On Tue, Nov 12, 2024 at 09:26:04AM +0200, Leon Romanovsky wrote: > On Tue, Nov 12, 2024 at 07:44:09AM +0100, Heiner Kallweit wrote: > > On 12.11.2024 01:34, Stephen Hemminger wrote: > > > On Mon, 11 Nov 2024 14:41:04 -0600 > > > Bjorn Helgaas <helgaas@xxxxxxxxxx> wrote: > > > > > >> On Thu, Nov 07, 2024 at 08:56:56PM +0200, Leon Romanovsky wrote: > > >>> From: Leon Romanovsky <leonro@xxxxxxxxxx> > > >>> > > >>> The Vital Product Data (VPD) attribute is not readable by regular > > >>> user without root permissions. Such restriction is not really needed > > >>> for many devices in the world, as data presented in that VPD is not > > >>> sensitive and access to the HW is safe and tested. > > >>> > > >>> This change aligns the permissions of the VPD attribute to be accessible > > >>> for read by all users, while write being restricted to root only. > > >>> > > >>> For the driver, there is a need to opt-in in order to allow this > > >>> functionality. > > >> > > >> I don't think the use case is very strong (and not included at all > > >> here). > > >> > > >> If we do need to do this, I think it's a property of the device, not > > >> the driver. > > > > > > I remember some broken PCI devices, which will crash if VPD is read. > > > Probably not worth opening this can of worms. > > > > These crashes shouldn't occur any longer. There are two problematic cases: > > 1. Reading past end of VPD > > This used to crash certain devices and was fixed by stop reading at > > the VPD end tag. > > 2. Accessing VPD if device firmware isn't correctly loaded and initialized > > This affects certain LSI devices, which are blacklisted so that PCI core > > prevents VPD access. > > Thanks for the information. > > Bjorn, > > After this response, do you still think that v0 [1] is not the right way > to change the read permission? > > [1] https://lore.kernel.org/all/65791906154e3e5ea12ea49127cf7c707325ca56.1730102428.git.leonro@xxxxxxxxxx/ Yes, I still think it's unnecessarily risky to make VPD readable by ordinary users. This is a pretty niche use case. Bjorn
