From: Jonathan Cameron <Jonathan.Cameron@Huawei.com>
To: Davidlohr Bueso <dave@stgolabs.net>
Cc: <dan.j.williams@intel.com>, <dave.jiang@intel.com>,
<alison.schofield@intel.com>, <ira.weiny@intel.com>,
<vishal.l.verma@intel.com>, <fan.ni@samsung.com>,
<a.manzanares@samsung.com>, <linux-cxl@vger.kernel.org>
Subject: Re: [PATCH 6/7] cxl/mem: Support Secure Erase
Date: Thu, 11 May 2023 16:10:27 +0100 [thread overview]
Message-ID: <20230511161027.00005413@Huawei.com> (raw)
In-Reply-To: <20230421092321.12741-7-dave@stgolabs.net>
On Fri, 21 Apr 2023 02:23:20 -0700
Davidlohr Bueso <dave@stgolabs.net> wrote:
> Implement support for the non-pmem exclusive secure erase, per
> CXL specs. Create a write-only 'security/erase' sysfs file to
> perform the requested operation.
>
> As with the sanitation this requires the device being offline
> and thus no active HPA-DPA decoding.
>
> The expectation is that userspace can use it such as:
>
> cxl disable-memdev memX
> echo 1 > /sys/bus/cxl/devices/memX/security/erase
> cxl enable-memdev memX
>
> Signed-off-by: Davidlohr Bueso <dave@stgolabs.net>
> ---
> Documentation/ABI/testing/sysfs-bus-cxl | 10 ++++++++
> drivers/cxl/core/mbox.c | 6 ++++-
> drivers/cxl/core/memdev.c | 34 +++++++++++++++++++++++++
> drivers/cxl/cxlmem.h | 1 +
> 4 files changed, 50 insertions(+), 1 deletion(-)
>
> diff --git a/Documentation/ABI/testing/sysfs-bus-cxl b/Documentation/ABI/testing/sysfs-bus-cxl
> index 2e98ec9220ca..af7b603faf77 100644
> --- a/Documentation/ABI/testing/sysfs-bus-cxl
> +++ b/Documentation/ABI/testing/sysfs-bus-cxl
> @@ -77,6 +77,16 @@ Description:
> completion.
>
>
> +What /sys/bus/cxl/devices/memX/security/erase
> +Date: May, 2023
> +KernelVersion: v6.5
> +Contact: linux-cxl@vger.kernel.org
> +Description:
> + (WO) Write a boolean 'true' string value to this attribute to
> + secure erase user data by changing the media encryption keys for
> + all user data areas of the device.
> +
> +
> What: /sys/bus/cxl/devices/*/devtype
> Date: June, 2021
> KernelVersion: v5.14
> diff --git a/drivers/cxl/core/mbox.c b/drivers/cxl/core/mbox.c
> index 28daf7dcdec4..a2180f3e09eb 100644
> --- a/drivers/cxl/core/mbox.c
> +++ b/drivers/cxl/core/mbox.c
> @@ -1049,7 +1049,7 @@ int cxl_mem_sanitize(struct cxl_dev_state *cxlds, u16 cmd)
> };
> struct cxl_mbox_cmd mbox_cmd = { .opcode = cmd };
>
> - if (cmd != CXL_MBOX_OP_SANITIZE)
> + if (cmd != CXL_MBOX_OP_SANITIZE && cmd != CXL_MBOX_OP_SECURE_ERASE)
> return -EINVAL;
>
> rc = cxl_internal_send_cmd(cxlds, &sec_cmd);
> @@ -1067,6 +1067,10 @@ int cxl_mem_sanitize(struct cxl_dev_state *cxlds, u16 cmd)
> if (sec_out & CXL_PMEM_SEC_STATE_USER_PASS_SET)
> return -EINVAL;
>
> + if (cmd == CXL_MBOX_OP_SECURE_ERASE &&
> + sec_out & CXL_PMEM_SEC_STATE_LOCKED)
> + return -EINVAL;
> +
> rc = cxl_internal_send_cmd(cxlds, &mbox_cmd);
> if (rc < 0) {
> dev_err(cxlds->dev, "Failed to sanitize device : %d", rc);
> diff --git a/drivers/cxl/core/memdev.c b/drivers/cxl/core/memdev.c
> index 70e7158826c9..6406e8e47da2 100644
> --- a/drivers/cxl/core/memdev.c
> +++ b/drivers/cxl/core/memdev.c
> @@ -138,6 +138,39 @@ static struct device_attribute dev_attr_security_sanitize =
> __ATTR(sanitize, 0644,
> security_sanitize_show, security_sanitize_store);
>
> +static ssize_t security_erase_store(struct device *dev,
> + struct device_attribute *attr,
> + const char *buf, size_t len)
> +{
> + struct cxl_memdev *cxlmd = to_cxl_memdev(dev);
> + struct cxl_dev_state *cxlds = cxlmd->cxlds;
> + ssize_t rc;
> + bool erase;
> +
> + rc = kstrtobool(buf, &erase);
> + if (rc)
> + return rc;
> +
> + if (erase) {
As with earlier patch, I'd flip the logic.
> + struct cxl_port *port = dev_get_drvdata(&cxlmd->dev);
> +
> + if (!port || !is_cxl_endpoint(port))
> + return -EINVAL;
> + /* ensure no regions are mapped to this memdev */
> + if (port->commit_end != -1)
> + return -EBUSY;
> +
> + rc = cxl_mem_sanitize(cxlds, CXL_MBOX_OP_SECURE_ERASE);
and use a simple error check here.
