Linux CXL
 help / color / mirror / Atom feed
From: Alison Schofield <alison.schofield@intel.com>
To: nvdimm@lists.linux.dev, linux-cxl@vger.kernel.org
Cc: Alison Schofield <alison.schofield@intel.com>
Subject: [ndctl PATCH] test/cxl-security.sh: test dimm unlock with a large serial number
Date: Wed,  1 Jul 2026 17:34:03 -0700	[thread overview]
Message-ID: <20260702003407.1611731-1-alison.schofield@intel.com> (raw)

The existing CXL unlock test exposed the hexadecimal-vs-decimal key
description mismatch once cxl_test mock serial numbers were extended
to 10 and above. Serials with bit 63 set expose a second formatting
problem in that the kernel formats the decimal serial as signed,
rendering it as a negative value.

Extend the existing "unlock dimm" test to repeat the unlock against a
mock memdev with a full-width serial that has bit 63 set. Refactor the
common unlock sequence into an unlock_dimm() helper so the signedness
case follows the same test flow as the original key lookup case.

Signed-off-by: Alison Schofield <alison.schofield@intel.com>
---
 test/cxl-security | 24 ++++++++++++++++++++++++
 test/security.sh  | 16 ++++++++++++++--
 2 files changed, 38 insertions(+), 2 deletions(-)

diff --git a/test/cxl-security b/test/cxl-security
index 9a28ffd82b0b..39b7e001ce08 100644
--- a/test/cxl-security
+++ b/test/cxl-security
@@ -9,6 +9,30 @@ detect()
 	[ -n "$id" ] || err "$LINENO"
 }
 
+# Select the mock memdev whose serial has bit 63 set. Match on the hex
+# spelling of 'id' because the value exceeds signed 64-bit shell arithmetic.
+# A 16-digit hex value with a leading nibble of 8-f has bit 63 set.
+detect_big_serial()
+{
+	local d i hex
+
+	dev=""
+	for d in $($NDCTL list -b "$CXL_TEST_BUS" -D | jq -r '.[].dev'); do
+		i="$($NDCTL list -b "$CXL_TEST_BUS" -D -d "$d" | \
+			jq -r '.[0].id')"
+		hex="$(printf '%x' "$i" 2>/dev/null)" || continue
+		case "${#hex}:${hex:0:1}" in
+		16:[89a-fA-F])
+			dev="$d"
+			id="$i"
+			break
+			;;
+		esac
+	done
+
+	[ -n "$dev" ] || err "$LINENO: no serial with bit 63 set found"
+}
+
 lock_dimm()
 {
 	$NDCTL disable-dimm "$dev"
diff --git a/test/security.sh b/test/security.sh
index d3a840c23276..72bb570142ed 100755
--- a/test/security.sh
+++ b/test/security.sh
@@ -144,7 +144,7 @@ test_3_security_setup_and_erase()
 	erase_security
 }
 
-test_4_security_unlock()
+unlock_dimm()
 {
 	setup_passphrase
 	lock_dimm
@@ -158,6 +158,18 @@ test_4_security_unlock()
 	remove_passphrase
 }
 
+test_4_security_unlock()
+{
+	unlock_dimm
+
+	if [ "$1" = "cxl" ] && check_min_kver "7.3"; then
+		detect_big_serial
+		unlock_dimm
+		# Restore the default device selection for later tests.
+		detect
+	fi
+}
+
 # This should always be the last nvdimm security test.
 # with security frozen, nfit_test must be removed and is no longer usable
 test_5_security_freeze()
@@ -241,7 +253,7 @@ test_2_security_setup_and_update
 echo "Test 3, security setup and erase"
 test_3_security_setup_and_erase
 echo "Test 4, unlock dimm"
-test_4_security_unlock
+test_4_security_unlock "$1"
 
 # Freeze should always be the last nvdimm security test because it locks
 # security state and require nfit_test module unload. However, this does

base-commit: 5fcbbee57319e718bf522436ea6595bd0f71296c
-- 
2.37.3


             reply	other threads:[~2026-07-02  0:34 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-07-02  0:34 Alison Schofield [this message]
2026-07-03  6:34 ` [ndctl PATCH] test/cxl-security.sh: test dimm unlock with a large serial number Richard Cheng

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260702003407.1611731-1-alison.schofield@intel.com \
    --to=alison.schofield@intel.com \
    --cc=linux-cxl@vger.kernel.org \
    --cc=nvdimm@lists.linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox