From patchwork Fri Jul 15 21:08:38 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919733 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id ABBD9C433EF for ; Fri, 15 Jul 2022 21:08:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229947AbiGOVIl (ORCPT ); Fri, 15 Jul 2022 17:08:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50692 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229499AbiGOVIl (ORCPT ); Fri, 15 Jul 2022 17:08:41 -0400 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 718B77664 for ; Fri, 15 Jul 2022 14:08:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919319; x=1689455319; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=9rZTNHLSztiH0nN2cBKzyjZJ5yqEsukWe+x5YDaSmq0=; b=gb75SWyW81Rgha0n+K73l3SQJbh/AxeRAhj1FNU90Qas8CzClhFHNrr2 bBsTznbW52C3F6Dgy2L5jeJUx4hbdDElKn2f9J7C8L8sJ6Hg34/ydgj9A GZF7AyyL570PaCOmUGNptnKIiwVX6Sp4DoALPg9ugbDQ1G/gNJ0ekYgLL r1XbUhkMSf750r8dfbVwkTkDo2E9GQ3O8jpwdT4pw391+h4J9YVZKePdy SWTWYxGmRBevdOG7So8KYk9hs9n1jCW3DN2NC17ZyIe4cyAh9DrPD30wJ xew8IjQKyvXdk3SVW9/9XLHpCHrYBLI63M90jeJBGpV1aNGnOTmcMMIbC w==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="287040464" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="287040464" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:08:39 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="596605664" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by orsmga002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:08:38 -0700 Subject: [PATCH RFC 01/15] cxl/pmem: Introduce nvdimm_security_ops with ->get_flags() operation From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:08:38 -0700 Message-ID: <165791931828.2491387.3280104860123759941.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org Add nvdimm_security_ops support for CXL memory device with the introduction of the ->get_flags() callback function. This is part of the "Persistent Memory Data-at-rest Security" command set for CXL memory device support. The ->get_flags() function provides the security state of the persistent memory device defined by the CXL 2.0 spec section 8.2.9.5.6.1. The nvdimm_security_ops for CXL is configured as an build option toggled by kernel configuration CONFIG_CXL_PMEM_SECURITY. Signed-off-by: Dave Jiang Reviewed-by: Jonathan Cameron --- drivers/cxl/Kconfig | 16 +++++++++++++ drivers/cxl/Makefile | 1 + drivers/cxl/cxlmem.h | 9 +++++++ drivers/cxl/pmem.c | 10 ++++++-- drivers/cxl/security.c | 57 ++++++++++++++++++++++++++++++++++++++++++++++ tools/testing/cxl/Kbuild | 1 + 6 files changed, 92 insertions(+), 2 deletions(-) create mode 100644 drivers/cxl/security.c diff --git a/drivers/cxl/Kconfig b/drivers/cxl/Kconfig index f64e3984689f..43527a697f60 100644 --- a/drivers/cxl/Kconfig +++ b/drivers/cxl/Kconfig @@ -102,4 +102,20 @@ config CXL_SUSPEND def_bool y depends on SUSPEND && CXL_MEM +config CXL_PMEM_SECURITY + tristate "CXL PMEM SECURITY: Persistent Memory Security Support" + depends on CXL_PMEM + default CXL_BUS + help + CXL memory device "Persistent Memory Data-at-rest Security" command set + support. Support opcode 0x4500..0x4505. The commands supported are "Get + Security State", "Set Passphrase", "Disable Passphrase", "Unlock", + "Freeze Security State", and "Passphrase Secure Erase". Security operation + is done through nvdimm security_ops. + + See Chapter 8.2.9.5.6 in the CXL 2.0 specification for a detailed description + of the Persistent Memory Security. + + If unsure say 'm'. + endif diff --git a/drivers/cxl/Makefile b/drivers/cxl/Makefile index a78270794150..c19cf28f7512 100644 --- a/drivers/cxl/Makefile +++ b/drivers/cxl/Makefile @@ -11,3 +11,4 @@ cxl_pci-y := pci.o cxl_acpi-y := acpi.o cxl_pmem-y := pmem.o cxl_port-y := port.o +cxl_pmem-$(CONFIG_CXL_PMEM_SECURITY) += security.o diff --git a/drivers/cxl/cxlmem.h b/drivers/cxl/cxlmem.h index 7df0b053373a..35de2889aac3 100644 --- a/drivers/cxl/cxlmem.h +++ b/drivers/cxl/cxlmem.h @@ -250,6 +250,7 @@ enum cxl_opcode { CXL_MBOX_OP_GET_SCAN_MEDIA_CAPS = 0x4303, CXL_MBOX_OP_SCAN_MEDIA = 0x4304, CXL_MBOX_OP_GET_SCAN_MEDIA = 0x4305, + CXL_MBOX_OP_GET_SECURITY_STATE = 0x4500, CXL_MBOX_OP_MAX = 0x10000 }; @@ -342,6 +343,13 @@ struct cxl_mem_command { #define CXL_CMD_FLAG_FORCE_ENABLE BIT(0) }; +#define CXL_PMEM_SEC_STATE_USER_PASS_SET 0x01 +#define CXL_PMEM_SEC_STATE_MASTER_PASS_SET 0x02 +#define CXL_PMEM_SEC_STATE_LOCKED 0x04 +#define CXL_PMEM_SEC_STATE_FROZEN 0x08 +#define CXL_PMEM_SEC_STATE_USER_PLIMIT 0x10 +#define CXL_PMEM_SEC_STATE_MASTER_PLIMIT 0x20 + int cxl_mbox_send_cmd(struct cxl_dev_state *cxlds, u16 opcode, void *in, size_t in_size, void *out, size_t out_size); int cxl_dev_state_identify(struct cxl_dev_state *cxlds); @@ -370,4 +378,5 @@ struct cxl_hdm { unsigned int interleave_mask; struct cxl_port *port; }; + #endif /* __CXL_MEM_H__ */ diff --git a/drivers/cxl/pmem.c b/drivers/cxl/pmem.c index 0aaa70b4e0f7..6dbf067dcf10 100644 --- a/drivers/cxl/pmem.c +++ b/drivers/cxl/pmem.c @@ -10,6 +10,12 @@ #include "cxlmem.h" #include "cxl.h" +#if IS_ENABLED(CONFIG_CXL_PMEM_SECURITY) +extern const struct nvdimm_security_ops *cxl_security_ops; +#else +static const struct nvdimm_security_ops *cxl_security_ops = NULL; +#endif + /* * Ordered workqueue for cxl nvdimm device arrival and departure * to coordinate bus rescans when a bridge arrives and trigger remove @@ -58,8 +64,8 @@ static int cxl_nvdimm_probe(struct device *dev) set_bit(ND_CMD_GET_CONFIG_SIZE, &cmd_mask); set_bit(ND_CMD_GET_CONFIG_DATA, &cmd_mask); set_bit(ND_CMD_SET_CONFIG_DATA, &cmd_mask); - nvdimm = nvdimm_create(cxl_nvb->nvdimm_bus, cxl_nvd, NULL, flags, - cmd_mask, 0, NULL); + nvdimm = __nvdimm_create(cxl_nvb->nvdimm_bus, cxl_nvd, NULL, flags, + cmd_mask, 0, NULL, NULL, cxl_security_ops, NULL); if (!nvdimm) { rc = -ENOMEM; goto out; diff --git a/drivers/cxl/security.c b/drivers/cxl/security.c new file mode 100644 index 000000000000..5b830ae621db --- /dev/null +++ b/drivers/cxl/security.c @@ -0,0 +1,57 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* Copyright(c) 2022 Intel Corporation. All rights reserved. */ +#include +#include +#include +#include +#include +#include +#include "cxlmem.h" +#include "cxl.h" + +static unsigned long cxl_pmem_get_security_flags(struct nvdimm *nvdimm, + enum nvdimm_passphrase_type ptype) +{ + struct cxl_nvdimm *cxl_nvd = nvdimm_provider_data(nvdimm); + struct cxl_memdev *cxlmd = cxl_nvd->cxlmd; + struct cxl_dev_state *cxlds = cxlmd->cxlds; + unsigned long security_flags; + u32 sec_out; + int rc; + + rc = cxl_mbox_send_cmd(cxlds, CXL_MBOX_OP_GET_SECURITY_STATE, NULL, 0, + &sec_out, sizeof(sec_out)); + if (rc < 0) + return 0; + + if (ptype == NVDIMM_MASTER) { + if (sec_out & CXL_PMEM_SEC_STATE_MASTER_PASS_SET) + set_bit(NVDIMM_SECURITY_UNLOCKED, &security_flags); + else + set_bit(NVDIMM_SECURITY_DISABLED, &security_flags); + if (sec_out & CXL_PMEM_SEC_STATE_MASTER_PLIMIT) + set_bit(NVDIMM_SECURITY_FROZEN, &security_flags); + return security_flags; + } + + if (sec_out & CXL_PMEM_SEC_STATE_USER_PASS_SET) { + if (sec_out & CXL_PMEM_SEC_STATE_FROZEN || + sec_out & CXL_PMEM_SEC_STATE_USER_PLIMIT) + set_bit(NVDIMM_SECURITY_FROZEN, &security_flags); + + if (sec_out & CXL_PMEM_SEC_STATE_LOCKED) + set_bit(NVDIMM_SECURITY_LOCKED, &security_flags); + else + set_bit(NVDIMM_SECURITY_UNLOCKED, &security_flags); + } else { + set_bit(NVDIMM_SECURITY_DISABLED, &security_flags); + } + + return security_flags; +} + +static const struct nvdimm_security_ops __cxl_security_ops = { + .get_flags = cxl_pmem_get_security_flags, +}; + +const struct nvdimm_security_ops *cxl_security_ops = &__cxl_security_ops; diff --git a/tools/testing/cxl/Kbuild b/tools/testing/cxl/Kbuild index 33543231d453..7db7a35a1c2a 100644 --- a/tools/testing/cxl/Kbuild +++ b/tools/testing/cxl/Kbuild @@ -27,6 +27,7 @@ obj-m += cxl_pmem.o cxl_pmem-y := $(CXL_SRC)/pmem.o cxl_pmem-y += config_check.o +cxl_pmem-$(CONFIG_CXL_PMEM_SECURITY) += $(CXL_SRC)/security.o obj-m += cxl_port.o From patchwork Fri Jul 15 21:08:44 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919734 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 34A58C43334 for ; Fri, 15 Jul 2022 21:08:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229979AbiGOVIt (ORCPT ); Fri, 15 Jul 2022 17:08:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50906 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229499AbiGOVIs (ORCPT ); Fri, 15 Jul 2022 17:08:48 -0400 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2BE1419C1C for ; Fri, 15 Jul 2022 14:08:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919327; x=1689455327; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=5RHeJXI/DSKBOwxq0dyffmzXTzBt+vgqLxC2bhkenCQ=; b=U/Lyw9roD5j+rn5R+6XOj3yevHlZX+EJe10GEG4RYBErhGjyeiCx869s ppcXA8apmIrOBgJfNPPOREkx36rUMCinEvVJ0ewyeS3oxBiLZfI2ofV9J LWNo/2uaMkLaWu/IoW93Bxbdf6YoXH+cdnFLtA1a4EINM+E/9Z41flsnE eI7j6IcifWgF7AdrPXUOZEqCCWQfw95oQaAIMCc+XntsbmCQYPZGsJySo xAxPTKmDS/ZcugHUfN928VX5KLU+OEkBhoIqxA0HdJ3qD9u2Nl3IXUNRe kVDPHVUN+2XCbPHiWtpiCMgD26UUnCdaxPY4ujObRxy+0TfdGd9z1+UEs w==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="268921440" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="268921440" Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:08:46 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="923658642" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by fmsmga005-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:08:44 -0700 Subject: [PATCH RFC 02/15] tools/testing/cxl: Create context for cxl mock device From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:08:44 -0700 Message-ID: <165791932409.2491387.9065856569307593223.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org Add context struct for mock device and move lsa under the context. This allows additional information such as security status and other persistent security data such as passphrase to be added for the emulated test device. Signed-off-by: Dave Jiang Reviewed-by: Davidlohr Bueso --- tools/testing/cxl/test/mem.c | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) diff --git a/tools/testing/cxl/test/mem.c b/tools/testing/cxl/test/mem.c index 6b9239b2afd4..723378248321 100644 --- a/tools/testing/cxl/test/mem.c +++ b/tools/testing/cxl/test/mem.c @@ -9,6 +9,10 @@ #include #include +struct mock_mdev_data { + void *lsa; +}; + #define LSA_SIZE SZ_128K #define EFFECT(x) (1U << x) @@ -140,7 +144,8 @@ static int mock_id(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) static int mock_get_lsa(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) { struct cxl_mbox_get_lsa *get_lsa = cmd->payload_in; - void *lsa = dev_get_drvdata(cxlds->dev); + struct mock_mdev_data *mdata = dev_get_drvdata(cxlds->dev); + void *lsa = mdata->lsa; u32 offset, length; if (sizeof(*get_lsa) > cmd->size_in) @@ -159,7 +164,8 @@ static int mock_get_lsa(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) static int mock_set_lsa(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) { struct cxl_mbox_set_lsa *set_lsa = cmd->payload_in; - void *lsa = dev_get_drvdata(cxlds->dev); + struct mock_mdev_data *mdata = dev_get_drvdata(cxlds->dev); + void *lsa = mdata->lsa; u32 offset, length; if (sizeof(*set_lsa) > cmd->size_in) @@ -237,9 +243,12 @@ static int cxl_mock_mbox_send(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd * return rc; } -static void label_area_release(void *lsa) +static void cxl_mock_drvdata_release(void *data) { - vfree(lsa); + struct mock_mdev_data *mdata = data; + + vfree(mdata->lsa); + vfree(mdata); } static int cxl_mock_mem_probe(struct platform_device *pdev) @@ -247,13 +256,21 @@ static int cxl_mock_mem_probe(struct platform_device *pdev) struct device *dev = &pdev->dev; struct cxl_memdev *cxlmd; struct cxl_dev_state *cxlds; + struct mock_mdev_data *mdata; void *lsa; int rc; + mdata = vmalloc(sizeof(*mdata)); + if (!mdata) + return -ENOMEM; + lsa = vmalloc(LSA_SIZE); - if (!lsa) + if (!lsa) { + vfree(mdata); return -ENOMEM; - rc = devm_add_action_or_reset(dev, label_area_release, lsa); + } + + rc = devm_add_action_or_reset(dev, cxl_mock_drvdata_release, mdata); if (rc) return rc; dev_set_drvdata(dev, lsa); From patchwork Fri Jul 15 21:08:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919735 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2AA7AC433EF for ; Fri, 15 Jul 2022 21:08:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229499AbiGOVIw (ORCPT ); Fri, 15 Jul 2022 17:08:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51008 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230000AbiGOVIv (ORCPT ); Fri, 15 Jul 2022 17:08:51 -0400 Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D7F981BE8E for ; Fri, 15 Jul 2022 14:08:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919330; x=1689455330; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=fZzS0dNQqzNeoZ9itlm7J1mbGFqBsFU+AxSoJ/hpTPw=; b=EWnnpKqpJoSk0aWmszZ5KwBes4c0STY4ISSLQwsRQNZnfAG1QNdByGph L0UkR1G/xPzlj6hV5zLDMu3vW796sGIMApDoi66+XFx+7ec8Khr49PMWZ MrB6n9MENNoJkfx5PFpp2feALVQAct6e9KLk6KCvvgAaFLAx11vbHwK4a b/Ga0gBXQkxq768Lu4rQgZADtUameJ7Lkg2WSrf39gdBu1vW01F+A/7ji qOCgU6hKxL9UjV/8ettkQWXr9k3LpxsfBIkPgWNYaTelfMXYi8R7JAbQn PC8qxRhcGX00GSzsseCRcDtEcOD6abp/31X/7oitmkWNnfnfICK8L33Mp Q==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="349863155" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="349863155" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:08:50 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="546797585" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:08:50 -0700 Subject: [PATCH RFC 03/15] tools/testing/cxl: Add "Get Security State" opcode support From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:08:49 -0700 Message-ID: <165791932983.2491387.13708346830998415266.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org Add the emulation support for handling "Get Security State" opcode for a CXL memory device for the cxl_test. The function will copy back device security state bitmask to the output payload. Signed-off-by: Dave Jiang --- tools/testing/cxl/test/mem.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/tools/testing/cxl/test/mem.c b/tools/testing/cxl/test/mem.c index 723378248321..337e5a099d31 100644 --- a/tools/testing/cxl/test/mem.c +++ b/tools/testing/cxl/test/mem.c @@ -11,6 +11,7 @@ struct mock_mdev_data { void *lsa; + u32 security_state; }; #define LSA_SIZE SZ_128K @@ -141,6 +142,26 @@ static int mock_id(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) return 0; } +static int mock_get_security_state(struct cxl_dev_state *cxlds, + struct cxl_mbox_cmd *cmd) +{ + struct mock_mdev_data *mdata = dev_get_drvdata(cxlds->dev); + + if (cmd->size_in) { + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + + if (cmd->size_out != sizeof(u32)) { + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + + memcpy(cmd->payload_out, &mdata->security_state, sizeof(u32)); + + return 0; +} + static int mock_get_lsa(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) { struct cxl_mbox_get_lsa *get_lsa = cmd->payload_in; @@ -233,6 +254,9 @@ static int cxl_mock_mbox_send(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd * case CXL_MBOX_OP_GET_HEALTH_INFO: rc = mock_health_info(cxlds, cmd); break; + case CXL_MBOX_OP_GET_SECURITY_STATE: + rc = mock_get_security_state(cxlds, cmd); + break; default: break; } From patchwork Fri Jul 15 21:08:55 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919736 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0825AC43334 for ; Fri, 15 Jul 2022 21:08:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230012AbiGOVI6 (ORCPT ); Fri, 15 Jul 2022 17:08:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51086 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230000AbiGOVI5 (ORCPT ); Fri, 15 Jul 2022 17:08:57 -0400 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D0E673B94F for ; Fri, 15 Jul 2022 14:08:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919336; x=1689455336; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=UTg2OVhCAgGBjenPtHjfpLVSV12FtAaPcU6oPUV5O/U=; b=j2OHczIEoD5NrG2HX7+30X6qgmZN98LCbjOxCYfMBF/6plp8DinlwWw1 23vz6c3+M4+HH8eK2a2jiu6ad4dJPuc5uuhNJ8P+ZC2hNLU7r0he/t1/l pXlK9he3Fg8PyU0oKLt6Dd5VtgzWRnIfYxslmKMSjE+O/MHM2tmFSQk0c 3vfDguaeRWe32WYrWUblGJ2NaH/921DFJ0hUzJAkv17R/HGqtlS1zZnh5 1lR+NQ4BV6TYgsTulDzXUePmLb7ThNBQtY9e/gVmBII7NOCY4j4QM3xgL TZSrF7pkb8FavJG/54O2WbxBjf6jC9VA0FX8wUq9ijEOdF21wrn9P0lE1 w==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="285927319" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="285927319" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:08:56 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="593873333" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by orsmga007-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:08:55 -0700 Subject: [PATCH RFC 04/15] cxl/pmem: Add "Set Passphrase" security command support From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:08:55 -0700 Message-ID: <165791933557.2491387.2141316283759403219.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org Create callback function to support the nvdimm_security_ops ->change_key() callback. Translate the operation to send "Set Passphrase" security command for CXL memory device. The operation supports setting a passphrase for the CXL persistent memory device. It also supports the changing of the currently set passphrase. The operation allows manipulation of a user passphrase or a master passphrase. See CXL 2.0 spec section 8.2.9.5.6.2 for reference. However, the spec leaves a gap WRT master passphrase usages. The spec does not define any ways to retrieve the status of if the support of master passphrase is available for the device, nor does the commands that utilize master passphrase will return a specific error that indicates master passphrase is not supported. If using a device does not support master passphrase and a command is issued with a master passphrase, the error message returned by the device will be ambiguos. Signed-off-by: Dave Jiang Reviewed-by: Jonathan Cameron --- drivers/cxl/cxlmem.h | 14 ++++++++++++++ drivers/cxl/security.c | 27 +++++++++++++++++++++++++++ 2 files changed, 41 insertions(+) diff --git a/drivers/cxl/cxlmem.h b/drivers/cxl/cxlmem.h index 35de2889aac3..1e76d22f4fd2 100644 --- a/drivers/cxl/cxlmem.h +++ b/drivers/cxl/cxlmem.h @@ -251,6 +251,7 @@ enum cxl_opcode { CXL_MBOX_OP_SCAN_MEDIA = 0x4304, CXL_MBOX_OP_GET_SCAN_MEDIA = 0x4305, CXL_MBOX_OP_GET_SECURITY_STATE = 0x4500, + CXL_MBOX_OP_SET_PASSPHRASE = 0x4501, CXL_MBOX_OP_MAX = 0x10000 }; @@ -350,6 +351,19 @@ struct cxl_mem_command { #define CXL_PMEM_SEC_STATE_USER_PLIMIT 0x10 #define CXL_PMEM_SEC_STATE_MASTER_PLIMIT 0x20 +/* set passphrase input payload */ +struct cxl_set_pass { + u8 type; + u8 reserved[31]; + u8 old_pass[NVDIMM_PASSPHRASE_LEN]; + u8 new_pass[NVDIMM_PASSPHRASE_LEN]; +} __packed; + +enum { + CXL_PMEM_SEC_PASS_MASTER = 0, + CXL_PMEM_SEC_PASS_USER, +}; + int cxl_mbox_send_cmd(struct cxl_dev_state *cxlds, u16 opcode, void *in, size_t in_size, void *out, size_t out_size); int cxl_dev_state_identify(struct cxl_dev_state *cxlds); diff --git a/drivers/cxl/security.c b/drivers/cxl/security.c index 5b830ae621db..76ec5087f966 100644 --- a/drivers/cxl/security.c +++ b/drivers/cxl/security.c @@ -50,8 +50,35 @@ static unsigned long cxl_pmem_get_security_flags(struct nvdimm *nvdimm, return security_flags; } +static int cxl_pmem_security_change_key(struct nvdimm *nvdimm, + const struct nvdimm_key_data *old_data, + const struct nvdimm_key_data *new_data, + enum nvdimm_passphrase_type ptype) +{ + struct cxl_nvdimm *cxl_nvd = nvdimm_provider_data(nvdimm); + struct cxl_memdev *cxlmd = cxl_nvd->cxlmd; + struct cxl_dev_state *cxlds = cxlmd->cxlds; + struct cxl_set_pass *set_pass; + int rc; + + set_pass = kzalloc(sizeof(*set_pass), GFP_KERNEL); + if (!set_pass) + return -ENOMEM; + + set_pass->type = ptype == NVDIMM_MASTER ? + CXL_PMEM_SEC_PASS_MASTER : CXL_PMEM_SEC_PASS_USER; + memcpy(set_pass->old_pass, old_data->data, NVDIMM_PASSPHRASE_LEN); + memcpy(set_pass->new_pass, new_data->data, NVDIMM_PASSPHRASE_LEN); + + rc = cxl_mbox_send_cmd(cxlds, CXL_MBOX_OP_SET_PASSPHRASE, + set_pass, sizeof(*set_pass), NULL, 0); + kfree(set_pass); + return rc; +} + static const struct nvdimm_security_ops __cxl_security_ops = { .get_flags = cxl_pmem_get_security_flags, + .change_key = cxl_pmem_security_change_key, }; const struct nvdimm_security_ops *cxl_security_ops = &__cxl_security_ops; From patchwork Fri Jul 15 21:09:01 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919737 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 66915C433EF for ; Fri, 15 Jul 2022 21:09:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230026AbiGOVJG (ORCPT ); Fri, 15 Jul 2022 17:09:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51142 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230041AbiGOVJD (ORCPT ); Fri, 15 Jul 2022 17:09:03 -0400 Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4B829240BC for ; Fri, 15 Jul 2022 14:09:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919342; x=1689455342; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=x/w4rjZNzfd3oOdRpIA4+Gm9z+kuyHAk+EzXG7r/RqQ=; b=CBsCRgHl0R5dN4BUlv1hRvEn4beouhwb5shYnNGZXpFgW1MsXKj242LA 6XR7EleVy27kMJzk9bhDwTwHN3//5g74Cxp2sFQsNA7LMmc+0o7aziXMX UkvtZnIj6FY5IN5BRONhqjUlxd3IAVFjLE2Ms7upV90cR9kBBkkg/okLs E7kzJBOMBAzUuUygGga1/XdpIRZncGOaot+rHZeaqnVx++NuGKgAC/ycZ uBWZGFlLlMDSBSyMLoS5ihcQGMhvtkkgnlT6JBpCZBU4jDayQom36RH5h QXxvDclLsdgKycMcmVlYl9oTIFz0VcKxaiHcGFsdVUioJnd66Ob3wM6tf g==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="283458359" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="283458359" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:02 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="654501327" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:01 -0700 Subject: [PATCH RFC 05/15] tools/testing/cxl: Add "Set Passphrase" opcode support From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:09:01 -0700 Message-ID: <165791934143.2491387.18407792819271591669.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org Add support to emulate a CXL mem device supporting the "Set Passphrase" operation. The operation supports setting of either a user or a master passphrase. Signed-off-by: Dave Jiang --- tools/testing/cxl/test/mem.c | 76 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) diff --git a/tools/testing/cxl/test/mem.c b/tools/testing/cxl/test/mem.c index 337e5a099d31..796f4f7b5e3d 100644 --- a/tools/testing/cxl/test/mem.c +++ b/tools/testing/cxl/test/mem.c @@ -12,8 +12,14 @@ struct mock_mdev_data { void *lsa; u32 security_state; + u8 user_pass[NVDIMM_PASSPHRASE_LEN]; + u8 master_pass[NVDIMM_PASSPHRASE_LEN]; + int user_limit; + int master_limit; }; +#define PASS_TRY_LIMIT 3 + #define LSA_SIZE SZ_128K #define EFFECT(x) (1U << x) @@ -162,6 +168,73 @@ static int mock_get_security_state(struct cxl_dev_state *cxlds, return 0; } +static int mock_set_passphrase(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) +{ + struct mock_mdev_data *mdata = dev_get_drvdata(cxlds->dev); + struct cxl_set_pass *set_pass; + + if (cmd->size_in != sizeof(*set_pass)) { + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + + if (cmd->size_out != 0) { + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + + if (mdata->security_state & CXL_PMEM_SEC_STATE_FROZEN) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + set_pass = cmd->payload_in; + switch (set_pass->type) { + case CXL_PMEM_SEC_PASS_MASTER: + if (mdata->security_state & CXL_PMEM_SEC_STATE_MASTER_PLIMIT) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + /* + * CXL spec v2.0 8.2.9.5.6.2, The master pasphrase shall only be set in + * the security disabled state when the user passphrase is not set. + */ + if (mdata->security_state & CXL_PMEM_SEC_STATE_USER_PASS_SET) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + if (mdata->security_state & CXL_PMEM_SEC_STATE_MASTER_PASS_SET && + memcmp(mdata->master_pass, set_pass->old_pass, NVDIMM_PASSPHRASE_LEN)) { + if (++mdata->master_limit == PASS_TRY_LIMIT) + mdata->security_state |= CXL_PMEM_SEC_STATE_MASTER_PLIMIT; + cmd->return_code = CXL_MBOX_CMD_RC_PASSPHRASE; + return -ENXIO; + } + memcpy(mdata->master_pass, set_pass->new_pass, NVDIMM_PASSPHRASE_LEN); + break; + + case CXL_PMEM_SEC_PASS_USER: + if (mdata->security_state & CXL_PMEM_SEC_STATE_USER_PLIMIT) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + if (mdata->security_state & CXL_PMEM_SEC_STATE_USER_PASS_SET && + memcmp(mdata->user_pass, set_pass->old_pass, NVDIMM_PASSPHRASE_LEN)) { + if (++mdata->user_limit == PASS_TRY_LIMIT) + mdata->security_state |= CXL_PMEM_SEC_STATE_USER_PLIMIT; + cmd->return_code = CXL_MBOX_CMD_RC_PASSPHRASE; + return -ENXIO; + } + memcpy(mdata->user_pass, set_pass->new_pass, NVDIMM_PASSPHRASE_LEN); + break; + + default: + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + return 0; +} + static int mock_get_lsa(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) { struct cxl_mbox_get_lsa *get_lsa = cmd->payload_in; @@ -257,6 +330,9 @@ static int cxl_mock_mbox_send(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd * case CXL_MBOX_OP_GET_SECURITY_STATE: rc = mock_get_security_state(cxlds, cmd); break; + case CXL_MBOX_OP_SET_PASSPHRASE: + rc = mock_set_passphrase(cxlds, cmd); + break; default: break; } From patchwork Fri Jul 15 21:09:07 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919738 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 71393C433EF for ; Fri, 15 Jul 2022 21:09:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230052AbiGOVJK (ORCPT ); Fri, 15 Jul 2022 17:09:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51190 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230000AbiGOVJJ (ORCPT ); Fri, 15 Jul 2022 17:09:09 -0400 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 613B13FA20 for ; Fri, 15 Jul 2022 14:09:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919348; x=1689455348; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=dBQENS3znweCF0yiR8zGCtWQ5lG/ElS4TNT6oglovdw=; b=JyLgtx98eLOxZXnjRgBOsvGGXZOCBHVWQkver2h1dfeNC8ueU0RgLZmL nu1fQCgIyyS9hY39hjum9oL2HCBZLuOHr3RVQv4Lyk+sVF3mca+LxtTCp 5WHGgIqvuL4O6Ym+n3KknuhGerLPfCtaPLrReXIFV/3SgDkOPRAOwo04R hh0V/t/M1B7BhqkdzOsuuws3z9czS9in6pggduEjOMJbW+XBrDwCzaM5N jfifx3OdrQDCfD168yHUuPPeLvmHj+0ANSmWykP3ymtPYuoFWtTEsLRqO kv9c0bef7xqENwrLbrHGj3VuKcWuFmcnM7reQU/5tzLJznKYVcIbjpr5H A==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="284659349" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="284659349" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:08 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="629248825" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:07 -0700 Subject: [PATCH RFC 06/15] cxl/pmem: Add Disable Passphrase security command support From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:09:07 -0700 Message-ID: <165791934720.2491387.11236603584810515256.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org Create callback function to support the nvdimm_security_ops ->disable() callback. Translate the operation to send "Disable Passphrase" security command for CXL memory device. The operation supports disabling a passphrase for the CXL persistent memory device. In the original implementation of nvdimm_security_ops, this operation only supports disabling of the user passphrase. This is due to the NFIT version of disable passphrase only supported disabling of user passphrase. The CXL spec allows disabling of the master passphrase as well which nvidmm_security_ops does not support yet. In this commit, the callback function will only support user passphrase. See CXL 2.0 spec section 8.2.9.5.6.3 for reference. Signed-off-by: Dave Jiang Reviewed-by: Jonathan Cameron --- drivers/cxl/cxlmem.h | 8 ++++++++ drivers/cxl/security.c | 30 ++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+) diff --git a/drivers/cxl/cxlmem.h b/drivers/cxl/cxlmem.h index 1e76d22f4fd2..70a1eb7720d3 100644 --- a/drivers/cxl/cxlmem.h +++ b/drivers/cxl/cxlmem.h @@ -252,6 +252,7 @@ enum cxl_opcode { CXL_MBOX_OP_GET_SCAN_MEDIA = 0x4305, CXL_MBOX_OP_GET_SECURITY_STATE = 0x4500, CXL_MBOX_OP_SET_PASSPHRASE = 0x4501, + CXL_MBOX_OP_DISABLE_PASSPHRASE = 0x4502, CXL_MBOX_OP_MAX = 0x10000 }; @@ -359,6 +360,13 @@ struct cxl_set_pass { u8 new_pass[NVDIMM_PASSPHRASE_LEN]; } __packed; +/* disable passphrase input payload */ +struct cxl_disable_pass { + u8 type; + u8 reserved[31]; + u8 pass[NVDIMM_PASSPHRASE_LEN]; +} __packed; + enum { CXL_PMEM_SEC_PASS_MASTER = 0, CXL_PMEM_SEC_PASS_USER, diff --git a/drivers/cxl/security.c b/drivers/cxl/security.c index 76ec5087f966..4aec8e41e167 100644 --- a/drivers/cxl/security.c +++ b/drivers/cxl/security.c @@ -76,9 +76,39 @@ static int cxl_pmem_security_change_key(struct nvdimm *nvdimm, return rc; } +static int cxl_pmem_security_disable(struct nvdimm *nvdimm, + const struct nvdimm_key_data *key_data) +{ + struct cxl_nvdimm *cxl_nvd = nvdimm_provider_data(nvdimm); + struct cxl_memdev *cxlmd = cxl_nvd->cxlmd; + struct cxl_dev_state *cxlds = cxlmd->cxlds; + struct cxl_disable_pass *dis_pass; + int rc; + + dis_pass = kzalloc(sizeof(*dis_pass), GFP_KERNEL); + if (!dis_pass) + return -ENOMEM; + + /* + * While the CXL spec defines the ability to erase the master passphrase, + * the original nvdimm security ops does not provide that capability. + * In order to preserve backward compatibility, this callback will + * only support disable of user passphrase. The disable master passphrase + * ability will need to be added as a new callback. + */ + dis_pass->type = CXL_PMEM_SEC_PASS_USER; + memcpy(dis_pass->pass, key_data->data, NVDIMM_PASSPHRASE_LEN); + + rc = cxl_mbox_send_cmd(cxlds, CXL_MBOX_OP_DISABLE_PASSPHRASE, + dis_pass, sizeof(*dis_pass), NULL, 0); + kfree(dis_pass); + return rc; +} + static const struct nvdimm_security_ops __cxl_security_ops = { .get_flags = cxl_pmem_get_security_flags, .change_key = cxl_pmem_security_change_key, + .disable = cxl_pmem_security_disable, }; const struct nvdimm_security_ops *cxl_security_ops = &__cxl_security_ops; From patchwork Fri Jul 15 21:09:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919739 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D6D79C43334 for ; Fri, 15 Jul 2022 21:09:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230350AbiGOVJf (ORCPT ); Fri, 15 Jul 2022 17:09:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51368 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230269AbiGOVJ1 (ORCPT ); Fri, 15 Jul 2022 17:09:27 -0400 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5D9FF71BEC for ; Fri, 15 Jul 2022 14:09:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919361; x=1689455361; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=AmRKgFBgyiPqG7OL7LtVwwfafKuadNDkkCfVrQRh8TE=; b=cbskZv/BD+Itn/q0ZpNJisotmX+8sOpGoVgLUFG/WpvAO6gaDkriICgy Apkg62pkY+4QRslEyikaBD2UmlL8G1IXo/FUYU9On2YjJw3r+liEdiIij LsbBiaPJIvITX7KmzBxjqZxNIzI5zHLmAQ4iMeAEugN8xQVotace44n0Q 8QiV9zegiAqSPsAtEEjJOObm6c28ca47AkUCg6dbBjpAXiMkPV+3b3oA/ 4G8wWbL2gywnKSNlceb2wBfTfZKMxfbf+mi7Ho1hv5lalmOefHGP5d+L2 9DOWWcakCP5a57Rl1Bdd0RHm8BaIv2k/ZJtXYPeofhQF555qXQ4PybE8w w==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="311568565" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="311568565" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:13 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="571680678" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:13 -0700 Subject: [PATCH RFC 07/15] tools/testing/cxl: Add "Disable" security opcode support From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:09:12 -0700 Message-ID: <165791935297.2491387.8950514630973579122.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org Add support to emulate a CXL mem device support the "Disable Passphrase" operation. The operation supports disabling of either a user or a master passphrase. The emulation will provide support for both user and master passphrase. Signed-off-by: Dave Jiang --- tools/testing/cxl/test/mem.c | 80 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) diff --git a/tools/testing/cxl/test/mem.c b/tools/testing/cxl/test/mem.c index 796f4f7b5e3d..5f87a94d92ae 100644 --- a/tools/testing/cxl/test/mem.c +++ b/tools/testing/cxl/test/mem.c @@ -235,6 +235,83 @@ static int mock_set_passphrase(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd return 0; } +static int mock_disable_passphrase(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) +{ + struct mock_mdev_data *mdata = dev_get_drvdata(cxlds->dev); + struct cxl_disable_pass *dis_pass; + + if (cmd->size_in != sizeof(*dis_pass)) { + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + + if (cmd->size_out != 0) { + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + + if (mdata->security_state & CXL_PMEM_SEC_STATE_FROZEN) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + dis_pass = cmd->payload_in; + switch (dis_pass->type) { + case CXL_PMEM_SEC_PASS_MASTER: + if (mdata->security_state & CXL_PMEM_SEC_STATE_MASTER_PLIMIT) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + if (!(mdata->security_state & CXL_PMEM_SEC_STATE_MASTER_PASS_SET)) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + if (memcmp(dis_pass->pass, mdata->master_pass, NVDIMM_PASSPHRASE_LEN)) { + if (++mdata->master_limit == PASS_TRY_LIMIT) + mdata->security_state |= CXL_PMEM_SEC_STATE_MASTER_PLIMIT; + cmd->return_code = CXL_MBOX_CMD_RC_PASSPHRASE; + return -ENXIO; + } + + mdata->master_limit = 0; + memset(mdata->master_pass, 0, NVDIMM_PASSPHRASE_LEN); + mdata->security_state &= ~CXL_PMEM_SEC_STATE_MASTER_PASS_SET; + break; + + case CXL_PMEM_SEC_PASS_USER: + if (mdata->security_state & CXL_PMEM_SEC_STATE_USER_PLIMIT) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + if (!(mdata->security_state & CXL_PMEM_SEC_STATE_USER_PASS_SET)) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + if (memcmp(dis_pass->pass, mdata->user_pass, NVDIMM_PASSPHRASE_LEN)) { + if (++mdata->user_limit == PASS_TRY_LIMIT) + mdata->security_state |= CXL_PMEM_SEC_STATE_USER_PLIMIT; + cmd->return_code = CXL_MBOX_CMD_RC_PASSPHRASE; + return -ENXIO; + } + + mdata->user_limit = 0; + memset(mdata->user_pass, 0, NVDIMM_PASSPHRASE_LEN); + mdata->security_state &= ~(CXL_PMEM_SEC_STATE_USER_PASS_SET | + CXL_PMEM_SEC_STATE_LOCKED); + break; + + default: + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + + return 0; +} + static int mock_get_lsa(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) { struct cxl_mbox_get_lsa *get_lsa = cmd->payload_in; @@ -333,6 +410,9 @@ static int cxl_mock_mbox_send(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd * case CXL_MBOX_OP_SET_PASSPHRASE: rc = mock_set_passphrase(cxlds, cmd); break; + case CXL_MBOX_OP_DISABLE_PASSPHRASE: + rc = mock_disable_passphrase(cxlds, cmd); + break; default: break; } From patchwork Fri Jul 15 21:09:18 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919743 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C3C8DC43334 for ; Fri, 15 Jul 2022 21:10:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231713AbiGOVKC (ORCPT ); Fri, 15 Jul 2022 17:10:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52310 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230144AbiGOVJw (ORCPT ); Fri, 15 Jul 2022 17:09:52 -0400 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 116BC804AD for ; Fri, 15 Jul 2022 14:09:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919384; x=1689455384; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=r2aXZnpKaSzek4KrNak5pgYah4lSLSdXiEHloFx2LQg=; b=TQM6WjcznpJOdbIpvzn9gn/cd0C26uOQVXlbyF3w5N+gapkZtAJAHPco q/P3gEUZ1AxK8PbNDLkfGN/wGdBl6mSGLLliTG8uPBc1gwF0ukU+5A2sK 5qIMkN2Ym/JEIiZPsdc/Zf8BV+3N4OaWMwvYVGDrkSg2z42gv9WlP2UjC PvNUJohAl772cxoPi6E2tRc0GddrAZykhObx+aGbPuJtOzGkTuKyIGe6w G+65WXPBjMsrAs4inL8ZWm7fy+5Lrd8nS4vLXHrpvOALk7N27ugx2R2P8 Qtkp9Sf/n1CNih7hYWHD2Th0OOSdjd1Cc/oV/FTz0Kaj4DNzWg8o2QDdx Q==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="372215150" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="372215150" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:19 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="624010379" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:19 -0700 Subject: [PATCH RFC 08/15] cxl/pmem: Add "Freeze Security State" security command support From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:09:18 -0700 Message-ID: <165791935875.2491387.542348076045531850.