From: Dave Jiang <dave.jiang@intel.com> To: David Howells <dhowells@redhat.com> Cc: linux-nvdimm@lists.01.org, keyrings@vger.kernel.org, alison.schofield@intel.com, keescook@chromium.org Subject: Re: [PATCH v5 06/12] nfit/libnvdimm: add set passphrase support for Intel nvdimms Date: Wed, 18 Jul 2018 09:05:35 -0700 [thread overview] Message-ID: <52ca4099-2816-4a42-9109-22b199975821@intel.com> (raw) In-Reply-To: <9360.1531912457@warthog.procyon.org.uk> On 07/18/2018 04:14 AM, David Howells wrote: > Dave Jiang <dave.jiang@intel.com> wrote: > >> Add support for setting and/or updating passphrase on the Intel nvdimms. >> The passphrase is pulled from userspace through the kernel key management. >> We trigger the update via writing "update" to the sysfs attribute >> "security". The state of the security can also be read via the "security" >> attribute. libnvdimm will generically support the key_change API call. > > Btw, could you use a logon-type key rather than spinning your own? Do you > specifically not want it to be updateable? Thanks for reviewing this David. I'll take a look and see if I can. Basically the code is acting as the proxy for the hardware and passing through the passphrase. What would be the best way to update the passphrase if I need to retrieve the new passphrase from the userspace? The hardware still needs the old passphrase in order to verify. There has to be a nice way to do this but I'm not familiar with key management API to know better. > >> +static int intel_dimm_security_update_passphrase( >> + struct nvdimm_bus *nvdimm_bus, struct nvdimm *nvdimm, >> + struct nvdimm_key_data *old_data, >> + struct nvdimm_key_data *new_data) > > You might want to mark old_data and new_data as const here. At least, they > don't appear to be changed. Also, can you stick a banner comment on the > function to say what it actually does? Is it changing the key stored in h/w > or is it meant to be changing what's stored in the key payload? > >> + /* request new key from userspace */ >> + key = nvdimm_request_key(dev); >> + if (!key) { >> + dev_dbg(dev, "%s: failed to acquire new key\n", __func__); >> + return -ENXIO; >> + } >> + >> + dev_dbg(dev, "%s: new key: %#x\n", __func__, key->serial); >> + >> + if (key->datalen == NVDIMM_PASSPHRASE_LEN) { >> + old_data = NULL; >> + new_data = key->payload.data[0]; >> + } else if (key->datalen == (NVDIMM_PASSPHRASE_LEN * 2)) { >> + new_data = key->payload.data[0]; >> + old_data = new_data + NVDIMM_PASSPHRASE_LEN; >> + } else { >> + key_invalidate(key); >> + key_put(key); >> + dev_warn(dev, "Incorrect key payload size for update: %u\n", >> + key->datalen); >> + return -EINVAL; >> + } >> + >> + down_read(&key->sem); >> + rc = nvdimm->security_ops->change_key(nvdimm_bus, nvdimm, old_data, >> + new_data); > > Why do you need to get a read lock on key->sem and not a write-lock? > >> + if (rc == 0 && key->datalen == (NVDIMM_PASSPHRASE_LEN * 2)) >> + memcpy(old_data, new_data, NVDIMM_PASSPHRASE_LEN); > > You appear to be changing the key content here. If that's the case, don't you > need to write-lock key->sem? > >> + up_read(&key->sem); > > David > _______________________________________________ Linux-nvdimm mailing list Linux-nvdimm@lists.01.org https://lists.01.org/mailman/listinfo/linux-nvdimm
WARNING: multiple messages have this Message-ID (diff)
