| Message ID | 20221206011501.464916-1-dave@stgolabs.net |
|---|---|
| Headers | show |
| Series | cxl: BG operations and device sanitation | expand |
Davidlohr Bueso wrote: > Hi, > > This series adds support for the rest of the security related cxl operation > which are not strictly dependent on PMEM. > > Patch 1 adds the required background cmd handling bits. While this is currently > only polling support, the idea is to follow up with an irq support once the > bits land in Ira's event work. All polling-specific code has been marked > as __maybe_unused. I will take a look, but this tends to put me in the mindset of this is v6.3 material that should wait for its user. Was that your intent? > Patch 2 implements the sanitation commands (overwrite and secure erase). My concern with landing non-PMEM secure erase is that it is not scoped by partition type, and there is no existing appartus like there is on the nvdimm side to make sure an erase event does not collide with a device in active use. However, this is just my reaction to the cover letter, maybe you covered that aspect in the patches. > Patch 3 adds a support for secure erase mocking. > > As for testing, while I used the mock device to test the secure erase command, I > ended up hacking up a prototype[0] for qemu to support overwrite and bg commands. > So while the some of the paths this series introduces have been exercised, there > is of course a lot more to do. > > Applies on top of the 'for-6.2/cxl-security' in cxl.git. > > Changes from rfc (https://lore.kernel.org/linux-cxl/20220804045029.2905056-1-dave@stgolabs.net/): > > * Patch 1: > - Added a cxlds->mbox_irq flag in order to separate the polling-specific requirements. > - Made bg workqueue concurrent. > - Address iteration mem commands style (Jonathan). Now just rely on cxl_mem_find_command + check > bg flag + callback. > - Don't error in cxl_mbox_check_cmd_bgcmd() if conflicts() callback is not defined (Jonathan). > - Error out in cxl_mbox_send_cmd() upon corruption in cxl_mbox_bgcmd_begin() (Jonathan). > - Do not prematurely add all bg capable opcodes (Jonathan). > > * Patch 2: > - Rework polling delay hinting (Dave). > - Rely on CEL to see if command is supported instead of unconditionally sending it (Jonathan). > > * Added patch 3. > > [0]: https://github.com/davidlohr/qemu/commit/64a93a5b824b59d3b547f06f7fbb1269fb4790ce > > Thanks! > > Davidlohr Bueso (3): > cxl/mbox: Add background operation handling machinery > cxl/mem: Support sanitation commands > tools/testing/cxl: Add "Secure Erase" opcode support > > Documentation/ABI/testing/sysfs-bus-cxl | 19 ++ > drivers/cxl/core/core.h | 3 +- > drivers/cxl/core/mbox.c | 317 +++++++++++++++++++++++- > drivers/cxl/core/memdev.c | 54 ++++ > drivers/cxl/core/port.c | 1 + > drivers/cxl/cxl.h | 8 + > drivers/cxl/cxlmem.h | 65 ++++- > drivers/cxl/pci.c | 4 + > drivers/cxl/pmem.c | 5 +- > drivers/cxl/security.c | 13 +- > include/uapi/linux/cxl_mem.h | 2 + > tools/testing/cxl/test/mem.c | 27 ++ > 12 files changed, 497 insertions(+), 21 deletions(-) > > -- > 2.38.1 >
On Tue, 06 Dec 2022, Dan Williams wrote: >Davidlohr Bueso wrote: >> Hi, >> >> This series adds support for the rest of the security related cxl operation >> which are not strictly dependent on PMEM. >> >> Patch 1 adds the required background cmd handling bits. While this is currently >> only polling support, the idea is to follow up with an irq support once the >> bits land in Ira's event work. All polling-specific code has been marked >> as __maybe_unused. > >I will take a look, but this tends to put me in the mindset of this is >v6.3 material that should wait for its user. Was that your intent? Thanks for having a look. My intent was for 6.3, yes. > >> Patch 2 implements the sanitation commands (overwrite and secure erase). > >My concern with landing non-PMEM secure erase is that it is not scoped >by partition type, and there is no existing appartus like there is on >the nvdimm side to make sure an erase event does not collide with a >device in active use. I can drop the secure erase part of patch 2 and just leave overwrite. Thanks, Davidlohr
Davidlohr Bueso wrote: > On Tue, 06 Dec 2022, Dan Williams wrote: > > >Davidlohr Bueso wrote: > >> Hi, > >> > >> This series adds support for the rest of the security related cxl operation > >> which are not strictly dependent on PMEM. > >> > >> Patch 1 adds the required background cmd handling bits. While this is currently > >> only polling support, the idea is to follow up with an irq support once the > >> bits land in Ira's event work. All polling-specific code has been marked > >> as __maybe_unused. > > > >I will take a look, but this tends to put me in the mindset of this is > >v6.3 material that should wait for its user. Was that your intent? > > Thanks for having a look. My intent was for 6.3, yes. > > > > >> Patch 2 implements the sanitation commands (overwrite and secure erase). > > > >My concern with landing non-PMEM secure erase is that it is not scoped > >by partition type, and there is no existing appartus like there is on > >the nvdimm side to make sure an erase event does not collide with a > >device in active use. > > I can drop the secure erase part of patch 2 and just leave overwrite. They both have the same problem, they need extra safety to make sure that the device is not in active usage during the operation.