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org Create callback function to support the nvdimm_security_ops() ->freeze() callback. Translate the operation to send "Freeze Security State" security command for CXL memory device. See CXL 2.0 spec section 8.2.9.5.6.5 for reference. Signed-off-by: Dave Jiang Reviewed-by: Jonathan Cameron --- drivers/cxl/cxlmem.h | 1 + drivers/cxl/security.c | 10 ++++++++++ 2 files changed, 11 insertions(+) diff --git a/drivers/cxl/cxlmem.h b/drivers/cxl/cxlmem.h index 70a1eb7720d3..ced85be291f3 100644 --- a/drivers/cxl/cxlmem.h +++ b/drivers/cxl/cxlmem.h @@ -253,6 +253,7 @@ enum cxl_opcode { CXL_MBOX_OP_GET_SECURITY_STATE = 0x4500, CXL_MBOX_OP_SET_PASSPHRASE = 0x4501, CXL_MBOX_OP_DISABLE_PASSPHRASE = 0x4502, + CXL_MBOX_OP_FREEZE_SECURITY = 0x4504, CXL_MBOX_OP_MAX = 0x10000 }; diff --git a/drivers/cxl/security.c b/drivers/cxl/security.c index 4aec8e41e167..6399266a5908 100644 --- a/drivers/cxl/security.c +++ b/drivers/cxl/security.c @@ -105,10 +105,20 @@ static int cxl_pmem_security_disable(struct nvdimm *nvdimm, return rc; } +static int cxl_pmem_security_freeze(struct nvdimm *nvdimm) +{ + struct cxl_nvdimm *cxl_nvd = nvdimm_provider_data(nvdimm); + struct cxl_memdev *cxlmd = cxl_nvd->cxlmd; + struct cxl_dev_state *cxlds = cxlmd->cxlds; + + return cxl_mbox_send_cmd(cxlds, CXL_MBOX_OP_FREEZE_SECURITY, NULL, 0, NULL, 0); +} + static const struct nvdimm_security_ops __cxl_security_ops = { .get_flags = cxl_pmem_get_security_flags, .change_key = cxl_pmem_security_change_key, .disable = cxl_pmem_security_disable, + .freeze = cxl_pmem_security_freeze, }; const struct nvdimm_security_ops *cxl_security_ops = &__cxl_security_ops; From patchwork Fri Jul 15 21:09:24 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919740 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 717E1C433EF for ; Fri, 15 Jul 2022 21:09:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230259AbiGOVJg (ORCPT ); Fri, 15 Jul 2022 17:09:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51450 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230139AbiGOVJ3 (ORCPT ); Fri, 15 Jul 2022 17:09:29 -0400 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C140170E51 for ; Fri, 15 Jul 2022 14:09:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919365; x=1689455365; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=tCo2bI3por77I/FcOdYtTCzcMFkh1j20dfEew9P9Xns=; b=BeHqBKBfKS+x08eXxgLcvF+cdVJiMuxIuOJfEJ8ljdP7xtha83gh0+Hd CGLjsYXE33uTm5NPsjJTcEsmqwdajKu9NwAnZ7/VWa5ksYbTE0541jS9H aZavD7Q7LCiQOnVJdLKr2plOwRc8dmmH/e0yYxdrEKDZ5RKs0GA5fGr25 9Y3sipvt0BpvjhsJ98py1gpE6FpZ3o69KLaQRj/bXRtAxAt6/NUjtFyUw s3KO+CL2XCNSmWc1wbh/fhtmrEwGdlysrDHm8d5lJlISJNztCE10jwDCa 2JpQ5ZWsj6xjfPLynM6Gza6afKqmIUc9nnXAkWQcqn2wrg2FXD3bgQwYI g==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="266313005" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="266313005" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:25 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="686104370" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:25 -0700 Subject: [PATCH RFC 09/15] tools/testing/cxl: Add "Freeze Security State" security opcode support From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:09:24 -0700 Message-ID: <165791936487.2491387.4663628786437821239.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org Add support to emulate a CXL mem device support the "Freeze Security State" operation. Signed-off-by: Dave Jiang --- tools/testing/cxl/test/mem.c | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/tools/testing/cxl/test/mem.c b/tools/testing/cxl/test/mem.c index 5f87a94d92ae..d8d08a89ec0c 100644 --- a/tools/testing/cxl/test/mem.c +++ b/tools/testing/cxl/test/mem.c @@ -312,6 +312,34 @@ static int mock_disable_passphrase(struct cxl_dev_state *cxlds, struct cxl_mbox_ return 0; } +static int mock_freeze_security(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) +{ + struct mock_mdev_data *mdata = dev_get_drvdata(cxlds->dev); + + if (cmd->size_in != 0) { + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + + if (cmd->size_out != 0) { + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + + if (mdata->security_state & CXL_PMEM_SEC_STATE_FROZEN) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + if (!(mdata->security_state & CXL_PMEM_SEC_STATE_USER_PASS_SET)) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + mdata->security_state |= CXL_PMEM_SEC_STATE_FROZEN; + return 0; +} + static int mock_get_lsa(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) { struct cxl_mbox_get_lsa *get_lsa = cmd->payload_in; @@ -413,6 +441,9 @@ static int cxl_mock_mbox_send(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd * case CXL_MBOX_OP_DISABLE_PASSPHRASE: rc = mock_disable_passphrase(cxlds, cmd); break; + case CXL_MBOX_OP_FREEZE_SECURITY: + rc = mock_freeze_security(cxlds, cmd); + break; default: break; } From patchwork Fri Jul 15 21:09:30 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919741 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 42104C43334 for ; Fri, 15 Jul 2022 21:09:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231453AbiGOVJ5 (ORCPT ); Fri, 15 Jul 2022 17:09:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51638 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231419AbiGOVJu (ORCPT ); Fri, 15 Jul 2022 17:09:50 -0400 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 09BED7AB1F for ; Fri, 15 Jul 2022 14:09:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919378; x=1689455378; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=rtukhubC3aqh2vkOnHVty67vv9kxu5Rbgw6dYyDe7CQ=; b=HrcxHcC0a6KD0ZDl56oMWx1/gyl2iI4oumnANbvJoxrYLq9RT4orWQ4r dCbkSOztzAV88uWBk4v4worbd20eNK1GdsPh8brCBil+yovygFt/DRC0n 47lmqK7ucvouKfJ+2gTPjFnSFVvc/FHpd7S1pvjWd+mNmPjcplcjvSs2+ pCVnd0ak0vhHn3DZEBCZBpW04bjPnBTsWJ20AbUrTgE8GWIdbUKGUwSUS M/deDolbyjuNrIv8WXmY+f5im8d5OrhWipumQ7fZneV56eJWdoWIriI/Y vHz/Kt2Jhai3HKASGvv6o9ip9piWTfXEY1LShI4CjoeuJFWNOfEongo98 A==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="285927463" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="285927463" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:31 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="699348764" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by fmsmga002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:31 -0700 Subject: [PATCH RFC 10/15] x86: add an arch helper function to invalidate all cache for nvdimm From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:09:30 -0700 Message-ID: <165791937063.2491387.15277418618265930924.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org The original implementation to flush all cache after unlocking the nvdimm resides in drivers/acpi/nfit/intel.c. This is a temporary stop gap until nvdimm with security operations arrives on other archs. With support CXL pmem supporting security operations, specifically "unlock" dimm, the need for an arch supported helper function to invalidate all CPU cache for nvdimm has arrived. Remove original implementation from acpi/nfit and add cross arch support for this operation. Add CONFIG_ARCH_HAS_NVDIMM_INVAL_CACHE Kconfig and allow x86_64 to opt in and provide the support via wbinvd_on_all_cpus() call. Signed-off-by: Dave Jiang Signed-off-by: Davidlohr Bueso --- arch/x86/Kconfig | 1 + arch/x86/mm/pat/set_memory.c | 8 ++++++++ drivers/acpi/nfit/intel.c | 28 +++++----------------------- include/linux/libnvdimm.h | 8 ++++++++ lib/Kconfig | 3 +++ 5 files changed, 25 insertions(+), 23 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index be0b95e51df6..8dbe89eba639 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -83,6 +83,7 @@ config X86 select ARCH_HAS_MEMBARRIER_SYNC_CORE select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE select ARCH_HAS_PMEM_API if X86_64 + select ARCH_HAS_NVDIMM_INVAL_CACHE if X86_64 select ARCH_HAS_PTE_DEVMAP if X86_64 select ARCH_HAS_PTE_SPECIAL select ARCH_HAS_UACCESS_FLUSHCACHE if X86_64 diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c index 1abd5438f126..e4cd1286deef 100644 --- a/arch/x86/mm/pat/set_memory.c +++ b/arch/x86/mm/pat/set_memory.c @@ -330,6 +330,14 @@ void arch_invalidate_pmem(void *addr, size_t size) EXPORT_SYMBOL_GPL(arch_invalidate_pmem); #endif +#ifdef CONFIG_ARCH_HAS_NVDIMM_INVAL_CACHE +void arch_invalidate_nvdimm_cache(void) +{ + wbinvd_on_all_cpus(); +} +EXPORT_SYMBOL_GPL(arch_invalidate_nvdimm_cache); +#endif + static void __cpa_flush_all(void *arg) { unsigned long cache = (unsigned long)arg; diff --git a/drivers/acpi/nfit/intel.c b/drivers/acpi/nfit/intel.c index 8dd792a55730..242d2e9203e9 100644 --- a/drivers/acpi/nfit/intel.c +++ b/drivers/acpi/nfit/intel.c @@ -190,8 +190,6 @@ static int intel_security_change_key(struct nvdimm *nvdimm, } } -static void nvdimm_invalidate_cache(void); - static int __maybe_unused intel_security_unlock(struct nvdimm *nvdimm, const struct nvdimm_key_data *key_data) { @@ -228,7 +226,7 @@ static int __maybe_unused intel_security_unlock(struct nvdimm *nvdimm, } /* DIMM unlocked, invalidate all CPU caches before we read it */ - nvdimm_invalidate_cache(); + arch_invalidate_nvdimm_cache(); return 0; } @@ -298,7 +296,7 @@ static int __maybe_unused intel_security_erase(struct nvdimm *nvdimm, return -ENOTTY; /* flush all cache before we erase DIMM */ - nvdimm_invalidate_cache(); + arch_invalidate_nvdimm_cache(); memcpy(nd_cmd.cmd.passphrase, key->data, sizeof(nd_cmd.cmd.passphrase)); rc = nvdimm_ctl(nvdimm, ND_CMD_CALL, &nd_cmd, sizeof(nd_cmd), NULL); @@ -318,7 +316,7 @@ static int __maybe_unused intel_security_erase(struct nvdimm *nvdimm, } /* DIMM erased, invalidate all CPU caches before we read it */ - nvdimm_invalidate_cache(); + arch_invalidate_nvdimm_cache(); return 0; } @@ -355,7 +353,7 @@ static int __maybe_unused intel_security_query_overwrite(struct nvdimm *nvdimm) } /* flush all cache before we make the nvdimms available */ - nvdimm_invalidate_cache(); + arch_invalidate_nvdimm_cache(); return 0; } @@ -381,7 +379,7 @@ static int __maybe_unused intel_security_overwrite(struct nvdimm *nvdimm, return -ENOTTY; /* flush all cache before we erase DIMM */ - nvdimm_invalidate_cache(); + arch_invalidate_nvdimm_cache(); memcpy(nd_cmd.cmd.passphrase, nkey->data, sizeof(nd_cmd.cmd.passphrase)); rc = nvdimm_ctl(nvdimm, ND_CMD_CALL, &nd_cmd, sizeof(nd_cmd), NULL); @@ -401,22 +399,6 @@ static int __maybe_unused intel_security_overwrite(struct nvdimm *nvdimm, } } -/* - * TODO: define a cross arch wbinvd equivalent when/if - * NVDIMM_FAMILY_INTEL command support arrives on another arch. - */ -#ifdef CONFIG_X86 -static void nvdimm_invalidate_cache(void) -{ - wbinvd_on_all_cpus(); -} -#else -static void nvdimm_invalidate_cache(void) -{ - WARN_ON_ONCE("cache invalidation required after unlock\n"); -} -#endif - static const struct nvdimm_security_ops __intel_security_ops = { .get_flags = intel_security_flags, .freeze = intel_security_freeze, diff --git a/include/linux/libnvdimm.h b/include/linux/libnvdimm.h index 0d61e07b6827..455d54ec3c86 100644 --- a/include/linux/libnvdimm.h +++ b/include/linux/libnvdimm.h @@ -308,4 +308,12 @@ static inline void arch_invalidate_pmem(void *addr, size_t size) } #endif +#ifdef CONFIG_ARCH_HAS_NVDIMM_INVAL_CACHE +void arch_invalidate_nvdimm_cache(void); +#else +static inline void arch_invalidate_nvdimm_cache(void) +{ +} +#endif + #endif /* __LIBNVDIMM_H__ */ diff --git a/lib/Kconfig b/lib/Kconfig index eaaad4d85bf2..d4bc48eea635 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -652,6 +652,9 @@ config ARCH_NO_SG_CHAIN config ARCH_HAS_PMEM_API bool +config ARCH_HAS_NVDIMM_INVAL_CACHE + bool + config MEMREGION bool From patchwork Fri Jul 15 21:09:36 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919742 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A9924C433EF for ; Fri, 15 Jul 2022 21:09:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231879AbiGOVJ5 (ORCPT ); Fri, 15 Jul 2022 17:09:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52234 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231660AbiGOVJu (ORCPT ); Fri, 15 Jul 2022 17:09:50 -0400 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 04C4A7436A for ; Fri, 15 Jul 2022 14:09:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919378; x=1689455378; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=SiRuRk9Q3gpxaUHCA0EXScnQYKNtaFE65XGq4hLyZY4=; b=MX2BfxDKZjKgq9U1xqYhFISvpHxbxlZlBPGEZq57YFl/Tz7Alz8BeLXz 2zO4tj7Xxen8uX+TJgXsg6KpVdK4IYUUesY5CQslcvrUYjLR3y/oRxzbW hRufrQYXgICvi5g2XXhKi1ke6L5v/WxovtHgX/Uzn4tltR5DDlyrCt/Sy V4MgkS+sBe9/Nkk8gYM/pVVpnB8BserLN4C+sQPPQpTjyz0Qlq7MT3GYZ 5fbDo0iOtCeITT2xo0WeUVezbZ2L3Lw96uHmfi0Y7Z/piuGJRl6U4OmlM lGqvUVZrtAdg9lSK98gR8t+WHNApYEH7G7HqHsK+13TO2vIzD7TE2D9CI A==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="286636663" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="286636663" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:37 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="699348781" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by fmsmga002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:36 -0700 Subject: [PATCH RFC 11/15] cxl/pmem: Add "Unlock" security command support From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:09:36 -0700 Message-ID: <165791937639.2491387.6281906434880014077.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org Create callback function to support the nvdimm_security_ops() ->unlock() callback. Translate the operation to send "Unlock" security command for CXL mem device. When the mem device is unlocked, arch_invalidate_nvdimm_cache() is called in order to invalidate all CPU caches before attempting to access the mem device. See CXL 2.0 spec section 8.2.9.5.6.4 for reference. Signed-off-by: Dave Jiang --- drivers/cxl/cxlmem.h | 1 + drivers/cxl/security.c | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/drivers/cxl/cxlmem.h b/drivers/cxl/cxlmem.h index ced85be291f3..ae8ccd484491 100644 --- a/drivers/cxl/cxlmem.h +++ b/drivers/cxl/cxlmem.h @@ -253,6 +253,7 @@ enum cxl_opcode { CXL_MBOX_OP_GET_SECURITY_STATE = 0x4500, CXL_MBOX_OP_SET_PASSPHRASE = 0x4501, CXL_MBOX_OP_DISABLE_PASSPHRASE = 0x4502, + CXL_MBOX_OP_UNLOCK = 0x4503, CXL_MBOX_OP_FREEZE_SECURITY = 0x4504, CXL_MBOX_OP_MAX = 0x10000 }; diff --git a/drivers/cxl/security.c b/drivers/cxl/security.c index 6399266a5908..d15520f280f0 100644 --- a/drivers/cxl/security.c +++ b/drivers/cxl/security.c @@ -114,11 +114,32 @@ static int cxl_pmem_security_freeze(struct nvdimm *nvdimm) return cxl_mbox_send_cmd(cxlds, CXL_MBOX_OP_FREEZE_SECURITY, NULL, 0, NULL, 0); } +static int cxl_pmem_security_unlock(struct nvdimm *nvdimm, + const struct nvdimm_key_data *key_data) +{ + struct cxl_nvdimm *cxl_nvd = nvdimm_provider_data(nvdimm); + struct cxl_memdev *cxlmd = cxl_nvd->cxlmd; + struct cxl_dev_state *cxlds = cxlmd->cxlds; + u8 pass[NVDIMM_PASSPHRASE_LEN]; + int rc; + + memcpy(pass, key_data->data, NVDIMM_PASSPHRASE_LEN); + rc = cxl_mbox_send_cmd(cxlds, CXL_MBOX_OP_UNLOCK, + pass, NVDIMM_PASSPHRASE_LEN, NULL, 0); + if (rc < 0) + return rc; + + /* DIMM unlocked, invalidate all CPU caches before we read it */ + arch_invalidate_nvdimm_cache(); + return 0; +} + static const struct nvdimm_security_ops __cxl_security_ops = { .get_flags = cxl_pmem_get_security_flags, .change_key = cxl_pmem_security_change_key, .disable = cxl_pmem_security_disable, .freeze = cxl_pmem_security_freeze, + .unlock = cxl_pmem_security_unlock, }; const struct nvdimm_security_ops *cxl_security_ops = &__cxl_security_ops; From patchwork Fri Jul 15 21:09:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919744 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 51731C43334 for ; Fri, 15 Jul 2022 21:10:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231175AbiGOVKD (ORCPT ); Fri, 15 Jul 2022 17:10:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52316 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230515AbiGOVJw (ORCPT ); Fri, 15 Jul 2022 17:09:52 -0400 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 112E080491 for ; Fri, 15 Jul 2022 14:09:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919384; x=1689455384; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ALbb4cXTY9+mqVlkMTirRejxV8Px6TRXuQbpHZxnCkw=; b=L079wNoGfYVavhk5/yxcZK96YUvOg8gs+ja6t8G126xhHca67eP2NRoB klwQ1GgBgLD06mrCqtS479y/RBkeNipWc9EBDqCousDpHf730d3Y6F1oE 80+CGAT0IB6iY1WYIBQE87SynkJyynX2NzW1U7Dd35yk133yJ14XJNHZC uBroHaJSpKNUtzikFG9J5EADwTj2+0e6jtYFyMCh+VROLKGCp82c+9Jjl dWA6aAgpF9AEEj4vSyV3nhRcelnYx+n4qAMMiqU9nzjpJizLpCbZK5Swz vUGZ5uaxpPziq++7k8EN5vC//vS8IM978lU/NhN5CRBbtpFVo0kBCKP3n A==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="285927483" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="285927483" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:43 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="546797763" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:42 -0700 Subject: [PATCH RFC 12/15] tools/testing/cxl: Add "Unlock" security opcode support From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:09:42 -0700 Message-ID: <165791938203.2491387.12136394174353676616.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org Add support to emulate a CXL mem device support the "Unlock" operation. Signed-off-by: Dave Jiang --- tools/testing/cxl/test/mem.c | 49 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/tools/testing/cxl/test/mem.c b/tools/testing/cxl/test/mem.c index d8d08a89ec0c..55a83896ccb8 100644 --- a/tools/testing/cxl/test/mem.c +++ b/tools/testing/cxl/test/mem.c @@ -340,6 +340,52 @@ static int mock_freeze_security(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd return 0; } +static int mock_unlock_security(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) +{ + struct mock_mdev_data *mdata = dev_get_drvdata(cxlds->dev); + + if (cmd->size_in != NVDIMM_PASSPHRASE_LEN) { + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + + if (cmd->size_out != 0) { + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + + if (mdata->security_state & CXL_PMEM_SEC_STATE_FROZEN) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + if (!