On Thu, Nov 7, 2024, at 16:59, Bjorn Helgaas wrote: > On Thu, Nov 07, 2024 at 01:31:44PM +0200, Leon Romanovsky wrote: >> On Tue, Nov 5, 2024, at 18:26, Leon Romanovsky wrote: >> > On Tue, Nov 05, 2024 at 09:24:55AM -0600, Bjorn Helgaas wrote: >> >> On Tue, Nov 05, 2024 at 09:51:30AM +0200, Leon Romanovsky wrote: >> >> > On Mon, Nov 04, 2024 at 06:10:27PM -0600, Bjorn Helgaas wrote: >> >> > > On Sun, Nov 03, 2024 at 02:33:44PM +0200, Leon Romanovsky wrote: >> >> > > > On Fri, Nov 01, 2024 at 11:47:37AM -0500, Bjorn Helgaas wrote: >> >> > > > > On Fri, Nov 01, 2024 at 04:33:00PM +0200, Leon Romanovsky wrote: >> >> > > > > > On Thu, Oct 31, 2024 at 06:22:52PM -0500, Bjorn Helgaas wrote: >> >> > > > > > > On Tue, Oct 29, 2024 at 07:04:50PM -0500, Bjorn Helgaas wrote: >> >> > > > > > > > On Mon, Oct 28, 2024 at 10:05:33AM +0200, Leon Romanovsky wrote: >> >> > > > > > > > > From: Leon Romanovsky <leonro@xxxxxxxxxx> >> >> > > > > > > > > >> >> > > > > > > > > The Virtual Product Data (VPD) attribute is not >> >> > > > > > > > > readable by regular user without root permissions. >> >> > > > > > > > > Such restriction is not really needed, as data >> >> > > > > > > > > presented in that VPD is not sensitive at all. >> >> > > > > > > > > >> >> > > > > > > > > This change aligns the permissions of the VPD >> >> > > > > > > > > attribute to be accessible for read by all users, >> >> > > > > > > > > while write being restricted to root only. >> >> > ... >> >> >> >> > > What's the use case? How does an unprivileged user use the VPD >> >> > > information? >> >> > >> >> > We have to add new field keyword=value in VA section of VPD, which >> >> > will indicate very specific sub-model for devices used as a bridge. >> >> > >> >> > > I can certainly imagine using VPD for bug reporting, but that >> >> > > would typically involve dmesg, dmidecode, lspci -vv, etc, all of >> >> > > which already require privilege, so it's not clear to me how >> >> > > public VPD info would help in that scenario. >> >> > >> >> > I'm targeting other scenario - monitoring tool, which doesn't need >> >> > root permissions for reading data. It needs to distinguish between >> >> > NIC sub-models. >> >> >> >> Maybe the driver could expose something in sysfs? Maybe the driver >> >> needs to know the sub-model as well, and reading VPD once in the >> >> driver would make subsequent userspace sysfs reads trivial and fast. >> > >> > Our PCI driver lays in netdev subsystem and they have long-standing >> > position do not allow any custom sysfs files. To be fair, we (RDMA) >> > don't allow custom sysfs files too. >> > >> > Driver doesn't need to know this information as it is extra key=value in >> > existing [VA] field, while driver relies on multiple FW capabilities >> > to enable/disable functionality. >> > >> > Current [VA] line: >> > "[VA] Vendor specific: >> > MLX:MN=MLNX:CSKU=V2:UUID=V3:PCI=V0:MODL=CX713106A" >> > Future [VA] line: >> > "[VA] Vendor specific: >> > MLX:MN=MLNX:CSKU=V2:UUID=V3:PCI=V0:MODL=CX713106A,SMDL=SOMETHING" >> > >> > Also the idea that we will duplicate existing functionality doesn't >> > sound like a good approach to me, and there is no way that it is >> > possible to expose as subsystem specific file. >> > >> > What about to allow existing VPD sysfs file to be readable for everyone >> > for our devices? >> > And if this allow list grows to much, we will open it for all devices >> > in the world? >> >> Bjorn, >> >> I don't see this patch in >> https://git.kernel.org/pub/scm/linux/kernel/git/pci/pci.git/log/?h=next >> So what did you decide? How can we enable existing VPD access to >> regular users? > > I think it's too risky to enable VPD to be readable by all users. So what about to enable it for mlx5 devices? Thanks > > Bjorn
