| Message ID | 1595606959-8516-1-git-send-email-jane.chu@oracle.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [1/2] libnvdimm/security: 'security' attr never show 'overwrite' state | expand |
Hi, Any taker on this and next patch [PATCH 2/2] libnvdimm/security: ensure sysfs poll thread woke up and fetch updated attr ? According to our test, they're bugs, and folks are waiting to get the issues fixed. Thanks! -jane On 7/24/2020 9:09 AM, Jane Chu wrote: > Since > commit d78c620a2e82 ("libnvdimm/security: Introduce a 'frozen' attribute"), > when issue > # ndctl sanitize-dimm nmem0 --overwrite > then immediately check the 'security' attribute, > # cat /sys/devices/LNXSYSTM:00/LNXSYBUS:00/ACPI0012:00/ndbus0/nmem0/security > unlocked > Actually the attribute stays 'unlocked' through out the entire overwrite > operation, never changed. That's because 'nvdimm->sec.flags' is a bitmap > that has both bits set indicating 'overwrite' and 'unlocked'. > But security_show() checks the mutually exclusive bits before it checks > the 'overwrite' bit at last. The order should be reversed. > > The commit also has a typo: in one occasion, 'nvdimm->sec.ext_state' > assignment is replaced with 'nvdimm->sec.flags' assignment for > the NVDIMM_MASTER type. > > Cc: Dan Williams <dan.j.williams@intel.com> > Fixes: d78c620a2e82 ("libnvdimm/security: Introduce a 'frozen' attribute") > Signed-off-by: Jane Chu <jane.chu@oracle.com> > --- > drivers/nvdimm/dimm_devs.c | 4 ++-- > drivers/nvdimm/security.c | 2 +- > 2 files changed, 3 insertions(+), 3 deletions(-) > > diff --git a/drivers/nvdimm/dimm_devs.c b/drivers/nvdimm/dimm_devs.c > index b7b77e8..5d72026 100644 > --- a/drivers/nvdimm/dimm_devs.c > +++ b/drivers/nvdimm/dimm_devs.c > @@ -363,14 +363,14 @@ __weak ssize_t security_show(struct device *dev, > { > struct nvdimm *nvdimm = to_nvdimm(dev); > > + if (test_bit(NVDIMM_SECURITY_OVERWRITE, &nvdimm->sec.flags)) > + return sprintf(buf, "overwrite\n"); > if (test_bit(NVDIMM_SECURITY_DISABLED, &nvdimm->sec.flags)) > return sprintf(buf, "disabled\n"); > if (test_bit(NVDIMM_SECURITY_UNLOCKED, &nvdimm->sec.flags)) > return sprintf(buf, "unlocked\n"); > if (test_bit(NVDIMM_SECURITY_LOCKED, &nvdimm->sec.flags)) > return sprintf(buf, "locked\n"); > - if (test_bit(NVDIMM_SECURITY_OVERWRITE, &nvdimm->sec.flags)) > - return sprintf(buf, "overwrite\n"); > return -ENOTTY; > } > > diff --git a/drivers/nvdimm/security.c b/drivers/nvdimm/security.c > index 4cef69b..8f3971c 100644 > --- a/drivers/nvdimm/security.c > +++ b/drivers/nvdimm/security.c > @@ -457,7 +457,7 @@ void __nvdimm_security_overwrite_query(struct nvdimm *nvdimm) > clear_bit(NDD_WORK_PENDING, &nvdimm->flags); > put_device(&nvdimm->dev); > nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_USER); > - nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_MASTER); > + nvdimm->sec.ext_flags = nvdimm_security_flags(nvdimm, NVDIMM_MASTER); > } > > void nvdimm_security_overwrite_query(struct work_struct *work) >
On 7/24/2020 9:09 AM, Jane Chu wrote: > Since > commit d78c620a2e82 ("libnvdimm/security: Introduce a 'frozen' attribute"), > when issue > # ndctl sanitize-dimm nmem0 --overwrite > then immediately check the 'security' attribute, > # cat /sys/devices/LNXSYSTM:00/LNXSYBUS:00/ACPI0012:00/ndbus0/nmem0/security > unlocked > Actually the attribute stays 'unlocked' through out the entire overwrite > operation, never changed. That's because 'nvdimm->sec.flags' is a bitmap > that has both bits set indicating 'overwrite' and 'unlocked'. > But security_show() checks the mutually exclusive bits before it checks > the 'overwrite' bit at last. The order should be reversed. > > The commit also has a typo: in one occasion, 'nvdimm->sec.ext_state' > assignment is replaced with 'nvdimm->sec.flags' assignment for > the NVDIMM_MASTER type. May be best to split this fix to a different patch? Just thinking git bisect later on to track issues. Otherwise Reviewed-by: Dave Jiang <dave.jiang@intel.com> > > Cc: Dan Williams <dan.j.williams@intel.com> > Fixes: d78c620a2e82 ("libnvdimm/security: Introduce a 'frozen' attribute") > Signed-off-by: Jane Chu <jane.chu@oracle.com> > --- > drivers/nvdimm/dimm_devs.c | 4 ++-- > drivers/nvdimm/security.c | 2 +- > 2 files changed, 3 insertions(+), 3 deletions(-) > > diff --git a/drivers/nvdimm/dimm_devs.c b/drivers/nvdimm/dimm_devs.c > index b7b77e8..5d72026 100644 > --- a/drivers/nvdimm/dimm_devs.c > +++ b/drivers/nvdimm/dimm_devs.c > @@ -363,14 +363,14 @@ __weak ssize_t security_show(struct device *dev, > { > struct nvdimm *nvdimm = to_nvdimm(dev); > > + if (test_bit(NVDIMM_SECURITY_OVERWRITE, &nvdimm->sec.flags)) > + return sprintf(buf, "overwrite\n"); > if (test_bit(NVDIMM_SECURITY_DISABLED, &nvdimm->sec.flags)) > return sprintf(buf, "disabled\n"); > if (test_bit(NVDIMM_SECURITY_UNLOCKED, &nvdimm->sec.flags)) > return sprintf(buf, "unlocked\n"); > if (test_bit(NVDIMM_SECURITY_LOCKED, &nvdimm->sec.flags)) > return sprintf(buf, "locked\n"); > - if (test_bit(NVDIMM_SECURITY_OVERWRITE, &nvdimm->sec.flags)) > - return sprintf(buf, "overwrite\n"); > return -ENOTTY; > } > > diff --git a/drivers/nvdimm/security.c b/drivers/nvdimm/security.c > index 4cef69b..8f3971c 100644 > --- a/drivers/nvdimm/security.c > +++ b/drivers/nvdimm/security.c > @@ -457,7 +457,7 @@ void __nvdimm_security_overwrite_query(struct nvdimm *nvdimm) > clear_bit(NDD_WORK_PENDING, &nvdimm->flags); > put_device(&nvdimm->dev); > nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_USER); > - nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_MASTER); > + nvdimm->sec.ext_flags = nvdimm_security_flags(nvdimm, NVDIMM_MASTER); > } > > void nvdimm_security_overwrite_query(struct work_struct *work) >
Hi, Dave, On 8/3/2020 1:41 PM, Dave Jiang wrote: > On 7/24/2020 9:09 AM, Jane Chu wrote: >> Since >> commit d78c620a2e82 ("libnvdimm/security: Introduce a 'frozen' >> attribute"), >> when issue >> # ndctl sanitize-dimm nmem0 --overwrite >> then immediately check the 'security' attribute, >> # cat >> /sys/devices/LNXSYSTM:00/LNXSYBUS:00/ACPI0012:00/ndbus0/nmem0/security >> unlocked >> Actually the attribute stays 'unlocked' through out the entire overwrite >> operation, never changed. That's because 'nvdimm->sec.flags' is a bitmap >> that has both bits set indicating 'overwrite' and 'unlocked'. >> But security_show() checks the mutually exclusive bits before it checks >> the 'overwrite' bit at last. The order should be reversed. >> >> The commit also has a typo: in one occasion, 'nvdimm->sec.ext_state' >> assignment is replaced with 'nvdimm->sec.flags' assignment for >> the NVDIMM_MASTER type. > > May be best to split this fix to a different patch? Just thinking git > bisect later on to track issues. Otherwise Reviewed-by: Dave Jiang > <dave.jiang@intel.com> Sure. I take it you meant to separate the typo fix from the change that tests the OVERWRITE bit first? Regards, -jane
On 8/3/2020 2:10 PM, Jane Chu wrote: > Hi, Dave, > > On 8/3/2020 1:41 PM, Dave Jiang wrote: >> On 7/24/2020 9:09 AM, Jane Chu wrote: >>> Since >>> commit d78c620a2e82 ("libnvdimm/security: Introduce a 'frozen' attribute"), >>> when issue >>> # ndctl sanitize-dimm nmem0 --overwrite >>> then immediately check the 'security' attribute, >>> # cat /sys/devices/LNXSYSTM:00/LNXSYBUS:00/ACPI0012:00/ndbus0/nmem0/security >>> unlocked >>> Actually the attribute stays 'unlocked' through out the entire overwrite >>> operation, never changed. That's because 'nvdimm->sec.flags' is a bitmap >>> that has both bits set indicating 'overwrite' and 'unlocked'. >>> But security_show() checks the mutually exclusive bits before it checks >>> the 'overwrite' bit at last. The order should be reversed. >>> >>> The commit also has a typo: in one occasion, 'nvdimm->sec.ext_state' >>> assignment is replaced with 'nvdimm->sec.flags' assignment for >>> the NVDIMM_MASTER type. >> >> May be best to split this fix to a different patch? Just thinking git bisect >> later on to track issues. Otherwise Reviewed-by: Dave Jiang >> <dave.jiang@intel.com> > > Sure. I take it you meant to separate the typo fix from the change that tests > the OVERWRITE bit first? Yep! > > Regards, > -jane
diff --git a/drivers/nvdimm/dimm_devs.c b/drivers/nvdimm/dimm_devs.c index b7b77e8..5d72026 100644 --- a/drivers/nvdimm/dimm_devs.c +++ b/drivers/nvdimm/dimm_devs.c @@ -363,14 +363,14 @@ __weak ssize_t security_show(struct device *dev, { struct nvdimm *nvdimm = to_nvdimm(dev); + if (test_bit(NVDIMM_SECURITY_OVERWRITE, &nvdimm->sec.flags)) + return sprintf(buf, "overwrite\n"); if (test_bit(NVDIMM_SECURITY_DISABLED, &nvdimm->sec.flags)) return sprintf(buf, "disabled\n"); if (test_bit(NVDIMM_SECURITY_UNLOCKED, &nvdimm->sec.flags)) return sprintf(buf, "unlocked\n"); if (test_bit(NVDIMM_SECURITY_LOCKED, &nvdimm->sec.flags)) return sprintf(buf, "locked\n"); - if (test_bit(NVDIMM_SECURITY_OVERWRITE, &nvdimm->sec.flags)) - return sprintf(buf, "overwrite\n"); return -ENOTTY; } diff --git a/drivers/nvdimm/security.c b/drivers/nvdimm/security.c index 4cef69b..8f3971c 100644 --- a/drivers/nvdimm/security.c +++ b/drivers/nvdimm/security.c @@ -457,7 +457,7 @@ void __nvdimm_security_overwrite_query(struct nvdimm *nvdimm) clear_bit(NDD_WORK_PENDING, &nvdimm->flags); put_device(&nvdimm->dev); nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_USER); - nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_MASTER); + nvdimm->sec.ext_flags = nvdimm_security_flags(nvdimm, NVDIMM_MASTER); } void nvdimm_security_overwrite_query(struct work_struct *work)
Since commit d78c620a2e82 ("libnvdimm/security: Introduce a 'frozen' attribute"), when issue # ndctl sanitize-dimm nmem0 --overwrite then immediately check the 'security' attribute, # cat /sys/devices/LNXSYSTM:00/LNXSYBUS:00/ACPI0012:00/ndbus0/nmem0/security unlocked Actually the attribute stays 'unlocked' through out the entire overwrite operation, never changed. That's because 'nvdimm->sec.flags' is a bitmap that has both bits set indicating 'overwrite' and 'unlocked'. But security_show() checks the mutually exclusive bits before it checks the 'overwrite' bit at last. The order should be reversed. The commit also has a typo: in one occasion, 'nvdimm->sec.ext_state' assignment is replaced with 'nvdimm->sec.flags' assignment for the NVDIMM_MASTER type. Cc: Dan Williams <dan.j.williams@intel.com> Fixes: d78c620a2e82 ("libnvdimm/security: Introduce a 'frozen' attribute") Signed-off-by: Jane Chu <jane.chu@oracle.com> --- drivers/nvdimm/dimm_devs.c | 4 ++-- drivers/nvdimm/security.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-)