From: Dave Jiang <dave.jiang@intel.com>
To: dan.j.williams@intel.com
Cc: dhowells@redhat.com, zohar@linux.vnet.ibm.com, linux-nvdimm@lists.01.org
Subject: [PATCH v14 11/17] libnvdimm/security: introduce NDD_SECURITY_BUSY flag
Date: Thu, 13 Dec 2018 09:49:22 -0700 [thread overview]
Message-ID: <154471976220.55644.7438654212111357869.stgit@djiang5-desk3.ch.intel.com> (raw)
In-Reply-To: <154471935968.55644.4424661179787827497.stgit@djiang5-desk3.ch.intel.com>
Adding a flag for nvdimm->flags to support erase functions. While it's ok
to hold the nvdimm_bus lock for secure erase due to minimal time to execute
the command, overwrite requires a significantly longer time and makes this
impossible. The flag will block any drivers from being loaded and DIMMs
being probed.
Signed-off-by: Dave Jiang <dave.jiang@intel.com>
---
drivers/nvdimm/dimm_devs.c | 5 +++++
drivers/nvdimm/region_devs.c | 5 +++++
drivers/nvdimm/security.c | 15 +++++++++++++++
include/linux/libnvdimm.h | 2 ++
4 files changed, 27 insertions(+)
diff --git a/drivers/nvdimm/dimm_devs.c b/drivers/nvdimm/dimm_devs.c
index bc432b7c17b8..e9f11d35ff2b 100644
--- a/drivers/nvdimm/dimm_devs.c
+++ b/drivers/nvdimm/dimm_devs.c
@@ -569,6 +569,11 @@ int nvdimm_security_freeze(struct nvdimm *nvdimm)
if (nvdimm->sec.state < 0)
return -EIO;
+ if (test_bit(NDD_SECURITY_BUSY, &nvdimm->flags)) {
+ dev_warn(&nvdimm->dev, "Security operation in progress.\n");
+ return -EBUSY;
+ }
+
rc = nvdimm->sec.ops->freeze(nvdimm);
nvdimm->sec.state = nvdimm_security_state(nvdimm);
diff --git a/drivers/nvdimm/region_devs.c b/drivers/nvdimm/region_devs.c
index 174a418cb171..4e69b1d03c05 100644
--- a/drivers/nvdimm/region_devs.c
+++ b/drivers/nvdimm/region_devs.c
@@ -79,6 +79,11 @@ int nd_region_activate(struct nd_region *nd_region)
struct nd_mapping *nd_mapping = &nd_region->mapping[i];
struct nvdimm *nvdimm = nd_mapping->nvdimm;
+ if (test_bit(NDD_SECURITY_BUSY, &nvdimm->flags)) {
+ nvdimm_bus_unlock(&nd_region->dev);
+ return -EBUSY;
+ }
+
/* at least one null hint slot per-dimm for the "no-hint" case */
flush_data_size += sizeof(void *);
num_flush = min_not_zero(num_flush, nvdimm->num_flush);
diff --git a/drivers/nvdimm/security.c b/drivers/nvdimm/security.c
index 4836f2fda271..1edd298e6e27 100644
--- a/drivers/nvdimm/security.c
+++ b/drivers/nvdimm/security.c
@@ -143,6 +143,11 @@ static int __nvdimm_security_unlock(struct nvdimm *nvdimm)
|| nvdimm->sec.state < 0)
return -EIO;
+ if (test_bit(NDD_SECURITY_BUSY, &nvdimm->flags)) {
+ dev_warn(dev, "Security operation in progress.\n");
+ return -EBUSY;
+ }
+
/*
* If the pre-OS has unlocked the DIMM, attempt to send the key
* from request_key() to the hardware for verification. Failure
@@ -203,6 +208,11 @@ int nvdimm_security_disable(struct nvdimm *nvdimm, unsigned int keyid)
return -EIO;
}
+ if (test_bit(NDD_SECURITY_BUSY, &nvdimm->flags)) {
+ dev_warn(dev, "Security operation in progress.\n");
+ return -EBUSY;
+ }
+
key = nvdimm_lookup_user_key(nvdimm, keyid, NVDIMM_BASE_KEY);
if (!key)
return -ENOKEY;
@@ -288,6 +298,11 @@ int nvdimm_security_erase(struct nvdimm *nvdimm, unsigned int keyid)
return -EIO;
}
+ if (test_bit(NDD_SECURITY_BUSY, &nvdimm->flags)) {
+ dev_warn(dev, "Security operation in progress.\n");
+ return -EBUSY;
+ }
+
key = nvdimm_lookup_user_key(nvdimm, keyid, NVDIMM_BASE_KEY);
if (!key)
return -ENOKEY;
diff --git a/include/linux/libnvdimm.h b/include/linux/libnvdimm.h
index 9a6cb7067dc7..8507d2896ae0 100644
--- a/include/linux/libnvdimm.h
+++ b/include/linux/libnvdimm.h
@@ -38,6 +38,8 @@ enum {
NDD_UNARMED = 1,
/* locked memory devices should not be accessed */
NDD_LOCKED = 2,
+ /* memory under security wipes should not be accessed */
+ NDD_SECURITY_BUSY = 3,
/* need to set a limit somewhere, but yes, this is likely overkill */
ND_IOCTL_MAX_BUFLEN = SZ_4M,
_______________________________________________
Linux-nvdimm mailing list
Linux-nvdimm@lists.01.org
https://lists.01.org/mailman/listinfo/linux-nvdimm
next prev parent reply other threads:[~2018-12-13 16:49 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-13 16:48 [PATCH v14 00/17] Adding security support for nvdimm Dave Jiang
2018-12-13 16:48 ` [PATCH v14 01/17] acpi/nfit: Add support for Intel DSM 1.8 commands Dave Jiang
2018-12-13 16:48 ` [PATCH v14 02/17] acpi/nfit, libnvdimm: Store dimm id as a member to struct nvdimm Dave Jiang
2018-12-13 16:48 ` [PATCH v14 03/17] keys: Export lookup_user_key to external users Dave Jiang
2018-12-13 16:48 ` [PATCH v14 04/17] keys-encrypted: add nvdimm key format type to encrypted keys Dave Jiang
2018-12-13 16:48 ` [PATCH v14 05/17] acpi/nfit, libnvdimm: Introduce nvdimm_security_ops Dave Jiang
2018-12-13 16:48 ` [PATCH v14 06/17] acpi/nfit, libnvdimm: Add freeze security support to Intel nvdimm Dave Jiang
2018-12-13 16:49 ` [PATCH v14 07/17] acpi/nfit, libnvdimm: Add unlock of nvdimm support for Intel DIMMs Dave Jiang
2018-12-13 16:49 ` [PATCH v14 08/17] acpi/nfit, libnvdimm: Add disable passphrase support to Intel nvdimm Dave Jiang
2018-12-13 16:49 ` [PATCH v14 09/17] acpi/nfit, libnvdimm: Add enable/update passphrase support for Intel nvdimms Dave Jiang
2018-12-13 16:49 ` [PATCH v14 10/17] acpi/nfit, libnvdimm: Add support for issue secure erase DSM to Intel nvdimm Dave Jiang
2018-12-13 16:49 ` Dave Jiang [this message]
2018-12-13 16:49 ` [PATCH v14 12/17] acpi/nfit, libnvdimm/security: Add security DSM overwrite support Dave Jiang
2018-12-13 20:47 ` Dan Williams
2018-12-13 16:49 ` [PATCH v14 13/17] acpi/nfit, libnvdimm/security: add Intel DSM 1.8 master passphrase support Dave Jiang
2018-12-13 16:49 ` [PATCH v14 14/17] tools/testing/nvdimm: Add test support for Intel nvdimm security DSMs Dave Jiang
2018-12-13 16:49 ` [PATCH v14 15/17] tools/testing/nvdimm: Add overwrite support for nfit_test Dave Jiang
2018-12-13 16:49 ` [PATCH v14 16/17] tools/testing/nvdimm: add Intel DSM 1.8 " Dave Jiang
2018-12-13 16:49 ` [PATCH v14 17/17] libnvdimm/security: Add documentation for nvdimm security support Dave Jiang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=154471976220.55644.7438654212111357869.stgit@djiang5-desk3.ch.intel.com \
--to=dave.jiang@intel.com \
--cc=dan.j.williams@intel.com \
--cc=dhowells@redhat.com \
--cc=linux-nvdimm@lists.01.org \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.