From: Anderson Briglia <anderson.briglia@indt.org.br>
To: Anderson Lizardo <anderson.lizardo@indt.org.br>
Cc: linux-omap-open-source@linux.omap.com,
linux-arm-kernel@lists.arm.linux.org.uk,
linux-kernel@vger.kernel.org,
Carlos Eduardo Aguiar <carlos.aguiar@indt.org.br>,
Russell King - ARM Linux <linux@arm.linux.org.uk>,
Tony Lindgren <tony@atomide.com>,
David Brownell <david-b@pacbell.net>
Subject: Re: [patch 0/5] Add MMC password protection (lock/unlock) support
Date: Tue, 13 Dec 2005 18:27:34 -0400 [thread overview]
Message-ID: <439F4AD6.9090203@indt.org.br> (raw)
In-Reply-To: <20051213213208.303580000@localhost.localdomain>
[resending summary because our first attempt failed]
Hi,
These series of patches add support for MultiMediaCard (MMC) password
protection, as described in the MMC Specification v4.1. This feature is
supported by all compliant MMC cards, and used by some devices such as Symbian
OS cell phones to optionally protect MMC cards with a password. Password length
is limited to 16 bytes.
By default, a MMC card with no password assigned is always in "unlocked" state.
After password assignement, in the next power cycle the card switches to a
"locked" state where only the "basic" and "lock card" command classes are
accepted by the card. Only after unlocking it with the correct password the
card can be normally used for operations like block I/O.
Password management and caching is done through the "Kernel Key Retention
Service" mechanism and the sysfs filesystem. The Key Retention Service is used
for (1) unlocking the card, (2) assigning a password to an unlocked card and
(3) change a card's password. To remove the password and check locked/unlocked
status, a new sysfs attribute was added to the MMC driver.
Along with this thread will be sent a script that tests all possible user
scenarios described above. Also will be attached a tarball containing a simple
text-only reference UI to demonstrate how to manipulate the password.
TODO:
- MMC hotplugging needs to be extended to properly call probe() for the
different MMC drivers (currently only mmc_block). Currently, the block driver
is not notified in any way that the card was unlocked.
- Password caching: when inserting a locked card, the driver should try to
unlock it with the currently stored password (if any), and if it fails,
revoke the key containing it and fallback to the normal "no password present"
situation.
- Currently, some host drivers assume the block length will always be a power
of 2. This is not true for the MMC_LOCK_UNLOCK command, which is a block
command that accepts arbitratry block lengths. We have made the necessary
changes to the omap.c driver (present on the linux-omap tree), but the same
needs to be done for other hosts' drivers.
Known Issue:
- Some cards have an incorrect behaviour (hardware bug?) regarding password
acceptance: if an affected card has password <pwd>, it accepts <pwd><xxx> as
the correct password too, where <xxx> is any sequence of characters, of any
length. In other words, on these cards only the first <password length> bytes
need to match the correct password.
Comments or suggestions are welcome.
--
Anderson Briglia,
Anderson Lizardo,
Carlos Eduardo Aguiar
Embedded Linux Lab - 10LE
Nokia Institute of Technology - INdT
Manaus - Brazil
next prev parent reply other threads:[~2005-12-13 22:27 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20051213213208.303580000@localhost.localdomain>
2005-12-13 22:03 ` [patch 0/5] Add MMC password protection (lock/unlock) support David Brownell
2005-12-14 22:48 ` Anderson Lizardo
2005-12-27 18:48 ` Carlos Aguiar
2005-12-13 22:27 ` Anderson Briglia [this message]
2005-12-14 7:07 ` Pierre Ossman
2005-12-14 23:51 ` Anderson Lizardo
2005-12-15 6:49 ` Pierre Ossman
2005-12-15 9:12 ` Russell King
2005-12-15 9:27 ` Pierre Ossman
2005-12-15 10:06 ` Russell King
2005-12-15 13:44 ` Russell King
2005-12-15 16:01 ` Pierre Ossman
2005-12-29 19:06 ` Anderson Lizardo
2005-12-29 20:09 ` Russell King
2005-12-29 21:23 ` Anderson Lizardo
2005-12-29 21:37 ` Russell King
2005-12-29 19:17 ` Anderson Lizardo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=439F4AD6.9090203@indt.org.br \
--to=anderson.briglia@indt.org.br \
--cc=anderson.lizardo@indt.org.br \
--cc=carlos.aguiar@indt.org.br \
--cc=david-b@pacbell.net \
--cc=linux-arm-kernel@lists.arm.linux.org.uk \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-omap-open-source@linux.omap.com \
--cc=linux@arm.linux.org.uk \
--cc=tony@atomide.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox