When the PF is configured for admin‑only mode, it is restricted to management functions and should not allow users to run workloads. Suppress device capabilities to userspace in admin-only PF mode.
Signed-off-by: Satyanarayana K V P <[email protected]> Cc: Michal Wajdeczko <[email protected]> Cc: Rodrigo Vivi <[email protected]> Cc: Piotr Piórkowski <[email protected]> Cc: Matthew Brost <[email protected]> Cc: Thomas Hellström <[email protected]> Cc: Michał Winiarski <[email protected]> Cc: Dunajski Bartosz <[email protected]> Cc: [email protected] --- V3 -> V4: - Suppressed device capabilities in admin-only PF mode. (Wajdeczko) V2 -> V3: - Introduced new helper function xe_debugfs_create_files() to create debugfs entries based on admin_only_pf mode or normal mode. V1 -> V2: - Rebased to latest drm-tip. - Update update_minor_dev() to debugfs_minor_dev(). --- drivers/gpu/drm/xe/xe_device.c | 14 ++++++++++++++ drivers/gpu/drm/xe/xe_query.c | 11 ++++++++++- drivers/gpu/drm/xe/xe_sriov.h | 8 ++++++++ 3 files changed, 32 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/xe/xe_device.c b/drivers/gpu/drm/xe/xe_device.c index 3462645ca13c..7bf462eed917 100644 --- a/drivers/gpu/drm/xe/xe_device.c +++ b/drivers/gpu/drm/xe/xe_device.c @@ -25,6 +25,7 @@ #include "regs/xe_regs.h" #include "xe_bo.h" #include "xe_bo_evict.h" +#include "xe_configfs.h" #include "xe_debugfs.h" #include "xe_defaults.h" #include "xe_devcoredump.h" @@ -213,6 +214,11 @@ static const struct drm_ioctl_desc xe_ioctls[] = { DRM_RENDER_ALLOW), }; +static const struct drm_ioctl_desc xe_pf_admin_only_ioctls[] = { + DRM_IOCTL_DEF_DRV(XE_DEVICE_QUERY, xe_query_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(XE_OBSERVATION, xe_observation_ioctl, DRM_RENDER_ALLOW), +}; + static long xe_drm_ioctl(struct file *file, unsigned int cmd, unsigned long arg) { struct drm_file *file_priv = file->private_data; @@ -442,6 +448,14 @@ struct xe_device *xe_device_create(struct pci_dev *pdev, struct xe_device *xe; int err; + if (xe_configfs_admin_only_pf(pdev)) { + driver.ioctls = xe_pf_admin_only_ioctls; + driver.num_ioctls = ARRAY_SIZE(xe_pf_admin_only_ioctls); + } else { + driver.ioctls = xe_ioctls; + driver.num_ioctls = ARRAY_SIZE(xe_ioctls); + } + xe_display_driver_set_hooks(&driver); err = aperture_remove_conflicting_pci_devices(pdev, driver.name); diff --git a/drivers/gpu/drm/xe/xe_query.c b/drivers/gpu/drm/xe/xe_query.c index 34db266b723f..1416ab7be809 100644 --- a/drivers/gpu/drm/xe/xe_query.c +++ b/drivers/gpu/drm/xe/xe_query.c @@ -215,7 +215,10 @@ static int query_engines(struct xe_device *xe, i++; } - engines->num_engines = i; + if (xe_device_is_admin_only(xe)) + engines->num_engines = 0; + else + engines->num_engines = i; if (copy_to_user(query_ptr, engines, size)) { kfree(engines); @@ -297,6 +300,9 @@ static int query_mem_regions(struct xe_device *xe, } } + if (xe_device_is_admin_only(xe)) + mem_regions->num_mem_regions = 0; + if (!copy_to_user(query_ptr, mem_regions, size)) ret = 0; else @@ -419,6 +425,9 @@ static int query_gt_list(struct xe_device *xe, struct drm_xe_device_query *query iter++; } + if (xe_device_is_admin_only(xe)) + gt_list->num_gt = 0; + if (copy_to_user(query_ptr, gt_list, size)) { kfree(gt_list); return -EFAULT; diff --git a/drivers/gpu/drm/xe/xe_sriov.h b/drivers/gpu/drm/xe/xe_sriov.h index 72e55543c30e..be426afa90b1 100644 --- a/drivers/gpu/drm/xe/xe_sriov.h +++ b/drivers/gpu/drm/xe/xe_sriov.h @@ -37,6 +37,14 @@ static inline bool xe_device_is_sriov_vf(const struct xe_device *xe) return xe_device_sriov_mode(xe) == XE_SRIOV_MODE_VF; } +static inline bool xe_device_is_admin_only(const struct xe_device *xe) +{ + if (xe_device_is_sriov_pf(xe) && xe->sriov.pf.admin_only) + return true; + else + return false; +} + #define IS_SRIOV_PF(xe) xe_device_is_sriov_pf(xe) #define IS_SRIOV_VF(xe) xe_device_is_sriov_vf(xe) -- 2.43.0
