From: Davidlohr Bueso <dave@stgolabs.net>
To: dan.j.williams@intel.com
Cc: dave.jiang@intel.com, vishal.l.verma@intel.com,
Jonathan.Cameron@huawei.com, fan.ni@samsung.com,
a.manzanares@samsung.com, dave@stgolabs.net,
linux-cxl@vger.kernel.org
Subject: [PATCH v6 0/7] cxl: Support device sanitation
Date: Mon, 12 Jun 2023 11:10:31 -0700 [thread overview]
Message-ID: <20230612181038.14421-1-dave@stgolabs.net> (raw)
Hi,
Changes from v5 (https://lore.kernel.org/linux-cxl/20230526033344.17167-1-dave@stgolabs.net/):
o Added patch 1 which fixes bogus irq handled scenarios when it's not our interrupt.
This should be picked up regardless of the rest of the series (Jonathan)
o Added security.poll boolean instead of using the timeout member (Dave, Jonathan).
o Do not explicitly init security.state (Dave).
o Misc cleanups (Jonathan).
o Updated changelog in patch 4.
o Picked up tags.
This adds the sanitation part of the background command handling. Some noteworthy items:
o Treating Sanitation as such a special beast can make the code a bit invasive,
but couldn't find a decent alternative. For example I realize that this is really
ad-hoc code in __cxl_pci_mbox_send_cmd(). A lot of this also comes from the fact
that polling for sanitize is supported, so sw still needs to keep up and serialize.
o Nothing depends explicitly on CPU cacheline management
o All sysfs files/attributes in the security directory are visible.
o Continue to use __ATTR() macros for sysfs attributes instead of the requested
DEVICE_ATTR_*() ones because of the naming the security directory, otherwise
names don't match.
Patch 1 fixes mbox isr.
Patch 2: adds a new security/state file.
Patch 3 paves the required sanitation handling code before actually using it.
Patch 4,5 wires up sanitation + unit test.
Patch 6,7 wires up secure erase + unit test.
Testing.
========
o There are the mock device tests for Sanitize and Secure Erase.
o The latest (v2) qemu bg/sanitize support series is posted here:
https://lore.kernel.org/linux-cxl/20230418172337.19207-1-dave@stgolabs.net/
(1) Window where driver is out of sync with hw (Sanitation async polling).
[root@fedora ~]# echo 1 > /sys/bus/cxl/devices/mem0/security/sanitize
[ 159.297482] cxl_pci:__cxl_pci_mbox_send_cmd:243: cxl_pci 0000:37:00.0: Sending command: 0x4400
[ 159.298648] cxl_pci:cxl_pci_mbox_wait_for_doorbell:73: cxl_pci 0000:37:00.0: Doorbell wait took 0ms
[ 159.299908] cxl_pci:__cxl_pci_mbox_send_cmd:295: cxl_pci 0000:37:00.0: Sanitation operation started
>>>> qemu informs sanitation is done <<<<<
[root@fedora ~]# echo 1 > /sys/bus/cxl/devices/mem0/security/sanitize
[ 165.897345] cxl_pci 0000:37:00.0: Failed to sanitize device : -16
[ 171.692050] cxl_pci:cxl_mbox_sanitize_work:147: cxl_pci 0000:37:00.0: Sanitation operation ended
[root@fedora ~]# echo 1 > /sys/bus/cxl/devices/mem0/security/sanitize
[ 173.373337] cxl_pci:__cxl_pci_mbox_send_cmd:243: cxl_pci 0000:37:00.0: Sending command: 0x4400
[ 173.374498] cxl_pci:cxl_pci_mbox_wait_for_doorbell:73: cxl_pci 0000:37:00.0: Doorbell wait took 0ms
[ 173.375727] cxl_pci:__cxl_pci_mbox_send_cmd:295: cxl_pci 0000:37:00.0: Sanitation operation started
(2) Perform sanitation of more than one memdev at a time (Sanitation async polling).