> + }
> +
> + if (rc == 0)
> + rc = len;
> + return rc;
> +}
> +
> +static struct device_attribute dev_attr_security_erase =
> + __ATTR(erase, 0200, NULL, security_erase_store);
> +
> static ssize_t serial_show(struct device *dev, struct device_attribute *attr,
> char *buf)
> {
> @@ -199,6 +232,7 @@ static struct attribute_group cxl_memdev_pmem_attribute_group = {
>
> static struct attribute *cxl_memdev_security_attributes[] = {
> &dev_attr_security_sanitize.attr,
> + &dev_attr_security_erase.attr,
> NULL,
> };
>
> diff --git a/drivers/cxl/cxlmem.h b/drivers/cxl/cxlmem.h
> index 9bd33cfdc0ec..f8b513e70c21 100644
> --- a/drivers/cxl/cxlmem.h
> +++ b/drivers/cxl/cxlmem.h
> @@ -345,6 +345,7 @@ enum cxl_opcode {
> CXL_MBOX_OP_SCAN_MEDIA = 0x4304,
> CXL_MBOX_OP_GET_SCAN_MEDIA = 0x4305,
> CXL_MBOX_OP_SANITIZE = 0x4400,
> + CXL_MBOX_OP_SECURE_ERASE = 0x4401,
> CXL_MBOX_OP_GET_SECURITY_STATE = 0x4500,
> CXL_MBOX_OP_SET_PASSPHRASE = 0x4501,
> CXL_MBOX_OP_DISABLE_PASSPHRASE = 0x4502,
next prev parent reply other threads:[~2023-05-11 15:10 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-21 9:23 [PATCH v4 0/7] cxl: Background cmds and device sanitation Davidlohr Bueso
2023-04-21 9:23 ` [PATCH 1/7] cxl/pci: Allocate irq vectors earlier in pci probe Davidlohr Bueso
2023-04-28 16:09 ` Dave Jiang
2023-05-11 13:55 ` Jonathan Cameron
2023-04-21 9:23 ` [PATCH 2/7] cxl/mbox: Add background cmd handling machinery Davidlohr Bueso
2023-04-23 7:54 ` Li, Ming
2023-04-23 20:51 ` Davidlohr Bueso
2023-04-28 16:21 ` Dave Jiang
2023-04-28 17:18 ` Davidlohr Bueso
2023-04-28 21:04 ` Dave Jiang
2023-04-28 22:03 ` Davidlohr Bueso
2023-05-01 15:56 ` Davidlohr Bueso
2023-05-11 14:23 ` Jonathan Cameron
2023-05-11 16:04 ` Davidlohr Bueso
2023-05-12 17:05 ` Jonathan Cameron
2023-04-21 9:23 ` [PATCH 3/7] cxl/mbox: Add sanitation " Davidlohr Bueso
2023-04-28 16:43 ` Dave Jiang
2023-04-28 16:46 ` Davidlohr Bueso
2023-04-28 17:37 ` Dave Jiang
2023-05-11 14:45 ` Jonathan Cameron
2023-05-11 16:48 ` Davidlohr Bueso
2023-05-12 17:02 ` Jonathan Cameron
2023-04-21 9:23 ` [PATCH 4/7] cxl/mem: Wire up Sanitation support Davidlohr Bueso
2023-04-21 20:04 ` kernel test robot
2023-04-21 20:24 ` kernel test robot
2023-05-11 15:07 ` Jonathan Cameron
2023-05-11 17:23 ` Davidlohr Bueso
2023-05-12 17:00 ` Jonathan Cameron
2023-04-21 9:23 ` [PATCH 5/7] cxl/test: Add Sanitize opcode support Davidlohr Bueso
2023-05-11 15:09 ` Jonathan Cameron
2023-05-11 15:13 ` Davidlohr Bueso
2023-04-21 9:23 ` [PATCH 6/7] cxl/mem: Support Secure Erase Davidlohr Bueso
2023-05-11 15:10 ` Jonathan Cameron [this message]
2023-04-21 9:23 ` [PATCH 7/7] cxl/test: Add Secure Erase opcode support Davidlohr Bueso
2023-05-11 15:10 ` Jonathan Cameron
2023-04-23 2:05 ` [PATCH v4 0/7] cxl: Background cmds and device sanitation Davidlohr Bueso
-- strict thread matches above, loose matches on Subject: below --
2023-06-12 18:10 [PATCH v6 0/7] cxl: Support " Davidlohr Bueso
2023-06-12 18:10 ` [PATCH 6/7] cxl/mem: Support Secure Erase Davidlohr Bueso
2023-02-24 19:46 [PATCH v3 0/7] cxl: Background cmds and device sanitation Davidlohr Bueso
2023-02-24 19:46 ` [PATCH 6/7] cxl/mem: Support Secure Erase Davidlohr Bueso
2023-02-28 18:31 ` Dave Jiang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230511161027.00005413@Huawei.com \
--to=jonathan.cameron@huawei.com \
--cc=a.manzanares@samsung.com \
--cc=alison.schofield@intel.com \
--cc=dan.j.williams@intel.com \
--cc=dave.jiang@intel.com \
--cc=dave@stgolabs.net \
--cc=fan.ni@samsung.com \
--cc=ira.weiny@intel.com \
--cc=linux-cxl@vger.kernel.org \
--cc=vishal.l.verma@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.