From: Dave Jiang <dave.jiang@intel.com> To: David Howells <dhowells@redhat.com> Cc: linux-nvdimm@lists.01.org, keyrings@vger.kernel.org, alison.schofield@intel.com, keescook@chromium.org Subject: Re: [PATCH v5 06/12] nfit/libnvdimm: add set passphrase support for Intel nvdimms Date: Wed, 18 Jul 2018 16:05:35 +0000 [thread overview] Message-ID: <52ca4099-2816-4a42-9109-22b199975821@intel.com> (raw) In-Reply-To: <9360.1531912457@warthog.procyon.org.uk> On 07/18/2018 04:14 AM, David Howells wrote: > Dave Jiang <dave.jiang@intel.com> wrote: > >> Add support for setting and/or updating passphrase on the Intel nvdimms. >> The passphrase is pulled from userspace through the kernel key management. >> We trigger the update via writing "update" to the sysfs attribute >> "security". The state of the security can also be read via the "security" >> attribute. libnvdimm will generically support the key_change API call. > > Btw, could you use a logon-type key rather than spinning your own? Do you > specifically not want it to be updateable? Thanks for reviewing this David. I'll take a look and see if I can. Basically the code is acting as the proxy for the hardware and passing through the passphrase. What would be the best way to update the passphrase if I need to retrieve the new passphrase from the userspace? The hardware still needs the old passphrase in order to verify. There has to be a nice way to do this but I'm not familiar with key management API to know better. > >> +static int intel_dimm_security_update_passphrase( >> + struct nvdimm_bus *nvdimm_bus, struct nvdimm *nvdimm, >> + struct nvdimm_key_data *old_data, >> + struct nvdimm_key_data *new_data) > > You might want to mark old_data and new_data as const here. At least, they > don't appear to be changed. Also, can you stick a banner comment on the > function to say what it actually does? Is it changing the key stored in h/w > or is it meant to be changing what's stored in the key payload? > >> + /* request new key from userspace */ >> + key = nvdimm_request_key(dev); >> + if (!key) { >> + dev_dbg(dev, "%s: failed to acquire new key\n", __func__); >> + return -ENXIO; >> + } >> + >> + dev_dbg(dev, "%s: new key: %#x\n", __func__, key->serial); >> + >> + if (key->datalen = NVDIMM_PASSPHRASE_LEN) { >> + old_data = NULL; >> + new_data = key->payload.data[0]; >> + } else if (key->datalen = (NVDIMM_PASSPHRASE_LEN * 2)) { >> + new_data = key->payload.data[0]; >> + old_data = new_data + NVDIMM_PASSPHRASE_LEN; >> + } else { >> + key_invalidate(key); >> + key_put(key); >> + dev_warn(dev, "Incorrect key payload size for update: %u\n", >> + key->datalen); >> + return -EINVAL; >> + } >> + >> + down_read(&key->sem); >> + rc = nvdimm->security_ops->change_key(nvdimm_bus, nvdimm, old_data, >> + new_data); > > Why do you need to get a read lock on key->sem and not a write-lock? > >> + if (rc = 0 && key->datalen = (NVDIMM_PASSPHRASE_LEN * 2)) >> + memcpy(old_data, new_data, NVDIMM_PASSPHRASE_LEN); > > You appear to be changing the key content here. If that's the case, don't you > need to write-lock key->sem? > >> + up_read(&key->sem); > > David >