(mdata->security_state & CXL_PMEM_SEC_STATE_USER_PASS_SET)) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + if (mdata->security_state & CXL_PMEM_SEC_STATE_USER_PLIMIT) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + if (!(mdata->security_state & CXL_PMEM_SEC_STATE_LOCKED)) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + if (memcmp(cmd->payload_in, mdata->user_pass, NVDIMM_PASSPHRASE_LEN)) { + if (++mdata->user_limit == PASS_TRY_LIMIT) + mdata->security_state |= CXL_PMEM_SEC_STATE_USER_PLIMIT; + cmd->return_code = CXL_MBOX_CMD_RC_PASSPHRASE; + return -ENXIO; + } + + mdata->user_limit = 0; + mdata->security_state &= ~CXL_PMEM_SEC_STATE_LOCKED; + return 0; +} + static int mock_get_lsa(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) { struct cxl_mbox_get_lsa *get_lsa = cmd->payload_in; @@ -444,6 +490,9 @@ static int cxl_mock_mbox_send(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd * case CXL_MBOX_OP_FREEZE_SECURITY: rc = mock_freeze_security(cxlds, cmd); break; + case CXL_MBOX_OP_UNLOCK: + rc = mock_unlock_security(cxlds, cmd); + break; default: break; } From patchwork Fri Jul 15 21:09:48 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919745 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0AAB9C43334 for ; Fri, 15 Jul 2022 21:10:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230270AbiGOVKO (ORCPT ); Fri, 15 Jul 2022 17:10:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52476 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231187AbiGOVJ4 (ORCPT ); Fri, 15 Jul 2022 17:09:56 -0400 Received: from mga06.intel.com (mga06b.intel.com [134.134.136.31]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3C72E8720A for ; Fri, 15 Jul 2022 14:09:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919390; x=1689455390; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=L/mYFlodFVBIt1ciLDhpJOinYXzfR4o+44dbw4W6rrc=; b=OqaTkFi90K9f0+IHeRJjNtOGU2+Lfgk++uvdonkgauSWRuA6EPfzoCtS 2K2e+kLH7nFFusnErIdRggwq1DHi1PkgJjmjN7C9TDnUxmOmW35CTxhAb CtS7JIUC/NtdUQdPP+xZCz8ETta/2Xc3augWcHVU6XC2pAAhj3y1fR83g w+uk/WtY8F/cHnIvdSVLQ0q7quzZxOpTpPj/ithdMpCAcJFNoEsKipMVE nXV879PrJEAxTG0WJicNMRkVIZ+zSfb0C/DYfrJtrSF2R8s0O4Jo0vkGS /hIHf5M7hWmAhWLnPq7KYSl0oIYmU2QVY0YmugCwPnZ6Ag1dwbBCjwJpw w==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="347588043" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="347588043" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:49 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="571680911" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:48 -0700 Subject: [PATCH RFC 13/15] cxl/pmem: Add "Passphrase Secure Erase" security command support From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:09:48 -0700 Message-ID: <165791938847.2491387.8701829648751368015.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org Create callback function to support the nvdimm_security_ops() ->erase() callback. Translate the operation to send "Passphrase Secure Erase" security command for CXL memory device. When the mem device is secure erased, arch_invalidate_nvdimm_cache() is called in order to invalidate all CPU caches before attempting to access the mem device again. See CXL 2.0 spec section 8.2.9.5.6.6 for reference. Signed-off-by: Dave Jiang Signed-off-by: Davidlohr Bueso --- drivers/cxl/cxlmem.h | 8 ++++++++ drivers/cxl/security.c | 29 +++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) diff --git a/drivers/cxl/cxlmem.h b/drivers/cxl/cxlmem.h index ae8ccd484491..4bcb02f625b4 100644 --- a/drivers/cxl/cxlmem.h +++ b/drivers/cxl/cxlmem.h @@ -255,6 +255,7 @@ enum cxl_opcode { CXL_MBOX_OP_DISABLE_PASSPHRASE = 0x4502, CXL_MBOX_OP_UNLOCK = 0x4503, CXL_MBOX_OP_FREEZE_SECURITY = 0x4504, + CXL_MBOX_OP_PASSPHRASE_ERASE = 0x4505, CXL_MBOX_OP_MAX = 0x10000 }; @@ -369,6 +370,13 @@ struct cxl_disable_pass { u8 pass[NVDIMM_PASSPHRASE_LEN]; } __packed; +/* passphrase erase payload */ +struct cxl_pass_erase { + u8 type; + u8 reserved[31]; + u8 pass[NVDIMM_PASSPHRASE_LEN]; +} __packed; + enum { CXL_PMEM_SEC_PASS_MASTER = 0, CXL_PMEM_SEC_PASS_USER, diff --git a/drivers/cxl/security.c b/drivers/cxl/security.c index d15520f280f0..4add7f62e758 100644 --- a/drivers/cxl/security.c +++ b/drivers/cxl/security.c @@ -134,12 +134,41 @@ static int cxl_pmem_security_unlock(struct nvdimm *nvdimm, return 0; } +static int cxl_pmem_security_passphrase_erase(struct nvdimm *nvdimm, + const struct nvdimm_key_data *key, + enum nvdimm_passphrase_type ptype) +{ + struct cxl_nvdimm *cxl_nvd = nvdimm_provider_data(nvdimm); + struct cxl_memdev *cxlmd = cxl_nvd->cxlmd; + struct cxl_dev_state *cxlds = cxlmd->cxlds; + struct cxl_pass_erase *erase; + int rc; + + erase = kzalloc(sizeof(*erase), GFP_KERNEL); + if (!erase) + return -ENOMEM; + + erase->type = ptype == NVDIMM_MASTER ? + CXL_PMEM_SEC_PASS_MASTER : CXL_PMEM_SEC_PASS_USER; + memcpy(erase->pass, key->data, NVDIMM_PASSPHRASE_LEN); + rc = cxl_mbox_send_cmd(cxlds, CXL_MBOX_OP_PASSPHRASE_ERASE, + erase, sizeof(*erase), NULL, 0); + kfree(erase); + if (rc < 0) + return rc; + + /* DIMM erased, invalidate all CPU caches before we read it */ + arch_invalidate_nvdimm_cache(); + return 0; +} + static const struct nvdimm_security_ops __cxl_security_ops = { .get_flags = cxl_pmem_get_security_flags, .change_key = cxl_pmem_security_change_key, .disable = cxl_pmem_security_disable, .freeze = cxl_pmem_security_freeze, .unlock = cxl_pmem_security_unlock, + .erase = cxl_pmem_security_passphrase_erase, }; const struct nvdimm_security_ops *cxl_security_ops = &__cxl_security_ops; From patchwork Fri Jul 15 21:09:54 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919746 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 36170C433EF for ; Fri, 15 Jul 2022 21:10:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231419AbiGOVKU (ORCPT ); Fri, 15 Jul 2022 17:10:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52264 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231699AbiGOVJ7 (ORCPT ); Fri, 15 Jul 2022 17:09:59 -0400 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 61F9B70E49 for ; Fri, 15 Jul 2022 14:09:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919395; x=1689455395; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Rt4NRzraM8H7oR+YcFFuexpJF7C1WRDOymTTRbaTF3A=; b=aulaGEp5BSYTRNLIUkU4jhyKSPK+sGzNZDTYliclPlK9tmpAEBqtm/yV 86DzfUC7s8viyb6MXbLcSdFHNbXKA6upOBkfsZSvQvl2nv24zLGs07JIn XZztC4fagw9GVuFHbmALbgkZZ5Vm/dMl0zfW5PwJf71qDfb307/RJ+1o1 DYd3m60OXGsBDmk6fqlIE4DaE92odFxfaLSCG2GAfP97SCeHoedmZF4ey B4c5kF/+gLrSFOdgK2arOaWMd4nDwRbM9ge2aKQ9y6EdUCXLjALfFGqtK y7TzxwTRXQQVO92YREB9lUcQ4o8BE3sjgPByvgdE9RkdDZAUA6dxfGxz+ w==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="285927525" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="285927525" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:55 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="738805189" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:09:54 -0700 Subject: [PATCH RFC 14/15] tools/testing/cxl: Add "passphrase secure erase" opcode support From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:09:54 -0700 Message-ID: <165791939444.2491387.15869736767745094334.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org Add support to emulate a CXL mem device support the "passphrase secure erase" operation. Signed-off-by: Dave Jiang --- tools/testing/cxl/test/mem.c | 59 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) diff --git a/tools/testing/cxl/test/mem.c b/tools/testing/cxl/test/mem.c index 55a83896ccb8..ebc5e8768019 100644 --- a/tools/testing/cxl/test/mem.c +++ b/tools/testing/cxl/test/mem.c @@ -386,6 +386,62 @@ static int mock_unlock_security(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd return 0; } +static int mock_passphrase_erase(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) +{ + struct mock_mdev_data *mdata = dev_get_drvdata(cxlds->dev); + struct cxl_pass_erase *erase; + + if (cmd->size_in != sizeof(*erase)) { + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + + if (cmd->size_out != 0) { + cmd->return_code = CXL_MBOX_CMD_RC_INPUT; + return -EINVAL; + } + + if (mdata->security_state & CXL_PMEM_SEC_STATE_FROZEN) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + if (mdata->security_state & CXL_PMEM_SEC_STATE_USER_PLIMIT) { + cmd->return_code = CXL_MBOX_CMD_RC_SECURITY; + return -ENXIO; + } + + if (erase->type == CXL_PMEM_SEC_PASS_MASTER && + mdata->security_state & CXL_PMEM_SEC_STATE_MASTER_PASS_SET && + memcmp(mdata->master_pass, erase->pass, NVDIMM_PASSPHRASE_LEN)) { + if (++mdata->master_limit == PASS_TRY_LIMIT) + mdata->security_state |= CXL_PMEM_SEC_STATE_MASTER_PLIMIT; + cmd->return_code = CXL_MBOX_CMD_RC_PASSPHRASE; + return -ENXIO; + } + + if (erase->type == CXL_PMEM_SEC_PASS_USER && + mdata->security_state & CXL_PMEM_SEC_STATE_USER_PASS_SET && + memcmp(mdata->user_pass, erase->pass, NVDIMM_PASSPHRASE_LEN)) { + if (++mdata->user_limit == PASS_TRY_LIMIT) + mdata->security_state |= CXL_PMEM_SEC_STATE_USER_PLIMIT; + cmd->return_code = CXL_MBOX_CMD_RC_PASSPHRASE; + return -ENXIO; + } + + if (erase->type == CXL_PMEM_SEC_PASS_USER) { + mdata->security_state &= ~CXL_PMEM_SEC_STATE_USER_PASS_SET; + mdata->user_limit = 0; + memset(mdata->user_pass, 0, NVDIMM_PASSPHRASE_LEN); + } else if (erase->type == CXL_PMEM_SEC_PASS_MASTER) { + mdata->master_limit = 0; + } + + mdata->security_state &= ~CXL_PMEM_SEC_STATE_LOCKED; + + return 0; +} + static int mock_get_lsa(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd) { struct cxl_mbox_get_lsa *get_lsa = cmd->payload_in; @@ -493,6 +549,9 @@ static int cxl_mock_mbox_send(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd * case CXL_MBOX_OP_UNLOCK: rc = mock_unlock_security(cxlds, cmd); break; + case CXL_MBOX_OP_PASSPHRASE_ERASE: + rc = mock_passphrase_erase(cxlds, cmd); + break; default: break; } From patchwork Fri Jul 15 21:10:00 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 12919747 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7BB8CC433EF for ; Fri, 15 Jul 2022 21:10:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230474AbiGOVKX (ORCPT ); Fri, 15 Jul 2022 17:10:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51598 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231490AbiGOVKE (ORCPT ); Fri, 15 Jul 2022 17:10:04 -0400 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C363F78224 for ; Fri, 15 Jul 2022 14:10:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657919401; x=1689455401; h=subject:from:to:cc:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=gFdu+GYkijOGsJbm6XpIIfeJDUF+PDzXjZkXHW/IJDE=; b=Ld/UOP2dRT68iCYuqQLqoeRZzfc3IXGnJHiSHp3Da/fSTp48rUGpzRjr XBftNwqwJP5IyjbTG288M0MXrbxvHvYMdIG44TrgrzA3UlbMVcXJBOdua ba+zxxgwFEhwEpwhQAEe6od82rOzDw/8RU2riWKJ625ISFiITSZHMc8Iu vlsJ2s8yLRlMei7Rbds3mrqYUx0XRASgxQEXCig9EARP0sRPduNady9Sj NJq/icrSc/u/iHZN479pJsn6kBFQ9Pn6cKPL3CWMNFUa7GsOqQir3DQV7 QRymMnbXFBY0aiRbyvaiGlO6NbBSfPiQlOOOYAdKLGBK8sNpsgTR0xR8M g==; X-IronPort-AV: E=McAfee;i="6400,9594,10409"; a="266313104" X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="266313104" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:10:01 -0700 X-IronPort-AV: E=Sophos;i="5.92,275,1650956400"; d="scan'208";a="624010662" Received: from djiang5-desk3.ch.intel.com ([143.182.136.137]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2022 14:10:00 -0700 Subject: [PATCH RFC 15/15] nvdimm/cxl/pmem: Add support for master passphrase disable security command From: Dave Jiang To: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev Cc: dan.j.williams@intel.com, bwidawsk@kernel.org, ira.weiny@intel.com, vishal.l.verma@intel.com, alison.schofield@intel.com, dave@stgolabs.net Date: Fri, 15 Jul 2022 14:10:00 -0700 Message-ID: <165791940024.2491387.14002847822890520271.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> References: <165791918718.2491387.4203738301057301285.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/1.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-cxl@vger.kernel.org The original nvdimm_security_ops ->disable() only supports user passphrase for security disable. The CXL spec introduced the disabling of master passphrase. Add a ->disable_master() callback to support this new operation and leaving the old ->disable() mechanism alone. A "disable_master" command is added for the sysfs attribute in order to allow command to be issued from userspace. ndctl will need enabling in order to utilize this new operation. Signed-off-by: Dave Jiang --- drivers/cxl/security.c | 28 ++++++++++++++++++---------- drivers/nvdimm/security.c | 33 ++++++++++++++++++++++++++------- include/linux/libnvdimm.h | 2 ++ 3 files changed, 46 insertions(+), 17 deletions(-) diff --git a/drivers/cxl/security.c b/drivers/cxl/security.c index 4add7f62e758..3dc04b50afaf 100644 --- a/drivers/cxl/security.c +++ b/drivers/cxl/security.c @@ -76,8 +76,9 @@ static int cxl_pmem_security_change_key(struct nvdimm *nvdimm, return rc; } -static int cxl_pmem_security_disable(struct nvdimm *nvdimm, - const struct nvdimm_key_data *key_data) +static int __cxl_pmem_security_disable(struct nvdimm *nvdimm, + const struct nvdimm_key_data *key_data, + enum nvdimm_passphrase_type ptype) { struct cxl_nvdimm *cxl_nvd = nvdimm_provider_data(nvdimm); struct cxl_memdev *cxlmd = cxl_nvd->cxlmd; @@ -89,14 +90,8 @@ static int cxl_pmem_security_disable(struct nvdimm *nvdimm, if (!dis_pass) return -ENOMEM; - /* - * While the CXL spec defines the ability to erase the master passphrase, - * the original nvdimm security ops does not provide that capability. - * In order to preserve backward compatibility, this callback will - * only support disable of user passphrase. The disable master passphrase - * ability will need to be added as a new callback. - */ - dis_pass->type = CXL_PMEM_SEC_PASS_USER; + dis_pass->type = ptype == NVDIMM_MASTER ? + CXL_PMEM_SEC_PASS_MASTER : CXL_PMEM_SEC_PASS_USER; memcpy(dis_pass->pass, key_data->data, NVDIMM_PASSPHRASE_LEN); rc = cxl_mbox_send_cmd(cxlds, CXL_MBOX_OP_DISABLE_PASSPHRASE, @@ -105,6 +100,18 @@ static int cxl_pmem_security_disable(struct nvdimm *nvdimm, return rc; } +static int cxl_pmem_security_disable(struct nvdimm *nvdimm, + const struct nvdimm_key_data *key_data) +{ + return __cxl_pmem_security_disable(nvdimm, key_data, NVDIMM_USER); +} + +static int cxl_pmem_security_disable_master(struct nvdimm *nvdimm, + const struct nvdimm_key_data *key_data) +{ + return __cxl_pmem_security_disable(nvdimm, key_data, NVDIMM_MASTER); +} + static int cxl_pmem_security_freeze(struct nvdimm *nvdimm) { struct cxl_nvdimm *cxl_nvd = nvdimm_provider_data(nvdimm); @@ -169,6 +176,7 @@ static const struct nvdimm_security_ops __cxl_security_ops = { .freeze = cxl_pmem_security_freeze, .unlock = cxl_pmem_security_unlock, .erase = cxl_pmem_security_passphrase_erase, + .disable = cxl_pmem_security_disable_master, }; const struct nvdimm_security_ops *cxl_security_ops = &__cxl_security_ops; diff --git a/drivers/nvdimm/security.c b/drivers/nvdimm/security.c index b5aa55c61461..c1c9d0feae9d 100644 --- a/drivers/nvdimm/security.c +++ b/drivers/nvdimm/security.c @@ -239,7 +239,8 @@ static int check_security_state(struct nvdimm *nvdimm) return 0; } -static int security_disable(struct nvdimm *nvdimm, unsigned int keyid) +static int security_disable(struct nvdimm *nvdimm, unsigned int keyid, + enum nvdimm_passphrase_type pass_type) { struct device *dev = &nvdimm->dev; struct nvdimm_bus *nvdimm_bus = walk_to_nvdimm_bus(dev); @@ -250,8 +251,13 @@ static int security_disable(struct nvdimm *nvdimm, unsigned int keyid) /* The bus lock should be held at the top level of the call stack */ lockdep_assert_held(&nvdimm_bus->reconfig_mutex); - if (!nvdimm->sec.ops || !nvdimm->sec.ops->disable - || !nvdimm->sec.flags) + if (!nvdimm->sec.ops || !nvdimm->sec.flags) + return -EOPNOTSUPP; + + if (pass_type == NVDIMM_USER && !nvdimm->sec.ops->disable) + return -EOPNOTSUPP; + + if (pass_type == NVDIMM_MASTER && !nvdimm->sec.ops->disable_master) return -EOPNOTSUPP; rc = check_security_state(nvdimm); @@ -263,12 +269,21 @@ static int security_disable(struct nvdimm *nvdimm, unsigned int keyid) if (!data) return -ENOKEY; - rc = nvdimm->sec.ops->disable(nvdimm, data); - dev_dbg(dev, "key: %d disable: %s\n", key_serial(key), + if (pass_type == NVDIMM_MASTER) { + rc = nvdimm->sec.ops->disable_master(nvdimm, data); + dev_dbg(dev, "key: %d disable_master: %s\n", key_serial(key), rc == 0 ? "success" : "fail"); + } else { + rc = nvdimm->sec.ops->disable(nvdimm, data); + dev_dbg(dev, "key: %d disable: %s\n", key_serial(key), + rc == 0 ? "success" : "fail"); + } nvdimm_put_key(key); - nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_USER); + if (pass_type == NVDIMM_MASTER) + nvdimm->sec.ext_flags = nvdimm_security_flags(nvdimm, NVDIMM_MASTER); + else + nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_USER); return rc; } @@ -473,6 +488,7 @@ void nvdimm_security_overwrite_query(struct work_struct *work) #define OPS \ C( OP_FREEZE, "freeze", 1), \ C( OP_DISABLE, "disable", 2), \ + C( OP_DISABLE_MASTER, "disable_master", 2), \ C( OP_UPDATE, "update", 3), \ C( OP_ERASE, "erase", 2), \ C( OP_OVERWRITE, "overwrite", 2), \ @@ -524,7 +540,10 @@ ssize_t nvdimm_security_store(struct device *dev, const char *buf, size_t len) rc = nvdimm_security_freeze(nvdimm); } else if (i == OP_DISABLE) { dev_dbg(dev, "disable %u\n", key); - rc = security_disable(nvdimm, key); + rc = security_disable(nvdimm, key, NVDIMM_USER); + } else if (i == OP_DISABLE_MASTER) { + dev_dbg(dev, "disable_master %u\n", key); + rc = security_disable(nvdimm, key, NVDIMM_MASTER); } else if (i == OP_UPDATE || i == OP_MASTER_UPDATE) { dev_dbg(dev, "%s %u %u\n", ops[i].name, key, newkey); rc = security_update(nvdimm, key, newkey, i == OP_UPDATE diff --git a/include/linux/libnvdimm.h b/include/linux/libnvdimm.h index 455d54ec3c86..07e4e7572089 100644 --- a/include/linux/libnvdimm.h +++ b/include/linux/libnvdimm.h @@ -179,6 +179,8 @@ struct nvdimm_security_ops { int (*overwrite)(struct nvdimm *nvdimm, const struct nvdimm_key_data *key_data); int (*query_overwrite)(struct nvdimm *nvdimm); + int (*disable_master)(struct nvdimm *nvdimm, + const struct nvdimm_key_data *key_data); }; enum nvdimm_fwa_state {