From: Jonathan Cameron <Jonathan.Cameron@Huawei.com>
To: Dan Williams <dan.j.williams@intel.com>
Cc: <linux-cxl@vger.kernel.org>, <dave.jiang@intel.com>,
<ira.weiny@intel.com>
Subject: Re: [PATCH 4/4] cxl/security: Drop security command ioctl uapi
Date: Thu, 8 Dec 2022 10:51:12 +0000 [thread overview]
Message-ID: <20221208105112.00003e44@Huawei.com> (raw)
In-Reply-To: <167030056464.4044561.11486507095384253833.stgit@dwillia2-xfh.jf.intel.com>
On Mon, 05 Dec 2022 20:22:44 -0800
Dan Williams <dan.j.williams@intel.com> wrote:
> CXL PMEM security operations are routed through the NVDIMM sysfs
> interface. For this reason the corresponding commands are marked
> "exclusive" to preclude collisions between the ioctl ABI and the sysfs
> ABI. However, a better way to preclude that collision is to simply
> remove the ioctl ABI (command-id definitions) for those operations.
>
> Now that cxl_internal_send_cmd() (formerly cxl_mbox_send_cmd()) no
> longer needs to talk the cxl_mem_commands array, all of the uapi
> definitions for the security commands can be dropped.
>
> These never appeared in a released kernel, so no regression risk.
>
> Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Makes sense
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
> ---
> drivers/cxl/core/mbox.c | 17 -----------------
> include/uapi/linux/cxl_mem.h | 6 ------
> 2 files changed, 23 deletions(-)
>
> diff --git a/drivers/cxl/core/mbox.c b/drivers/cxl/core/mbox.c
> index c36a3589377a..b03fba212799 100644
> --- a/drivers/cxl/core/mbox.c
> +++ b/drivers/cxl/core/mbox.c
> @@ -65,12 +65,6 @@ static struct cxl_mem_command cxl_mem_commands[CXL_MEM_COMMAND_ID_MAX] = {
> CXL_CMD(GET_SCAN_MEDIA_CAPS, 0x10, 0x4, 0),
> CXL_CMD(SCAN_MEDIA, 0x11, 0, 0),
> CXL_CMD(GET_SCAN_MEDIA, 0, CXL_VARIABLE_PAYLOAD, 0),
> - CXL_CMD(GET_SECURITY_STATE, 0, 0x4, 0),
> - CXL_CMD(SET_PASSPHRASE, 0x60, 0, 0),
> - CXL_CMD(DISABLE_PASSPHRASE, 0x40, 0, 0),
> - CXL_CMD(FREEZE_SECURITY, 0, 0, 0),
> - CXL_CMD(UNLOCK, 0x20, 0, 0),
> - CXL_CMD(PASSPHRASE_SECURE_ERASE, 0x40, 0, 0),
> };
>
> /*
> @@ -717,17 +711,6 @@ int cxl_enumerate_cmds(struct cxl_dev_state *cxlds)
> /* Found the required CEL */
> rc = 0;
> }
> -
> - /*
> - * Setup permanently kernel exclusive commands, i.e. the
> - * mechanism is driven through sysfs, keyctl, etc...
> - */
> - set_bit(CXL_MEM_COMMAND_ID_SET_PASSPHRASE, cxlds->exclusive_cmds);
> - set_bit(CXL_MEM_COMMAND_ID_DISABLE_PASSPHRASE, cxlds->exclusive_cmds);
> - set_bit(CXL_MEM_COMMAND_ID_UNLOCK, cxlds->exclusive_cmds);
> - set_bit(CXL_MEM_COMMAND_ID_PASSPHRASE_SECURE_ERASE,
> - cxlds->exclusive_cmds);
> -
> out:
> kvfree(gsl);
> return rc;
> diff --git a/include/uapi/linux/cxl_mem.h b/include/uapi/linux/cxl_mem.h
> index 82bdad4ce5de..c71021a2a9ed 100644
> --- a/include/uapi/linux/cxl_mem.h
> +++ b/include/uapi/linux/cxl_mem.h
> @@ -41,12 +41,6 @@
> ___C(GET_SCAN_MEDIA_CAPS, "Get Scan Media Capabilities"), \
> ___C(SCAN_MEDIA, "Scan Media"), \
> ___C(GET_SCAN_MEDIA, "Get Scan Media Results"), \
> - ___C(GET_SECURITY_STATE, "Get Security State"), \
> - ___C(SET_PASSPHRASE, "Set Passphrase"), \
> - ___C(DISABLE_PASSPHRASE, "Disable Passphrase"), \
> - ___C(FREEZE_SECURITY, "Freeze Security"), \
> - ___C(UNLOCK, "Unlock"), \
> - ___C(PASSPHRASE_SECURE_ERASE, "Passphrase Secure Erase"), \
> ___C(MAX, "invalid / last command")
>
> #define ___C(a, b) CXL_MEM_COMMAND_ID_##a
>
prev parent reply other threads:[~2022-12-08 10:59 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-06 4:22 [PATCH 0/4] cxl/mbox: Output payload validation reworks Dan Williams
2022-12-06 4:22 ` [PATCH 1/4] cxl/security: Fix Get Security State output payload endian handling Dan Williams
2022-12-06 6:07 ` Ira Weiny
2022-12-06 16:21 ` Dave Jiang
2022-12-08 10:52 ` Jonathan Cameron
2022-12-06 4:22 ` [PATCH 2/4] cxl/mbox: Enable cxl_mbox_send_cmd() users to validate output size Dan Williams
2022-12-06 6:27 ` Ira Weiny
2022-12-06 16:35 ` Dave Jiang
2022-12-08 11:01 ` Jonathan Cameron
2022-12-06 4:22 ` [PATCH 3/4] cxl/mbox: Add variable output size validation for internal commands Dan Williams
2022-12-06 6:36 ` Ira Weiny
2022-12-06 16:53 ` Dave Jiang
2022-12-08 11:03 ` Jonathan Cameron
2022-12-08 21:24 ` Alison Schofield
2022-12-06 4:22 ` [PATCH 4/4] cxl/security: Drop security command ioctl uapi Dan Williams
2022-12-06 6:38 ` Ira Weiny
2022-12-06 16:56 ` Dave Jiang
2022-12-08 10:51 ` Jonathan Cameron [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221208105112.00003e44@Huawei.com \
--to=jonathan.cameron@huawei.com \
--cc=dan.j.williams@intel.com \
--cc=dave.jiang@intel.com \
--cc=ira.weiny@intel.com \
--cc=linux-cxl@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.