From ce7c88600bf8ec0d12cf8e147907f96cd58eeb2e Mon Sep 17 00:00:00 2001 From: Kelvin Cao Date: Mon, 6 Jan 2020 12:03:35 -0700 Subject: [PATCH] PCI/switchtec: Add Gen4 MRPC GAS access permission check Gen4 hardware provides new MRPC commands to read and write directly from any address in the PCI BAR (which Microsemi refers to as GAS). Since accessing BARs can be dangerous and break the driver, we don't want unprivileged users to have this ability. Therefore, require CAP_SYS_ADMIN for the local and remote GAS access MRPC commands. Privileged processes will already have access to the BAR through the sysfs resource file so this doesn't give userspace any capabilities it didn't already have. [logang@deltatee.com: rework commit message] Link: https://lore.kernel.org/r/20200106190337.2428-11-logang@deltatee.com Signed-off-by: Kelvin Cao Signed-off-by: Logan Gunthorpe Signed-off-by: Bjorn Helgaas --- drivers/pci/switch/switchtec.c | 6 ++++++ include/linux/switchtec.h | 5 +++++ 2 files changed, 11 insertions(+) diff --git a/drivers/pci/switch/switchtec.c b/drivers/pci/switch/switchtec.c index af85d232d200..92b95e8067c0 100644 --- a/drivers/pci/switch/switchtec.c +++ b/drivers/pci/switch/switchtec.c @@ -479,6 +479,12 @@ static ssize_t switchtec_dev_write(struct file *filp, const char __user *data, rc = -EFAULT; goto out; } + if (((MRPC_CMD_ID(stuser->cmd) == MRPC_GAS_WRITE) || + (MRPC_CMD_ID(stuser->cmd) == MRPC_GAS_READ)) && + !capable(CAP_SYS_ADMIN)) { + rc = -EPERM; + goto out; + } data += sizeof(stuser->cmd); rc = copy_from_user(&stuser->data, data, size - sizeof(stuser->cmd)); diff --git a/include/linux/switchtec.h b/include/linux/switchtec.h index e85155244135..082f1d51957a 100644 --- a/include/linux/switchtec.h +++ b/include/linux/switchtec.h @@ -21,6 +21,11 @@ #define SWITCHTEC_EVENT_FATAL BIT(4) #define SWITCHTEC_DMA_MRPC_EN BIT(0) + +#define MRPC_GAS_READ 0x29 +#define MRPC_GAS_WRITE 0x87 +#define MRPC_CMD_ID(x) ((x) & 0xffff) + enum { SWITCHTEC_GAS_MRPC_OFFSET = 0x0000, SWITCHTEC_GAS_TOP_CFG_OFFSET = 0x1000, -- 2.45.2