Received: by 2002:a05:7412:6592:b0:d7:7d3a:4fe2 with SMTP id m18csp1848613rdg; Sat, 12 Aug 2023 21:19:32 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHETtSiJODXhGo0CkrVquiru9LdmvDMLOVjOd6OTAJsccYtAzrevsWzEInpW/b5H926D8IB X-Received: by 2002:a17:90a:9ec:b0:268:e43a:dbfd with SMTP id 99-20020a17090a09ec00b00268e43adbfdmr5564723pjo.1.1691900371798; Sat, 12 Aug 2023 21:19:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691900371; cv=none; d=google.com; s=arc-20160816; b=0WyHFik2UWSl6lLszblfoCwGcnSf6iqfGVAzFp4QybfiwwbrLd98yU07AyIAVZKHOG wg1Ki609t0ARn4X30MOqNaLmjQgcEEgKJhfkSvK2Dx7zKDkekJdNMw9PNJdGk65A6T9x VtLa/VUD5ODdRN+t5X15pybqcAUDScVzVa0FJRvTwK3MCPXDm15bDFWSLqKrrWagmnWG QZTxBwrCEKrNFHpEDyPSFzgVq+KmYRPiSPImierM3UR9SVesRvl0fZVNNDrM+j5U21X/ 68f2G2Y5dMbZsRPGK5N5s2iY9DSYJJg6W2HIUEJIi1/BAGoHfjb5rpzk4ELNEp6JkdZk YoPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :dkim-signature; bh=+/CZUr4BOJ9A4g/EJQv8nU92G8B2uTxt26ZdHAnXEYE=; fh=rY+X06ekkp1VX+qKdRcGwNXE70LHsmcz2ncNDRS0eXs=; b=S5pFqIetslrHCJ3g4tz/xB1ZaaMZCu9AkDOa6qfV5gTXW+wKNzp87wbor2fAFsbuBI DVof8aRN1hvZ31zx8Kt1nEM7PR3oiz8nEz378B4Ps9V/A7ba/60dFvuIws4jwlHkchs/ 1N/013HcTO/Ph10ZmQ0o19r3oRqlBKplfjwoZK1dM5QP1hpRz2U/XvSgIZ5VzrRIDsMt QBXL2vupQGBTGPbKjUt9Yh7pvTsHFoYAUMyZgRXWUvANA1OHF6/Avv2amErfUfTVLhuK b0cQKgfSOfglF/OI8CyZ2Y/4RgioQq8PvLE68lT2A3ulP5iD0qnVFJRMAef0HuplJ4wP SPXA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@networkplumber-org.20221208.gappssmtp.com header.s=20221208 header.b=aju+GZQH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=networkplumber.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gn2-20020a17090ac78200b002680e241697si5823026pjb.102.2023.08.12.21.19.05; Sat, 12 Aug 2023 21:19:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@networkplumber-org.20221208.gappssmtp.com header.s=20221208 header.b=aju+GZQH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=networkplumber.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230123AbjHMB7t (ORCPT + 99 others); Sat, 12 Aug 2023 21:59:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39368 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230110AbjHMB7t (ORCPT ); Sat, 12 Aug 2023 21:59:49 -0400 Received: from mail-pg1-x531.google.com (mail-pg1-x531.google.com [IPv6:2607:f8b0:4864:20::531]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A3F811718 for ; Sat, 12 Aug 2023 18:59:51 -0700 (PDT) Received: by mail-pg1-x531.google.com with SMTP id 41be03b00d2f7-53fbf2c42bfso2456668a12.3 for ; Sat, 12 Aug 2023 18:59:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=networkplumber-org.20221208.gappssmtp.com; s=20221208; t=1691891991; x=1692496791; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:from:to:cc:subject:date :message-id:reply-to; bh=+/CZUr4BOJ9A4g/EJQv8nU92G8B2uTxt26ZdHAnXEYE=; b=aju+GZQHRpAdyNoxsn8XjpHFaGx99Nac8OJpnJv7FLjEt/hK5UCfwSWuIMHUYYlreV TazrcadpFr7Y85Smp3TlAmqGKiV7L2vmJ75VWlzCnfuTBSWy9ug3uZC2vytQVrHRPDkA ymWdhmlCUhRns28plQ3nkiVwt3Z7z+JpM535sPfVX2tHJVhBbsUzPQjV1pxpN9mGfWPB L0eHjk758FaPVvLRegbFW/Y2IY6uRVxgEIGzRzBay+c/GgAq0YyJh7wP3zZTtWNj7GmJ XmvUx9KwFGaxm9rR0Gisd7PtpocRzjyJU2HsOP7vNgEmt9MybTLU1EN0k63EApvAtggc 7E1Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691891991; x=1692496791; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+/CZUr4BOJ9A4g/EJQv8nU92G8B2uTxt26ZdHAnXEYE=; b=SFS57VKbDiWldr2kLKqREXAyxRvdvlNcSF1SEB9/7tL9g4A7pI+WQIWJ2Fp8lzsjNE 9R75DU8avKeegnHfHHk0ZJhhBL5Ve2yYa9UJs5wXsQoz7+tAwgDEQzS0GMzRW9CQP1M4 nbEmO5i4TIVpA7MGkRFxIM2c6ql/8je7JkttOb2bgZjl5m6WPA2kB3Hr2hXCjxrxKb+F yqSBkv1Js+/4uzIDbbEKx6rUsrEoZ0lxzq37oiJhZrdswtJWeIV1ilDE/KMzCAGzZbq/ hGqPLWEZeBusRHlTXuXuwOdOB2yyAPn+k9VjHOdOAUxnswqZ5AnPyrwP2DVrLGKJey/8 my+A== X-Gm-Message-State: AOJu0YzfUe9y817Y/5ym5pnVmv5yvwRtIlFKFN21ExEekXi7C0Da6CbP h49KNmInBf1U3VnL3i9mJINZlw== X-Received: by 2002:a17:90a:e651:b0:268:13c4:b800 with SMTP id ep17-20020a17090ae65100b0026813c4b800mr5485381pjb.21.1691891990780; Sat, 12 Aug 2023 18:59:50 -0700 (PDT) Received: from hermes.local (204-195-127-207.wavecable.com. [204.195.127.207]) by smtp.gmail.com with ESMTPSA id m8-20020a17090a4d8800b00267ae12b80bsm7268411pjh.34.2023.08.12.18.59.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Aug 2023 18:59:50 -0700 (PDT) Date: Sat, 12 Aug 2023 18:59:48 -0700 From: Stephen Hemminger To: Bjorn Andersson Cc: Andrew Lunn , Bjorn Andersson , Konrad Dybcio , Chris Lew , Alex Elder , "David S. Miller" , Jakub Kicinski , Mathieu Poirier , , , , Subject: Re: [PATCH v2 2/4] soc: qcom: aoss: Add debugfs interface for sending messages Message-ID: <20230812185948.29f1d53b@hermes.local> In-Reply-To: <20230811233228.GT1428172@hu-bjorande-lv.qualcomm.com> References: <20230811205839.727373-1-quic_bjorande@quicinc.com> <20230811205839.727373-3-quic_bjorande@quicinc.com> <20230811233228.GT1428172@hu-bjorande-lv.qualcomm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 11 Aug 2023 16:32:28 -0700 Bjorn Andersson wrote: > On Fri, Aug 11, 2023 at 11:01:50PM +0200, Andrew Lunn wrote: > > > +static ssize_t qmp_debugfs_write(struct file *file, const char __user *userstr, > > > + size_t len, loff_t *pos) > > > +{ > > > + struct qmp *qmp = file->private_data; > > > + char buf[QMP_MSG_LEN]; > > > + int ret; > > > + > > > + if (!len || len >= QMP_MSG_LEN) > > > + return -EINVAL; > > > + > > > + if (copy_from_user(buf, userstr, len)) > > > + return -EFAULT; > > > + buf[len] = '\0'; > > > + > > > + ret = qmp_send(qmp, buf); > > > + if (ret < 0) > > > + return ret; > > > > Sorry, but you still appear to be sending binary blobs from userspace > > to the firmware. This is not liked. > > > > As mentioned in the cover letter, I do recognize your concern here. I > don't see it as a realistic way to work around the kernel for reasons of > being proprietary - given that we don't have debugfs mounted in the vast > majority of product. Anyone who cares about security, and has things like kernel lockdown turned on is going to be scared by this. If you allow API to tell firmware to do any arbitrary thing it means you could be telling firmware "please read this area of kernel memory for me"