[PATCH v2] nvme/core: Check for Security send/recv support before issuing commands.

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH v2] nvme/core: Check for Security send/recv support before issuing commands.
@ 2017-02-16 22:17 Scott Bauer
  2017-02-16 22:38 ` Jon Derrick
  0 siblings, 1 reply; 3+ messages in thread
From: Scott Bauer @ 2017-02-16 22:17 UTC (permalink / raw)


We need to verify that the controller supports the security
commands before actually trying to issue them.

Signed-off-by: Scott Bauer <scott.bauer at intel.com>
---
 drivers/nvme/host/core.c | 4 ++++
 drivers/nvme/host/nvme.h | 1 +
 include/linux/nvme.h     | 1 +
 3 files changed, 6 insertions(+)

diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
index 8aeb4a6..5e0cf2b 100644
--- a/drivers/nvme/host/core.c
+++ b/drivers/nvme/host/core.c
@@ -1091,6 +1091,9 @@ int nvme_sec_submit(void *data, u16 spsp, u8 secp, void *buffer, size_t len,
 	struct nvme_ctrl *ctrl = data;
 	struct nvme_command cmd;
 
+	if (!(ctrl->oacs & NVME_CTRL_OACS_SEC_SUPP))
+		return -EOPNOTSUPP;
+
 	memset(&cmd, 0, sizeof(cmd));
 	if (send)
 		cmd.common.opcode = nvme_admin_security_send;
@@ -1285,6 +1288,7 @@ int nvme_init_identify(struct nvme_ctrl *ctrl)
 		return -EIO;
 	}
 
+	ctrl->oacs = le16_to_cpu(id->oacs);
 	ctrl->vid = le16_to_cpu(id->vid);
 	ctrl->oncs = le16_to_cpup(&id->oncs);
 	atomic_set(&ctrl->abort_limit, id->acl + 1);
diff --git a/drivers/nvme/host/nvme.h b/drivers/nvme/host/nvme.h
index 5126c4b..14cfc6f 100644
--- a/drivers/nvme/host/nvme.h
+++ b/drivers/nvme/host/nvme.h
@@ -140,6 +140,7 @@ struct nvme_ctrl {
 	u32 max_hw_sectors;
 	u16 oncs;
 	u16 vid;
+	u16 oacs;
 	atomic_t abort_limit;
 	u8 event_limit;
 	u8 vwc;
diff --git a/include/linux/nvme.h b/include/linux/nvme.h
index 3e2ed49..0b676a0 100644
--- a/include/linux/nvme.h
+++ b/include/linux/nvme.h
@@ -244,6 +244,7 @@ enum {
 	NVME_CTRL_ONCS_DSM			= 1 << 2,
 	NVME_CTRL_ONCS_WRITE_ZEROES		= 1 << 3,
 	NVME_CTRL_VWC_PRESENT			= 1 << 0,
+	NVME_CTRL_OACS_SEC_SUPP                 = 1 << 0,
 };
 
 struct nvme_lbaf {
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 3+ messages in thread

* [PATCH v2] nvme/core: Check for Security send/recv support before issuing commands.
  2017-02-16 22:17 [PATCH v2] nvme/core: Check for Security send/recv support before issuing commands Scott Bauer
@ 2017-02-16 22:38 ` Jon Derrick
  2017-02-17  8:24   ` Christoph Hellwig
  0 siblings, 1 reply; 3+ messages in thread
From: Jon Derrick @ 2017-02-16 22:38 UTC (permalink / raw)


Looks fine,
Reviewed-by: Jon Derrick <jonathan.derrick at intel.com>

On 02/16/2017 03:17 PM, Scott Bauer wrote:
> We need to verify that the controller supports the security
> commands before actually trying to issue them.
> 
> Signed-off-by: Scott Bauer <scott.bauer at intel.com>
> ---
>  drivers/nvme/host/core.c | 4 ++++
>  drivers/nvme/host/nvme.h | 1 +
>  include/linux/nvme.h     | 1 +
>  3 files changed, 6 insertions(+)
> 
> diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
> index 8aeb4a6..5e0cf2b 100644
> --- a/drivers/nvme/host/core.c
> +++ b/drivers/nvme/host/core.c
> @@ -1091,6 +1091,9 @@ int nvme_sec_submit(void *data, u16 spsp, u8 secp, void *buffer, size_t len,
>  	struct nvme_ctrl *ctrl = data;
>  	struct nvme_command cmd;
>  
> +	if (!(ctrl->oacs & NVME_CTRL_OACS_SEC_SUPP))
> +		return -EOPNOTSUPP;
> +
>  	memset(&cmd, 0, sizeof(cmd));
>  	if (send)
>  		cmd.common.opcode = nvme_admin_security_send;
> @@ -1285,6 +1288,7 @@ int nvme_init_identify(struct nvme_ctrl *ctrl)
>  		return -EIO;
>  	}
>  
> +	ctrl->oacs = le16_to_cpu(id->oacs);
>  	ctrl->vid = le16_to_cpu(id->vid);
>  	ctrl->oncs = le16_to_cpup(&id->oncs);
>  	atomic_set(&ctrl->abort_limit, id->acl + 1);
> diff --git a/drivers/nvme/host/nvme.h b/drivers/nvme/host/nvme.h
> index 5126c4b..14cfc6f 100644
> --- a/drivers/nvme/host/nvme.h
> +++ b/drivers/nvme/host/nvme.h
> @@ -140,6 +140,7 @@ struct nvme_ctrl {
>  	u32 max_hw_sectors;
>  	u16 oncs;
>  	u16 vid;
> +	u16 oacs;
>  	atomic_t abort_limit;
>  	u8 event_limit;
>  	u8 vwc;
> diff --git a/include/linux/nvme.h b/include/linux/nvme.h
> index 3e2ed49..0b676a0 100644
> --- a/include/linux/nvme.h
> +++ b/include/linux/nvme.h
> @@ -244,6 +244,7 @@ enum {
>  	NVME_CTRL_ONCS_DSM			= 1 << 2,
>  	NVME_CTRL_ONCS_WRITE_ZEROES		= 1 << 3,
>  	NVME_CTRL_VWC_PRESENT			= 1 << 0,
> +	NVME_CTRL_OACS_SEC_SUPP                 = 1 << 0,
>  };
>  
>  struct nvme_lbaf {
> 

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [PATCH v2] nvme/core: Check for Security send/recv support before issuing commands.
  2017-02-16 22:38 ` Jon Derrick
@ 2017-02-17  8:24   ` Christoph Hellwig
  0 siblings, 0 replies; 3+ messages in thread
From: Christoph Hellwig @ 2017-02-17  8:24 UTC (permalink / raw)


On Thu, Feb 16, 2017@03:38:53PM -0700, Jon Derrick wrote:
> Looks fine,
> Reviewed-by: Jon Derrick <jonathan.derrick at intel.com>

I think we need to do this from nvme_reset before calling into
the OPAL code (or any other security protocol in the future).

I'll prepare a patch.

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2017-02-17  8:24 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-02-16 22:17 [PATCH v2] nvme/core: Check for Security send/recv support before issuing commands Scott Bauer
2017-02-16 22:38 ` Jon Derrick
2017-02-17  8:24   ` Christoph Hellwig

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.