Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp995195pxb; Fri, 1 Oct 2021 00:35:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy7GCQpNNREUvCsn3WkEb3tw4nzYr/JOjt8mAjRhPfOObrCj+h66aouW46O6QFyTN7CzrSj X-Received: by 2002:a17:906:5d6:: with SMTP id t22mr4636406ejt.98.1633073717663; Fri, 01 Oct 2021 00:35:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1633073717; cv=none; d=google.com; s=arc-20160816; b=pqbW3kBlOo2bMDZt2/0sOCqPLCnC59FhIqgCejJ/fPC46i3CFqIeVsMyIESrORFhqz tB5Sz/B7y+TxiwJ+cPAyfoCnl05ZIiKtLCslsTocfhlusKLwqOygnArGTR//doZ2yiUh b6L75S5kS1CIyksOZoIKuodFoVyJ1PPVgX4c57gZ3TkNYboYe9BGVPOvKt+I7bIoWdmd RB7uDu7GpCHjkgkHEukB8XhJb0DK7VNCBSR3hqAPJ93PKS44kP7NIxMIUx0qmDU8Y9Ly e/5go9ffpMoZ5vXDf25EKNWLeu0ZkA7kN0FetUkY5ZvEbheFo+V2SAiujko+Z9wxULbT XtvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=sqWpg8MuK++FpDp6o5xIHiy1UKfYJqLaBv//gU01dZA=; b=F3Ff9fC8Rf5oBie6N7IVSplLXlCi4sbB4uifWrcdeVLldM9dqiyRE2y0A+IDGTkBcU PsOxFqYEr2a9CvxbkoB09QDqsQLSpgjCNU6ucopDZ2FpnXvXpDNGNKyyX0/MOjP+djgS noRJGYh7qPtX3D5QJoqfd0NKdAr/aWMugVBi9kp+aVbhLIbNCLLFWd6R45QqO/MZF0jZ lobqIdX3HWxItyhz5T7lWgVe4FD8BXbkKfWAlBnsvSLLpoWjpgX5ZqkhW9pCth2XQYIK INnNCsabg1oo1nzCDwzOWXII4QQ85vhf1E3y18tDewsP0GX4m3B6e93ZG70IxZbVXjaq elSw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=hVvERRio; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id kf3si7431387ejc.366.2021.10.01.00.34.38; Fri, 01 Oct 2021 00:35:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=hVvERRio; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1352517AbhJAHbc (ORCPT + 99 others); Fri, 1 Oct 2021 03:31:32 -0400 Received: from mail.kernel.org ([198.145.29.99]:47618 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231431AbhJAHbb (ORCPT ); Fri, 1 Oct 2021 03:31:31 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 4C2E861A51; Fri, 1 Oct 2021 07:29:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1633073388; bh=6ZrgR9l0FJZySMqf3l7bNeL0L7lIFADsOxvQCQs3h6k=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=hVvERRioo1zewV9pxBkLVVH/zGi2gt/e4e5utnqjxS8xqMh3CwTYLbEo64kGaNIqC LunCtGlNHJct0eyKQLLxTBtd3exVs6PUmTrJwps8962fg94M0+u5P22+hdrtdSTBJk svh6HKuj0dO2zp/tXQrY+wty2V+MtStOZcuVsxxQ= Date: Fri, 1 Oct 2021 09:29:45 +0200 From: Greg KH To: "David E. Box" Cc: lee.jones@linaro.org, hdegoede@redhat.com, mgross@linux.intel.com, bhelgaas@google.com, andriy.shevchenko@linux.intel.com, srinivas.pandruvada@intel.com, linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-pci@vger.kernel.org Subject: Re: [PATCH 5/5] platform/x86: Add Intel Software Defined Silicon driver Message-ID: References: <20211001012815.1999501-1-david.e.box@linux.intel.com> <20211001012815.1999501-6-david.e.box@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20211001012815.1999501-6-david.e.box@linux.intel.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Sep 30, 2021 at 06:28:15PM -0700, David E. Box wrote: > +static long sdsi_device_ioctl(struct file *file, unsigned int cmd, unsigned long arg) > +{ > + struct miscdevice *miscdev = file->private_data; > + struct sdsi_priv *priv = to_sdsi_priv(miscdev); > + void __user *argp = (void __user *)arg; > + long ret = -EINVAL; > + > + if (!priv->dev_present) > + return -ENODEV; > + > + if (!priv->sdsi_enabled) > + return -EPERM; > + > + if (cmd == SDSI_IF_READ_STATE) > + return sdsi_if_read_state_cert(priv, argp); > + > + mutex_lock(&priv->akc_lock); > + switch (cmd) { > + case SDSI_IF_PROVISION_AKC: > + /* > + * While writing an authentication certificate disallow other openers > + * from using AKC or CAP. > + */ > + if (!priv->akc_owner) > + priv->akc_owner = file; > + > + if (priv->akc_owner != file) { Please explain how this test would ever trigger and how you tested it? What exactly are you trying to protect from here? If userspace has your file descriptor, it can do whatever it wants, don't try to be smarter than it as you will never win. And why are you using ioctls at all here? As you are just reading/writing to the hardware directly, why not just use a binary sysfs file to be that pipe? What requires an ioctl at all? thanks, greg k-h