From: Jonathan Cameron <Jonathan.Cameron@Huawei.com>
To: Dave Jiang <dave.jiang@intel.com>
Cc: <linux-cxl@vger.kernel.org>, <nvdimm@lists.linux.dev>,
<dan.j.williams@intel.com>, <ira.weiny@intel.com>,
<vishal.l.verma@intel.com>, <alison.schofield@intel.com>,
<dave@stgolabs.net>
Subject: Re: [PATCH v7 18/20] cxl: bypass cpu_cache_invalidate_memregion() when in test config
Date: Thu, 1 Dec 2022 11:11:59 +0000 [thread overview]
Message-ID: <20221201111159.00002ce5@Huawei.com> (raw)
In-Reply-To: <166983619332.2734609.2800078343178136915.stgit@djiang5-desk3.ch.intel.com>
On Wed, 30 Nov 2022 12:23:13 -0700
Dave Jiang <dave.jiang@intel.com> wrote:
> Bypass cpu_cache_invalidate_memregion() and checks when doing testing
> using CONFIG_NVDIMM_SECURITY_TEST flag. The bypass allows testing on
> QEMU where cpu_cache_has_invalidate_memregion() fails. Usage of
> cpu_cache_invalidate_memregion() is not needed for cxl_test security
> testing.
>
> Signed-off-by: Dave Jiang <dave.jiang@intel.com>
Subject to naming discussion resolving, this looks good to me..
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
> ---
> drivers/cxl/security.c | 35 ++++++++++++++++++++++++++++++-----
> 1 file changed, 30 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/cxl/security.c b/drivers/cxl/security.c
> index cbd005ceb091..2b5088af8fc4 100644
> --- a/drivers/cxl/security.c
> +++ b/drivers/cxl/security.c
> @@ -111,6 +111,31 @@ static int cxl_pmem_security_freeze(struct nvdimm *nvdimm)
> return cxl_mbox_send_cmd(cxlds, CXL_MBOX_OP_FREEZE_SECURITY, NULL, 0, NULL, 0);
> }
>
> +static bool cxl_has_invalidate_memregion(struct cxl_nvdimm *cxl_nvd)
> +{
> + if (!cpu_cache_has_invalidate_memregion()) {
> + if (IS_ENABLED(CONFIG_NVDIMM_SECURITY_TEST)) {
> + dev_warn_once(&cxl_nvd->dev,
> + "Bypassing cpu_cache_has_invalidate_memregion() check for testing!\n");
> + return true;
> + }
> + return false;
> + }
> +
> + return true;
> +}
> +
> +static void cxl_invalidate_memregion(struct cxl_nvdimm *cxl_nvd)
> +{
> + if (IS_ENABLED(CONFIG_NVDIMM_SECURITY_TEST)) {
> + dev_warn_once(&cxl_nvd->dev,
> + "Bypassing cpu_cache_invalidate_memergion() for testing!\n");
> + return;
> + }
> +
> + cpu_cache_invalidate_memregion(IORES_DESC_PERSISTENT_MEMORY);
> +}
> +
> static int cxl_pmem_security_unlock(struct nvdimm *nvdimm,
> const struct nvdimm_key_data *key_data)
> {
> @@ -120,7 +145,7 @@ static int cxl_pmem_security_unlock(struct nvdimm *nvdimm,
> u8 pass[NVDIMM_PASSPHRASE_LEN];
> int rc;
>
> - if (!cpu_cache_has_invalidate_memregion())
> + if (!cxl_has_invalidate_memregion(cxl_nvd))
> return -EINVAL;
>
> memcpy(pass, key_data->data, NVDIMM_PASSPHRASE_LEN);
> @@ -130,7 +155,7 @@ static int cxl_pmem_security_unlock(struct nvdimm *nvdimm,
> return rc;
>
> /* DIMM unlocked, invalidate all CPU caches before we read it */
> - cpu_cache_invalidate_memregion(IORES_DESC_PERSISTENT_MEMORY);
> + cxl_invalidate_memregion(cxl_nvd);
> return 0;
> }
>
> @@ -144,21 +169,21 @@ static int cxl_pmem_security_passphrase_erase(struct nvdimm *nvdimm,
> struct cxl_pass_erase erase;
> int rc;
>
> - if (!cpu_cache_has_invalidate_memregion())
> + if (!cxl_has_invalidate_memregion(cxl_nvd))
> return -EINVAL;
>
> erase.type = ptype == NVDIMM_MASTER ?
> CXL_PMEM_SEC_PASS_MASTER : CXL_PMEM_SEC_PASS_USER;
> memcpy(erase.pass, key->data, NVDIMM_PASSPHRASE_LEN);
> /* Flush all cache before we erase mem device */
> - cpu_cache_invalidate_memregion(IORES_DESC_PERSISTENT_MEMORY);
> + cxl_invalidate_memregion(cxl_nvd);
> rc = cxl_mbox_send_cmd(cxlds, CXL_MBOX_OP_PASSPHRASE_SECURE_ERASE,
> &erase, sizeof(erase), NULL, 0);
> if (rc < 0)
> return rc;
>
> /* mem device erased, invalidate all CPU caches before data is read */
> - cpu_cache_invalidate_memregion(IORES_DESC_PERSISTENT_MEMORY);
> + cxl_invalidate_memregion(cxl_nvd);
> return 0;
> }
>
>
>
next prev parent reply other threads:[~2022-12-01 11:17 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-30 19:21 [PATCH v7 00/20] Introduce security commands for CXL pmem device Dave Jiang
2022-11-30 19:21 ` [PATCH v7 01/20] cxl/pmem: Introduce nvdimm_security_ops with ->get_flags() operation Dave Jiang
2023-02-28 15:09 ` Jonathan Cameron
2023-03-01 23:06 ` [PATCH] cxl: fix compile warning for cxl_security_ops extern Dave Jiang
2023-03-02 0:17 ` Alison Schofield
2023-08-16 18:07 ` Alison Schofield
2023-03-03 12:15 ` Jonathan Cameron
2023-08-04 18:02 ` Alison Schofield
2022-11-30 19:21 ` [PATCH v7 02/20] tools/testing/cxl: Add "Get Security State" opcode support Dave Jiang
2022-11-30 19:21 ` [PATCH v7 03/20] cxl/pmem: Add "Set Passphrase" security command support Dave Jiang
2022-11-30 19:21 ` [PATCH v7 04/20] tools/testing/cxl: Add "Set Passphrase" opcode support Dave Jiang
2022-11-30 19:21 ` [PATCH v7 05/20] cxl/pmem: Add Disable Passphrase security command support Dave Jiang
2022-11-30 19:22 ` [PATCH v7 06/20] tools/testing/cxl: Add "Disable" security opcode support Dave Jiang
2022-11-30 19:22 ` [PATCH v7 07/20] cxl/pmem: Add "Freeze Security State" security command support Dave Jiang
2022-11-30 19:22 ` [PATCH v7 08/20] tools/testing/cxl: Add "Freeze Security State" security opcode support Dave Jiang
2022-11-30 19:22 ` [PATCH v7 09/20] cxl/pmem: Add "Unlock" security command support Dave Jiang
2022-11-30 19:22 ` [PATCH v7 10/20] tools/testing/cxl: Add "Unlock" security opcode support Dave Jiang
2022-11-30 19:22 ` [PATCH v7 11/20] cxl/pmem: Add "Passphrase Secure Erase" security command support Dave Jiang
2022-11-30 19:22 ` [PATCH v7 12/20] tools/testing/cxl: Add "passphrase secure erase" opcode support Dave Jiang
2022-11-30 19:22 ` [PATCH v7 13/20] nvdimm/cxl/pmem: Add support for master passphrase disable security command Dave Jiang
2022-11-30 19:22 ` [PATCH v7 14/20] cxl/pmem: add id attribute to CXL based nvdimm Dave Jiang
2022-11-30 19:22 ` [PATCH v7 15/20] tools/testing/cxl: add mechanism to lock mem device for testing Dave Jiang
2022-11-30 19:23 ` [PATCH v7 16/20] cxl/pmem: add provider name to cxl pmem dimm attribute group Dave Jiang
2022-11-30 19:23 ` [PATCH v7 17/20] libnvdimm: Introduce CONFIG_NVDIMM_SECURITY_TEST flag Dave Jiang
2022-11-30 19:23 ` [PATCH v7 18/20] cxl: bypass cpu_cache_invalidate_memregion() when in test config Dave Jiang
2022-11-30 22:16 ` Davidlohr Bueso
2022-11-30 23:54 ` Dan Williams
2022-12-01 1:51 ` Davidlohr Bueso
2022-12-01 3:05 ` Dan Williams
2022-12-01 11:11 ` Jonathan Cameron [this message]
2022-11-30 19:23 ` [PATCH v7 19/20] acpi/nfit: " Dave Jiang
2022-12-01 11:22 ` Jonathan Cameron
2022-11-30 19:23 ` [PATCH v7 20/20] cxl: add dimm_id support for __nvdimm_create() Dave Jiang
2022-12-01 2:20 ` Dan Williams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221201111159.00002ce5@Huawei.com \
--to=jonathan.cameron@huawei.com \
--cc=alison.schofield@intel.com \
--cc=dan.j.williams@intel.com \
--cc=dave.jiang@intel.com \
--cc=dave@stgolabs.net \
--cc=ira.weiny@intel.com \
--cc=linux-cxl@vger.kernel.org \
--cc=nvdimm@lists.linux.dev \
--cc=vishal.l.verma@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox