From patchwork Tue Dec 6 04:22:44 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dan Williams X-Patchwork-Id: 13065392 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6EC4AC352A1 for ; Tue, 6 Dec 2022 04:22:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231349AbiLFEWv (ORCPT ); Mon, 5 Dec 2022 23:22:51 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37220 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230352AbiLFEWq (ORCPT ); Mon, 5 Dec 2022 23:22:46 -0500 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7DCBD63B7 for ; Mon, 5 Dec 2022 20:22:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1670300565; x=1701836565; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=paKg0JMaXH9lUCsgDLg85e+zF9XyHEaF5GwLWjjl21A=; b=cwphgOXLesyjhvxvw3KQFkDhKHe9WtfsL7OE0OcCT16smDiQJzkOZuT4 AW9Kv1TmfMELX9TUnbuWQkBW5HuIqfoSY6568YY34pV+V4KibVhYaQl2N xH/f+pRijVPNn61tn8x9G3SDIeDNr/Ovijmo8jfUDQULSJk9Mv0t/fxWq ROZ9zHx70axesLAc/bucSgwa3Td2XEpa1gtrhOx8MvAtE8j+AXPeDCwBO vfuHgjSs3mpjaBoWrmOLADv8oE4UY8q/qErNE1cYtdpUWS749nBlo2z80 Mv4R3b2rX0Sivm9EAjnLtHfd6A35UEZqt3B+uR6DxPVsQYfa5l4eWLfhR g==; X-IronPort-AV: E=McAfee;i="6500,9779,10552"; a="315238707" X-IronPort-AV: E=Sophos;i="5.96,220,1665471600"; d="scan'208";a="315238707" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Dec 2022 20:22:45 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10552"; a="639733785" X-IronPort-AV: E=Sophos;i="5.96,220,1665471600"; d="scan'208";a="639733785" Received: from bmnebren-mobl.amr.corp.intel.com (HELO dwillia2-xfh.jf.intel.com) ([10.209.114.171]) by orsmga007-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Dec 2022 20:22:44 -0800 Subject: [PATCH 4/4] cxl/security: Drop security command ioctl uapi From: Dan Williams To: linux-cxl@vger.kernel.org Cc: dave.jiang@intel.com, ira.weiny@intel.com Date: Mon, 05 Dec 2022 20:22:44 -0800 Message-ID: <167030056464.4044561.11486507095384253833.stgit@dwillia2-xfh.jf.intel.com> In-Reply-To: <167030054261.4044561.2164047490200738083.stgit@dwillia2-xfh.jf.intel.com> References: <167030054261.4044561.2164047490200738083.stgit@dwillia2-xfh.jf.intel.com> User-Agent: StGit/0.18-3-g996c MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org CXL PMEM security operations are routed through the NVDIMM sysfs interface. For this reason the corresponding commands are marked "exclusive" to preclude collisions between the ioctl ABI and the sysfs ABI. However, a better way to preclude that collision is to simply remove the ioctl ABI (command-id definitions) for those operations. Now that cxl_internal_send_cmd() (formerly cxl_mbox_send_cmd()) no longer needs to talk the cxl_mem_commands array, all of the uapi definitions for the security commands can be dropped. These never appeared in a released kernel, so no regression risk. Signed-off-by: Dan Williams Reviewed-by: Ira Weiny Reviewed-by: Dave Jiang Reviewed-by: Jonathan Cameron --- drivers/cxl/core/mbox.c | 17 ----------------- include/uapi/linux/cxl_mem.h | 6 ------ 2 files changed, 23 deletions(-) diff --git a/drivers/cxl/core/mbox.c b/drivers/cxl/core/mbox.c index c36a3589377a..b03fba212799 100644 --- a/drivers/cxl/core/mbox.c +++ b/drivers/cxl/core/mbox.c @@ -65,12 +65,6 @@ static struct cxl_mem_command cxl_mem_commands[CXL_MEM_COMMAND_ID_MAX] = { CXL_CMD(GET_SCAN_MEDIA_CAPS, 0x10, 0x4, 0), CXL_CMD(SCAN_MEDIA, 0x11, 0, 0), CXL_CMD(GET_SCAN_MEDIA, 0, CXL_VARIABLE_PAYLOAD, 0), - CXL_CMD(GET_SECURITY_STATE, 0, 0x4, 0), - CXL_CMD(SET_PASSPHRASE, 0x60, 0, 0), - CXL_CMD(DISABLE_PASSPHRASE, 0x40, 0, 0), - CXL_CMD(FREEZE_SECURITY, 0, 0, 0), - CXL_CMD(UNLOCK, 0x20, 0, 0), - CXL_CMD(PASSPHRASE_SECURE_ERASE, 0x40, 0, 0), }; /* @@ -717,17 +711,6 @@ int cxl_enumerate_cmds(struct cxl_dev_state *cxlds) /* Found the required CEL */ rc = 0; } - - /* - * Setup permanently kernel exclusive commands, i.e. the - * mechanism is driven through sysfs, keyctl, etc... - */ - set_bit(CXL_MEM_COMMAND_ID_SET_PASSPHRASE, cxlds->exclusive_cmds); - set_bit(CXL_MEM_COMMAND_ID_DISABLE_PASSPHRASE, cxlds->exclusive_cmds); - set_bit(CXL_MEM_COMMAND_ID_UNLOCK, cxlds->exclusive_cmds); - set_bit(CXL_MEM_COMMAND_ID_PASSPHRASE_SECURE_ERASE, - cxlds->exclusive_cmds); - out: kvfree(gsl); return rc; diff --git a/include/uapi/linux/cxl_mem.h b/include/uapi/linux/cxl_mem.h index 82bdad4ce5de..c71021a2a9ed 100644 --- a/include/uapi/linux/cxl_mem.h +++ b/include/uapi/linux/cxl_mem.h @@ -41,12 +41,6 @@ ___C(GET_SCAN_MEDIA_CAPS, "Get Scan Media Capabilities"), \ ___C(SCAN_MEDIA, "Scan Media"), \ ___C(GET_SCAN_MEDIA, "Get Scan Media Results"), \ - ___C(GET_SECURITY_STATE, "Get Security State"), \ - ___C(SET_PASSPHRASE, "Set Passphrase"), \ - ___C(DISABLE_PASSPHRASE, "Disable Passphrase"), \ - ___C(FREEZE_SECURITY, "Freeze Security"), \ - ___C(UNLOCK, "Unlock"), \ - ___C(PASSPHRASE_SECURE_ERASE, "Passphrase Secure Erase"), \ ___C(MAX, "invalid / last command") #define ___C(a, b) CXL_MEM_COMMAND_ID_##a