Re: [PATCH v2 18/19] libnvdimm: Introduce CONFIG_NVDIMM_SECURITY_TEST flag

Linux CXL
 help / color / mirror / Atom feed

From: Jonathan Cameron <Jonathan.Cameron@Huawei.com>
To: Dave Jiang <dave.jiang@intel.com>
Cc: <linux-cxl@vger.kernel.org>, <nvdimm@lists.linux.dev>,
	<dan.j.williams@intel.com>, <bwidawsk@kernel.org>,
	<ira.weiny@intel.com>, <vishal.l.verma@intel.com>,
	<alison.schofield@intel.com>, <dave@stgolabs.net>
Subject: Re: [PATCH v2 18/19] libnvdimm: Introduce CONFIG_NVDIMM_SECURITY_TEST flag
Date: Mon, 7 Nov 2022 16:01:24 +0000	[thread overview]
Message-ID: <20221107160124.00005223@Huawei.com> (raw)
In-Reply-To: <166377439534.430546.10690686781480251163.stgit@djiang5-desk3.ch.intel.com>

On Wed, 21 Sep 2022 08:33:15 -0700
Dave Jiang <dave.jiang@intel.com> wrote:

> nfit_test overrode the security_show() sysfs attribute function in nvdimm
> dimm_devs in order to allow testing of security unlock. With the
> introduction of CXL security commands, the trick to override
> security_show() becomes significantly more complicated. By introdcing a
> security flag CONFIG_NVDIMM_SECURITY_TEST, libnvdimm can just toggle the
> check via a compile option. In addition the original override can can be
> removed from tools/testing/nvdimm/.
> 
> Signed-off-by: Dave Jiang <dave.jiang@intel.com>
> ---
>  drivers/nvdimm/Kconfig           |    9 +++++++++
>  drivers/nvdimm/dimm_devs.c       |    9 ++++++++-
>  drivers/nvdimm/security.c        |    4 ++++
>  tools/testing/nvdimm/Kbuild      |    1 -
>  tools/testing/nvdimm/dimm_devs.c |   30 ------------------------------
>  5 files changed, 21 insertions(+), 32 deletions(-)
>  delete mode 100644 tools/testing/nvdimm/dimm_devs.c
> 
> diff --git a/drivers/nvdimm/Kconfig b/drivers/nvdimm/Kconfig
> index 5a29046e3319..fd336d138eda 100644
> --- a/drivers/nvdimm/Kconfig
> +++ b/drivers/nvdimm/Kconfig
> @@ -114,4 +114,13 @@ config NVDIMM_TEST_BUILD
>  	  core devm_memremap_pages() implementation and other
>  	  infrastructure.
>  
> +config NVDIMM_SECURITY_TEST
> +	bool "Nvdimm security test code toggle"
> +	depends on NVDIMM_KEYS
> +	help
> +	  Debug flag for security testing when using nfit_test or cxl_test
> +	  modules in tools/testing/.
> +
> +	  Select Y if using nfit_test or cxl_test for security testing.

Probably want to say it if has any unfortunate side effects when not doing
such testing.  Distros will want guidance on whether to enable.

Jonathan

> +

next prev parent reply	other threads:[~2022-11-07 16:01 UTC|newest]

Thread overview: 52+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-09-21 15:31 [PATCH v2 00/19] Introduce security commands for CXL pmem device Dave Jiang
2022-09-21 15:31 ` [PATCH v2 01/19] memregion: Add cpu_cache_invalidate_memregion() interface Dave Jiang
2022-10-13  0:14   ` [PATCH v3] " Davidlohr Bueso
2022-09-21 15:31 ` [PATCH v2 02/19] cxl/pmem: Introduce nvdimm_security_ops with ->get_flags() operation Dave Jiang
2022-09-21 21:07   ` Davidlohr Bueso
2022-09-21 15:31 ` [PATCH v2 03/19] tools/testing/cxl: Add "Get Security State" opcode support Dave Jiang
2022-11-04 12:28   ` Jonathan Cameron
2022-09-21 15:31 ` [PATCH v2 04/19] cxl/pmem: Add "Set Passphrase" security command support Dave Jiang
2022-09-21 20:06   ` Davidlohr Bueso
2022-09-21 15:31 ` [PATCH v2 05/19] tools/testing/cxl: Add "Set Passphrase" opcode support Dave Jiang
2022-11-04 13:56   ` Jonathan Cameron
2022-09-21 15:32 ` [PATCH v2 06/19] cxl/pmem: Add Disable Passphrase security command support Dave Jiang
2022-09-21 20:09   ` Davidlohr Bueso
2022-09-21 15:32 ` [PATCH v2 07/19] tools/testing/cxl: Add "Disable" security opcode support Dave Jiang
2022-11-07 14:36   ` Jonathan Cameron
2022-09-21 15:32 ` [PATCH v2 08/19] cxl/pmem: Add "Freeze Security State" security command support Dave Jiang
2022-09-21 20:25   ` Davidlohr Bueso
2022-09-21 15:32 ` [PATCH v2 09/19] tools/testing/cxl: Add "Freeze Security State" security opcode support Dave Jiang
2022-11-07 14:44   ` Jonathan Cameron
2022-11-07 19:01     ` Dave Jiang
2022-11-11 10:27       ` Jonathan Cameron
2022-09-21 15:32 ` [PATCH v2 10/19] cxl/pmem: Add "Unlock" security command support Dave Jiang
2022-09-21 21:49   ` Davidlohr Bueso
2022-11-07 14:55   ` Jonathan Cameron
2022-09-21 15:32 ` [PATCH v2 11/19] tools/testing/cxl: Add "Unlock" security opcode support Dave Jiang
2022-11-07 15:00   ` Jonathan Cameron
2022-09-21 15:32 ` [PATCH v2 12/19] cxl/pmem: Add "Passphrase Secure Erase" security command support Dave Jiang
2022-09-21 20:15   ` Davidlohr Bueso
2022-09-21 21:23     ` Dave Jiang
2022-09-29 16:56   ` Davidlohr Bueso
2022-11-07 15:25   ` Jonathan Cameron
2022-11-07 20:19     ` Dave Jiang
2022-09-21 15:32 ` [PATCH v2 13/19] tools/testing/cxl: Add "passphrase secure erase" opcode support Dave Jiang
2022-11-07 15:35   ` Jonathan Cameron
2022-11-07 21:58     ` Dave Jiang
2022-09-21 15:32 ` [PATCH v2 14/19] nvdimm/cxl/pmem: Add support for master passphrase disable security command Dave Jiang
2022-11-07 15:38   ` Jonathan Cameron
2022-09-21 15:32 ` [PATCH v2 15/19] cxl/pmem: add id attribute to CXL based nvdimm Dave Jiang
2022-11-07 15:41   ` Jonathan Cameron
2022-09-21 15:33 ` [PATCH v2 16/19] tools/testing/cxl: add mechanism to lock mem device for testing Dave Jiang
2022-11-07 15:56   ` Jonathan Cameron
2022-11-07 22:33     ` Dave Jiang
2022-09-21 15:33 ` [PATCH v2 17/19] cxl/pmem: add provider name to cxl pmem dimm attribute group Dave Jiang
2022-11-07 15:58   ` Jonathan Cameron
2022-11-07 23:46     ` Dave Jiang
2022-09-21 15:33 ` [PATCH v2 18/19] libnvdimm: Introduce CONFIG_NVDIMM_SECURITY_TEST flag Dave Jiang
2022-11-07 16:01   ` Jonathan Cameron [this message]
2022-11-07 23:46     ` Dave Jiang
2022-09-21 15:33 ` [PATCH v2 19/19] cxl: add dimm_id support for __nvdimm_create() Dave Jiang
2022-09-23 10:31   ` Davidlohr Bueso
2022-09-23 16:18     ` Dave Jiang
2022-11-07 16:05   ` Jonathan Cameron

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221107160124.00005223@Huawei.com \
    --to=jonathan.cameron@huawei.com \
    --cc=alison.schofield@intel.com \
    --cc=bwidawsk@kernel.org \
    --cc=dan.j.williams@intel.com \
    --cc=dave.jiang@intel.com \
    --cc=dave@stgolabs.net \
    --cc=ira.weiny@intel.com \
    --cc=linux-cxl@vger.kernel.org \
    --cc=nvdimm@lists.linux.dev \
    --cc=vishal.l.verma@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox