On Tue, Sep 7, 2021 at 9:47 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote:
> On Tue, Sep 7, 2021 at 1:39 PM Dan Williams <dan.j.williams@xxxxxxxxx> wrote:
> > On Fri, Sep 3, 2021 at 8:57 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote:
> > >
> > > On Fri, Sep 3, 2021 at 10:20 PM Dan Williams <dan.j.williams@xxxxxxxxx> wrote:
> > > >
> > > > A proposed rework of security_locked_down() users identified that the
> > > > cxl_pci driver was passing the wrong lockdown_reason. Update
> > > > cxl_mem_raw_command_allowed() to fail raw command access when raw pci
> > > > access is also disabled.
> > > >
> > > > Fixes: 13237183c735 ("cxl/mem: Add a "RAW" send command")
> > > > Cc: Ben Widawsky <ben.widawsky@xxxxxxxxx>
> > > > Cc: Jonathan Cameron <Jonathan.Cameron@xxxxxxxxxx>
> > > > Cc: <stable@xxxxxxxxxxxxxxx>
> > > > Cc: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
> > > > Cc: Paul Moore <paul@xxxxxxxxxxxxxx>
> > > > Signed-off-by: Dan Williams <dan.j.williams@xxxxxxxxx>
> > > > ---
> > > > drivers/cxl/pci.c | 2 +-
> > > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > Hi Dan,
> > >
> > > Thanks for fixing this up. Would you mind if this was included in
> > > Ondrej's patchset, or would you prefer to merge it via another tree
> > > (e.g. cxl)?
> >
> > I was planning to merge this via the cxl tree for v5.15-rc1.
>
> Okay, thanks.
And I can see the patch is now in Linus' tree, so if Paul agrees I'll
rebase the patch on top of v5.15-rc1 once it's tagged and do one more
respin. There are a few other minor conflicts and one new
security_locked_down() call to cover, anyway.
Dan, is it okay if I preserve your Acked-by from the last version?
There will be no other change in the cxl area than rebasing on top of
this patch.
Thank you for taking care of the fix!
--
Ondrej Mosnacek
Software Engineer, Linux Security - SELinux kernel
Red Hat, Inc.
