On Mon, May 04, 2020 at 01:47:27PM +0200, Jean-Philippe Brucker wrote: > Hi, > > On Fri, May 01, 2020 at 04:07:10PM -0700, Rajat Jain wrote: > > Hi, > > > > Currently, the PCI subsystem marks the PCI devices as "untrusted", if > > the firmware asks it to: > > > > 617654aae50e ("PCI / ACPI: Identify untrusted PCI devices") > > 9cb30a71acd4 ("PCI: OF: Support "external-facing" property") > > > > An "untrusted" device indicates a (likely external facing) device that > > may be malicious, and can trigger DMA attacks on the system. It may > > also try to exploit any vulnerabilities exposed by the driver, that > > may allow it to read/write unintended addresses in the host (e.g. if > > DMA buffers for the device, share memory pages with other driver data > > structures or code etc). > > > > High Level proposal > > =============== > > Currently, the "untrusted" device property is used as a hint to enable > > IOMMU restrictions (on Intel), disable ATS (on ARM) etc. We'd like to > > go a step further, and allow the administrator to build a list of > > whitelisted drivers for these "untrusted" devices. > > How about letting the administrator whitelist devices that are trusted, > rather than whitelisting drivers? Uh, I completely missed the point. Your proposal is about preventing from binding any untrusted devices to non-whitelisted drivers. Please disregard my reply :) Thanks, Jean > > The "thunderclap" attack [1] emulates an existing device using an FPGA in > order to get probed by the device driver, and then bypasses a weakened > IOMMU. By design the driver cannot differentiate a well-behaved device > from a malicious one, so changing the trust level of the driver doesn't > feel like the right way. What the admin wants to say is "I trust this > port, no one is plugging any malicious device in here." > > Then you could also make the option 3-way: either keep the default trust > fixed by FW, or manually set "trusted" or "untrusted". > > For reference there have been several discussions, recently, about letting > admins change IOMMU configuration for a device. A PCI command-line option > [2] was suggested, but I think the current proposal is a sysfs knob on > IOMMU groups [3], that can be changed while devices are unbound from > drivers. It's not completely relevant since the "untrusted" property isn't > tied to the IOMMU subsystem, but seemed worth mentioning. > > [1] https://thunderclap.io/thunderclap-paper-ndss2019.pdf > [2] https://lore.kernel.org/linux-iommu/20200101052648.14295-3-baolu.lu@xxxxxxxxxxxxxxx/ > [3] https://lore.kernel.org/linux-iommu/5aa5ef20ff81f706aafa9a6af68cef98fe60ad0f.1581619464.git.sai.praneeth.prakhya@xxxxxxxxx/ > > Thanks, > Jean > > > This whitelist of > > drivers are the ones that he trusts enough to have little or no > > vulnerabilities. (He may have built this list of whitelisted drivers > > by a combination of code analysis of drivers, or by extensive testing > > using PCIe fuzzing etc). We propose that the administrator be allowed > > to specify this list of whitelisted drivers to the kernel, and the PCI > > subsystem to impose this behavior: > > > > 1) The "untrusted" devices can bind to only "whitelisted drivers". > > 2) The other devices (i.e. dev->untrusted=0) can bind to any driver. > > > > Of course this behavior is to be imposed only if such a whitelist is > > provided by the administrator. > > > > Details > > ====== > > > > 1) A kernel argument ("pci.impose_driver_whitelisting") to enable > > imposing of whitelisting by PCI subsystem. > > > > 2) Add a flag ("whitelisted") in struct pci_driver to indicate whether > > the driver is whitelisted. > > > > 3) Use the driver's "whitelisted" flag and the device's "untrusted" > > flag, to make a decision about whether to bind or not in > > pci_bus_match() or similar. > > > > 4) A mechanism to allow the administrator to specify the whitelist of > > drivers. I think this needs more thought as there are multiple > > options. > > > > a) Expose individual driver's "whitelisted" flag to userspace so a > > boot script can whitelist that driver. There are questions that still > > need answered though e.g. what to do about the devices that may have > > already been enumerated and rejected by then? What to do with the > > already bound devices, if the user changes a driver to remove it from > > the whitelist. etc. > > > > b) Provide a way to specify the whitelist via the kernel command > > line. Accept a ("pci.whitelist") kernel parameter which is a comma > > separated list of driver names (just like "module_blacklist"), and > > then use it to initialize each driver's "whitelisted" flag as the > > drivers are registered. Essentially this would mean that the whitelist > > of devices cannot be changed after boot. > > > > To me (b) looks a better option but I think a future requirement would > > be the ability to remove the drivers from the whitelist after boot > > (adding drivers to whitelist at runtime may not be that critical IMO) > > > > WDYT? > > > > Thanks, > > > > Rajat