> -----Original Message-----
> From: Gupta, Nipun
> Sent: Friday, April 7, 2023 10:35 AM
> To: Jason Gunthorpe <jgg@xxxxxxxx>
> Cc: alex.williamson@xxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx;
> kvm@xxxxxxxxxxxxxxx; git (AMD-Xilinx) <git@xxxxxxx>; Anand, Harpreet
> <harpreet.anand@xxxxxxx>; Simek, Michal <michal.simek@xxxxxxx>;
> Agarwal, Nikhil <nikhil.agarwal@xxxxxxx>; Jansen Van Vuuren, Pieter
> <pieter.jansen-van-vuuren@xxxxxxx>; okaya@xxxxxxxxxx
> Subject: Re: [PATCH] vfio/cdx: add support for CDX bus
>
<snip>
>
> >
> >> +static void vfio_cdx_close_device(struct vfio_device *core_vdev)
> >> +{
> >> + struct vfio_cdx_device *vdev =
> >> + container_of(core_vdev, struct vfio_cdx_device, vdev);
> >> + int ret;
> >> +
> >> + vfio_cdx_regions_cleanup(vdev);
> >> +
> >> + /* reset the device before cleaning up the interrupts */
> >> + ret = vfio_cdx_reset_device(vdev);
> >> + if (WARN_ON(ret))
> >> + dev_warn(core_vdev->dev,
> >> + "VFIO_CDX: reset device has failed (%d)\n", ret);
> >
> > This is pretty problematic.. if the reset can fail the device is
> > returned to the system in an unknown state and it seems pretty likely
> > that it can be a way to attack the kernel.
>
> We will update the code to disable the device in case of failures.
We double checked with firmware/hardware team, when driver sends CDX
device reset command to firmware, it actually quiesce and then reset the device.
So, the device remains disabled in case of failures.
Regards,
Nipun