[root@fedora ~]# echo 1 > /sys/bus/cxl/devices/mem1/security/sanitize
[ 351.287129] cxl_pci:__cxl_pci_mbox_send_cmd:243: cxl_pci 0000:36:00.0: Sending command: 0x4400
[ 351.288403] cxl_pci:cxl_pci_mbox_wait_for_doorbell:73: cxl_pci 0000:36:00.0: Doorbell wait took 0ms
[ 351.289706] cxl_pci:__cxl_pci_mbox_send_cmd:295: cxl_pci 0000:36:00.0: Sanitation operation started
[root@fedora ~]# echo 1 > /sys/bus/cxl/devices/mem0/security/sanitize
[ 353.058614] cxl_pci:__cxl_pci_mbox_send_cmd:243: cxl_pci 0000:37:00.0: Sending command: 0x4400
[ 353.059854] cxl_pci:cxl_pci_mbox_wait_for_doorbell:73: cxl_pci 0000:37:00.0: Doorbell wait took 0ms
[ 353.061126] cxl_pci:__cxl_pci_mbox_send_cmd:295: cxl_pci 0000:37:00.0: Sanitation operation started
>>>> qemu informs sanitation is done <<<<<
>>>> qemu informs sanitation is done <<<<<
[ 363.692138] cxl_pci:cxl_mbox_sanitize_work:147: cxl_pci 0000:36:00.0: Sanitation operation ended
[ 365.227416] cxl_pci:cxl_mbox_sanitize_work:147: cxl_pci 0000:37:00.0: Sanitation operation ended
(3) Perform sanitation of more than one memdev at a time (Sanitation async irq).
[root@fedora ~]# echo 1 > /sys/bus/cxl/devices/mem1/security/sanitize
[ 193.729821] cxl_pci:__cxl_pci_mbox_send_cmd:243: cxl_pci 0000:c1:00.0: Sending command: 0x4400
[ 193.731071] cxl_pci:cxl_pci_mbox_wait_for_doorbell:73: cxl_pci 0000:c1:00.0: Doorbell wait took 0ms
[ 193.732360] cxl_pci:__cxl_pci_mbox_send_cmd:295: cxl_pci 0000:c1:00.0: Sanitation operation started
[root@fedora ~]# echo 1 > /sys/bus/cxl/devices/mem0/security/sanitize
[ 197.001466] cxl_pci:__cxl_pci_mbox_send_cmd:243: cxl_pci 0000:36:00.0: Sending command: 0x4400
[ 197.002694] cxl_pci:cxl_pci_mbox_wait_for_doorbell:73: cxl_pci 0000:36:00.0: Doorbell wait took 0ms
[ 197.003956] cxl_pci:__cxl_pci_mbox_send_cmd:295: cxl_pci 0000:36:00.0: Sanitation operation started
>>>> qemu says sanitation is done <<<<
[ 197.731473] cxl_pci:cxl_pci_mbox_irq:119: cxl_pci 0000:c1:00.0: Sanitation operation ended
>>>> qemu says sanitation is done <<<<
[ 201.003258] cxl_pci:cxl_pci_mbox_irq:119: cxl_pci 0000:36:00.0: Sanitation operation ended
(4) Forbid new sanitation while one is in progress (Sanitation async irq).
[root@fedora ~]# cat /sys/bus/cxl/devices/mem0/security/state
disabled
[root@fedora ~]# echo 1 > /sys/bus/cxl/devices/mem0/security/sanitize
[ 39.284258] cxl_pci:__cxl_pci_mbox_send_cmd:243: cxl_pci 0000:36:00.0: Sending command: 0x4400
[ 39.285459] cxl_pci:cxl_pci_mbox_wait_for_doorbell:73: cxl_pci 0000:36:00.0: Doorbell wait took 0ms
[ 39.286723] cxl_pci:__cxl_pci_mbox_send_cmd:295: cxl_pci 0000:36:00.0: Sanitation operation started
[root@fedora ~]# cat /sys/bus/cxl/devices/mem0/security/state
sanitize
[root@fedora ~]# echo 1 > /sys/bus/cxl/devices/mem0/security/sanitize
[ 42.697129] cxl_pci:__cxl_pci_mbox_send_cmd:243: cxl_pci 0000:36:00.0: Sending command: 0x4400
[ 42.698323] cxl_pci:cxl_pci_mbox_wait_for_doorbell:73: cxl_pci 0000:36:00.0: Doorbell wait took 0ms
[ 42.699525] cxl_pci:__cxl_pci_mbox_send_cmd:335: cxl_pci 0000:36:00.0: Mailbox operation had an error: ongoing background operation
[ 42.701119] cxl_pci 0000:36:00.0: Failed to sanitize device : -6
>>>> qemu says sanitation is done <<<<
[ 43.285334] cxl_pci:cxl_pci_mbox_irq:119: cxl_pci 0000:36:00.0: Sanitation operation ended
Applies against 'for-6.5/cxl-background' from cxl.git.
Please consider for v6.5.
Thanks!
Davidlohr Bueso (7):
cxl/mbox: Allow for IRQ_NONE case in the isr
cxl/mem: Introduce security state sysfs file
cxl/mbox: Add sanitation handling machinery
cxl/mem: Wire up Sanitation support
cxl/test: Add Sanitize opcode support
cxl/mem: Support Secure Erase
cxl/test: Add Secure Erase opcode support
Documentation/ABI/testing/sysfs-bus-cxl | 37 +++++++
drivers/cxl/core/mbox.c | 59 ++++++++++
drivers/cxl/core/memdev.c | 138 ++++++++++++++++++++++++
drivers/cxl/cxlmem.h | 22 ++++
drivers/cxl/pci.c | 85 ++++++++++++++-
drivers/cxl/security.c | 3 +
tools/testing/cxl/test/mem.c | 52 +++++++++
7 files changed, 393 insertions(+), 3 deletions(-)
--
2.41.0
next reply other threads:[~2023-06-12 18:45 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-12 18:10 Davidlohr Bueso [this message]
2023-06-12 18:10 ` [PATCH 1/7] cxl/mbox: Allow for IRQ_NONE case in the isr Davidlohr Bueso
2023-06-13 12:49 ` Jonathan Cameron
2023-06-13 18:11 ` Dave Jiang
2023-06-12 18:10 ` [PATCH 2/7] cxl/mem: Introduce security state sysfs file Davidlohr Bueso
2023-06-13 18:12 ` Dave Jiang
2023-06-12 18:10 ` [PATCH 3/7] cxl/mbox: Add sanitation handling machinery Davidlohr Bueso
2023-06-13 16:07 ` Jonathan Cameron
2023-06-13 16:28 ` Davidlohr Bueso
2023-06-14 8:36 ` Jonathan Cameron
2023-06-25 22:13 ` Dan Williams
2023-06-26 18:17 ` Davidlohr Bueso
2023-06-25 22:18 ` Dan Williams
2023-06-12 18:10 ` [PATCH 4/7] cxl/mem: Wire up Sanitation support Davidlohr Bueso
2023-06-25 22:34 ` Dan Williams
2023-06-12 18:10 ` [PATCH 5/7] cxl/test: Add Sanitize opcode support Davidlohr Bueso
2023-06-12 18:10 ` [PATCH 6/7] cxl/mem: Support Secure Erase Davidlohr Bueso
2023-06-12 18:10 ` [PATCH 7/7] cxl/test: Add Secure Erase opcode support Davidlohr Bueso
2023-06-13 15:26 ` [PATCH v6 0/7] cxl: Support device sanitation Jonathan Cameron
2023-06-13 15:51 ` Jonathan Cameron
2023-06-13 16:25 ` Davidlohr Bueso
2023-06-25 22:44 ` Dan Williams
2023-06-26 21:32 ` Davidlohr Bueso
2023-06-26 22:47 ` Dan Williams
2023-06-27 8:02 ` [PATCH] cxl/pci: Use correct flag for sanitize polling Davidlohr Bueso
2023-06-27 23:01 ` Dan Williams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230612181038.14421-1-dave@stgolabs.net \
--to=dave@stgolabs.net \
--cc=Jonathan.Cameron@huawei.com \
--cc=a.manzanares@samsung.com \
--cc=dan.j.williams@intel.com \
--cc=dave.jiang@intel.com \
--cc=fan.ni@samsung.com \
--cc=linux-cxl@vger.kernel.org \
--cc=vishal.l.verma@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox