurposed for this use > > > case. > > > > Not your fault, I'm more amazed that Andi doesn't remember this, he's > > been around longer :) > > > > In the driver core? No, not so much, and I do remember it flying by, > just did not connect the dots. In fact, it had just gone upstream when > you and I had that thread about blocking PCI drivers [1], September > 2017 vs June 2017 when the Thunderbolt connection manager was merged. > There was no internal review process back then so I failed to > internalize its implications for this TDX filter. You had taken the > time to review it in a way that I had not. > > > But the first instinct should not be "let's go add a new feature", but > > rather, "how has this problem been solved by others first" because, > > really, this is not a new issue at all. You should not rely on just me > > to point out existing kernel features, we do have documentation you > > know... > > I have added, "review driver core attribute proposal for duplication > of bus-local capabilities" to my review checklist. > > The good news is I think this generic authorization support in the > core may answer one of Jonathan's questions about how to integrate PCI > SPDM/CMA support [2]. Definitely an interesting discussion, and the SPDM stuff feeds into Greg's point about establishing trust with hardware. If anyone is looking at the USB authentication specification (which is more or less SPDM), would be good to align on that. My current model is really basic (driver checks and fails probe if failure occurs). Definitely better to bolt into standard approach. *Goes off to read up on this topic* Thanks for highlighting this thread Dan, Jonathan > > [1]: https://lore.kernel.org/lkml/20170928090901.GC12599@kroah.com/ > [2]: https://lore.kernel.org/r/20210804161839.3492053-1-Jonathan.Cameron@huawei.com