From: Jonathan Cameron <Jonathan.Cameron@Huawei.com>
To: Dan Williams <dan.j.williams@intel.com>
Cc: <linux-cxl@vger.kernel.org>, <dave.jiang@intel.com>,
<ira.weiny@intel.com>
Subject: Re: [PATCH 4/4] cxl/security: Drop security command ioctl uapi
Date: Thu, 8 Dec 2022 10:51:12 +0000 [thread overview]
Message-ID: <20221208105112.00003e44@Huawei.com> (raw)
In-Reply-To: <167030056464.4044561.11486507095384253833.stgit@dwillia2-xfh.jf.intel.com>
On Mon, 05 Dec 2022 20:22:44 -0800
Dan Williams <dan.j.williams@intel.com> wrote:
> CXL PMEM security operations are routed through the NVDIMM sysfs
> interface. For this reason the corresponding commands are marked
> "exclusive" to preclude collisions between the ioctl ABI and the sysfs
> ABI. However, a better way to preclude that collision is to simply
> remove the ioctl ABI (command-id definitions) for those operations.
>
> Now that cxl_internal_send_cmd() (formerly cxl_mbox_send_cmd()) no
> longer needs to talk the cxl_mem_commands array, all of the uapi
> definitions for the security commands can be dropped.
>
> These never appeared in a released kernel, so no regression risk.
>
> Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Makes sense
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
> ---
> drivers/cxl/core/mbox.c | 17 -----------------
> include/uapi/linux/cxl_mem.h | 6 ------
> 2 files changed, 23 deletions(-)
>
> diff --git a/drivers/cxl/core/mbox.c b/drivers/cxl/core/mbox.c
> index c36a3589377a..b03fba212799 100644
> --- a/drivers/cxl/core/mbox.c
> +++ b/drivers/cxl/core/mbox.c
> @@ -65,12 +65,6 @@ static struct cxl_mem_command cxl_mem_commands[CXL_MEM_COMMAND_ID_MAX] = {
> CXL_CMD(GET_SCAN_MEDIA_CAPS, 0x10, 0x4, 0),
> CXL_CMD(SCAN_MEDIA, 0x11, 0, 0),
> CXL_CMD(GET_SCAN_MEDIA, 0, CXL_VARIABLE_PAYLOAD, 0),
> - CXL_CMD(GET_SECURITY_STATE, 0, 0x4, 0),
> - CXL_CMD(SET_PASSPHRASE, 0x60, 0, 0),
> - CXL_CMD(DISABLE_PASSPHRASE, 0x40, 0, 0),
> - CXL_CMD(FREEZE_SECURITY, 0, 0, 0),
> - CXL_CMD(UNLOCK, 0x20, 0, 0),
> - CXL_CMD(PASSPHRASE_SECURE_ERASE, 0x40, 0, 0),
> };
>
> /*
> @@ -717,17 +711,6 @@ int cxl_enumerate_cmds(struct cxl_dev_state *cxlds)
> /* Found the required CEL */
> rc = 0;
> }
> -
> - /*
> - * Setup permanently kernel exclusive commands, i.e. the
> - * mechanism is driven through sysfs, keyctl, etc...
> - */
> - set_bit(CXL_MEM_COMMAND_ID_SET_PASSPHRASE, cxlds->exclusive_cmds);
> - set_bit(CXL_MEM_COMMAND_ID_DISABLE_PASSPHRASE, cxlds->exclusive_cmds);
> - set_bit(CXL_MEM_COMMAND_ID_UNLOCK, cxlds->exclusive_cmds);
> - set_bit(CXL_MEM_COMMAND_ID_PASSPHRASE_SECURE_ERASE,
> - cxlds->exclusive_cmds);
> -
> out:
> kvfree(gsl);
> return rc;
> diff --git a/include/uapi/linux/cxl_mem.h b/include/uapi/linux/cxl_mem.h
> index 82bdad4ce5de..c71021a2a9ed 100644
> --- a/include/uapi/linux/cxl_mem.h
> +++ b/include/uapi/linux/cxl_mem.h
> @@ -41,12 +41,6 @@
> ___C(GET_SCAN_MEDIA_CAPS, "Get Scan Media Capabilities"), \
> ___C(SCAN_MEDIA, "Scan Media"), \
> ___C(GET_SCAN_MEDIA, "Get Scan Media Results"), \
> - ___C(GET_SECURITY_STATE, "Get Security State"), \
> - ___C(SET_PASSPHRASE, "Set Passphrase"), \
> - ___C(DISABLE_PASSPHRASE, "Disable Passphrase"), \
> - ___C(FREEZE_SECURITY, "Freeze Security"), \
> - ___C(UNLOCK, "Unlock"), \
> - ___C(PASSPHRASE_SECURE_ERASE, "Passphrase Secure Erase"), \
> ___C(MAX, "invalid / last command")
>
> #define ___C(a, b) CXL_MEM_COMMAND_ID_##a
>
prev parent reply other threads:[~2022-12-08 10:59 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-06 4:22 [PATCH 0/4] cxl/mbox: Output payload validation reworks Dan Williams
2022-12-06 4:22 ` [PATCH 1/4] cxl/security: Fix Get Security State output payload endian handling Dan Williams
2022-12-06 6:07 ` Ira Weiny
2022-12-06 16:21 ` Dave Jiang
2022-12-08 10:52 ` Jonathan Cameron
2022-12-06 4:22 ` [PATCH 2/4] cxl/mbox: Enable cxl_mbox_send_cmd() users to validate output size Dan Williams
2022-12-06 6:27 ` Ira Weiny
2022-12-06 16:35 ` Dave Jiang
2022-12-08 11:01 ` Jonathan Cameron
2022-12-06 4:22 ` [PATCH 3/4] cxl/mbox: Add variable output size validation for internal commands Dan Williams
2022-12-06 6:36 ` Ira Weiny
2022-12-06 16:53 ` Dave Jiang
2022-12-08 11:03 ` Jonathan Cameron
2022-12-08 21:24 ` Alison Schofield
2022-12-06 4:22 ` [PATCH 4/4] cxl/security: Drop security command ioctl uapi Dan Williams
2022-12-06 6:38 ` Ira Weiny
2022-12-06 16:56 ` Dave Jiang
2022-12-08 10:51 ` Jonathan Cameron [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221208105112.00003e44@Huawei.com \
--to=jonathan.cameron@huawei.com \
--cc=dan.j.williams@intel.com \
--cc=dave.jiang@intel.com \
--cc=ira.weiny@intel.com \
--cc=linux-cxl@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox