diff options
| author | Arjan van de Ven <arjan@linux.intel.com> | 2024-04-24 14:43:22 +0000 |
|---|---|---|
| committer | Arjan van de Ven <arjan@linux.intel.com> | 2024-05-13 14:07:40 +0000 |
| commit | e11452eb071b2a8e6ba52892b2e270bbdaa6640d (patch) | |
| tree | 42c2b4a782fc0c5900d425f11eb7b97e4cb297d4 /drivers/dma/idxd/idxd.h | |
| parent | 95feb3160eef0caa6018e175a5560b816aee8e79 (diff) | |
| download | lwn-e11452eb071b2a8e6ba52892b2e270bbdaa6640d.tar.gz lwn-e11452eb071b2a8e6ba52892b2e270bbdaa6640d.zip | |
dmaengine: idxd: add a new security check to deal with a hardware erratum
On Sapphire Rapids and related platforms, the DSA and IAA devices have an
erratum that causes direct access (for example, by using the ENQCMD or
MOVDIR64 instructions) from untrusted applications to be a security problem.
To solve this, add a flag to the PCI device enumeration and device structures
to indicate the presence/absence of this security exposure. In the mmap()
method of the device, this flag is then used to enforce that the user
has the CAP_SYS_RAWIO capability.
In a future patch, a write() based method will be added that allows untrusted
applications submit work to the accelerator, where the kernel can do
sanity checking on the user input to ensure secure operation of the accelerator.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Diffstat (limited to 'drivers/dma/idxd/idxd.h')
| -rw-r--r-- | drivers/dma/idxd/idxd.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/drivers/dma/idxd/idxd.h b/drivers/dma/idxd/idxd.h index 7b98944135eb..868b724a3b75 100644 --- a/drivers/dma/idxd/idxd.h +++ b/drivers/dma/idxd/idxd.h @@ -288,6 +288,7 @@ struct idxd_driver_data { int evl_cr_off; int cr_status_off; int cr_result_off; + bool user_submission_safe; load_device_defaults_fn_t load_device_defaults; }; @@ -374,6 +375,8 @@ struct idxd_device { struct dentry *dbgfs_dir; struct dentry *dbgfs_evl_file; + + bool user_submission_safe; }; static inline unsigned int evl_ent_size(struct idxd_device *idxd) |