next prev parent reply other threads:[~2018-07-18 16:05 UTC|newest] Thread overview: 90+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-07-17 20:54 [PATCH v5 00/12] Adding security support for nvdimm Dave Jiang 2018-07-17 20:54 ` Dave Jiang 2018-07-17 20:54 ` [PATCH v5 01/12] nfit: add support for Intel DSM 1.7 commands Dave Jiang 2018-07-17 20:54 ` Dave Jiang 2018-07-18 17:02 ` Elliott, Robert (Persistent Memory) 2018-07-18 17:02 ` Elliott, Robert (Persistent Memory) 2018-07-17 20:54 ` [PATCH v5 02/12] libnvdimm: create keyring to store security keys Dave Jiang 2018-07-17 20:54 ` Dave Jiang 2018-07-17 23:56 ` Eric Biggers 2018-07-17 23:56 ` Eric Biggers 2018-07-17 20:54 ` [PATCH v5 03/12] nfit/libnvdimm: store dimm id as a member to struct nvdimm Dave Jiang 2018-07-17 20:54 ` Dave Jiang 2018-07-18 15:40 ` Elliott, Robert (Persistent Memory) 2018-07-18 15:40 ` Elliott, Robert (Persistent Memory) 2018-07-18 15:49 ` Dave Jiang 2018-07-18 15:49 ` Dave Jiang 2018-07-17 20:54 ` [PATCH v5 04/12] nfit/libnvdimm: add unlock of nvdimm support for Intel DIMMs Dave Jiang 2018-07-17 20:54 ` Dave Jiang 2018-07-18 0:00 ` Eric Biggers 2018-07-18 0:00 ` Eric Biggers 2018-07-17 20:54 ` [PATCH v5 05/12] keys: add call key_put_sync() to flush key_gc_work when doing a key_put() Dave Jiang 2018-07-17 20:54 ` Dave Jiang 2018-07-17 23:53 ` Eric Biggers 2018-07-17 23:53 ` Eric Biggers 2018-07-17 23:58 ` Dave Jiang 2018-07-17 23:58 ` Dave Jiang 2018-07-17 20:54 ` [PATCH v5 06/12] nfit/libnvdimm: add set passphrase support for Intel nvdimms Dave Jiang 2018-07-17 20:54 ` Dave Jiang 2018-07-17 20:54 ` [PATCH v5 07/12] nfit/libnvdimm: add disable passphrase support to Intel nvdimm Dave Jiang 2018-07-17 20:54 ` Dave Jiang 2018-07-17 20:54 ` [PATCH v5 08/12] nfit/libnvdimm: add freeze security " Dave Jiang 2018-07-17 20:54 ` Dave Jiang 2018-07-17 20:54 ` [PATCH v5 09/12] nfit/libnvdimm: add support for issue secure erase DSM " Dave Jiang 2018-07-17 20:54 ` Dave Jiang 2018-07-18 17:27 ` Elliott, Robert (Persistent Memory) 2018-07-18 17:27 ` Elliott, Robert (Persistent Memory) 2018-07-18 17:41 ` Dave Jiang 2018-07-18 17:41 ` Dave Jiang 2018-07-19 1:43 ` Elliott, Robert (Persistent Memory) 2018-07-19 1:43 ` Elliott, Robert (Persistent Memory) 2018-07-19 6:09 ` Li, Juston 2018-07-19 6:09 ` Li, Juston 2018-07-19 20:06 ` Dave Jiang 2018-07-19 20:06 ` Dave Jiang 2018-07-17 20:55 ` [PATCH v5 10/12] nfit_test: add context to dimm_dev for nfit_test Dave Jiang 2018-07-17 20:55 ` Dave Jiang 2018-07-17 20:55 ` [PATCH v5 11/12] nfit_test: add test support for Intel nvdimm security DSMs Dave Jiang 2018-07-17 20:55 ` Dave Jiang 2018-07-17 20:55 ` [PATCH v5 12/12] libnvdimm: add documentation for nvdimm security support Dave Jiang 2018-07-17 20:55 ` Dave Jiang 2018-07-17 23:26 ` [PATCH v5 00/12] Adding security support for nvdimm Eric Biggers 2018-07-17 23:26 ` Eric Biggers 2018-07-17 23:37 ` Dave Jiang 2018-07-17 23:37 ` Dave Jiang 2018-07-18 10:40 ` [PATCH v5 05/12] keys: add call key_put_sync() to flush key_gc_work when doing a key_put() David Howells 2018-07-18 10:40 ` David Howells 2018-07-18 10:50 ` [PATCH v5 02/12] libnvdimm: create keyring to store security keys David Howells 2018-07-18 10:50 ` David Howells 2018-07-18 19:40 ` Dave Jiang 2018-07-18 19:40 ` Dave Jiang 2018-07-18 20:38 ` David Howells 2018-07-18 20:38 ` David Howells 2018-07-18 11:14 ` [PATCH v5 06/12] nfit/libnvdimm: add set passphrase support for Intel nvdimms David Howells 2018-07-18 11:14 ` David Howells 2018-07-18 16:05 ` Dave Jiang [this message] 2018-07-18 16:05 ` Dave Jiang 2018-07-18 19:47 ` Dave Jiang 2018-07-18 19:47 ` Dave Jiang 2018-07-18 20:41 ` David Howells 2018-07-18 20:41 ` David Howells 2018-07-18 20:47 ` Dave Jiang 2018-07-18 20:47 ` Dave Jiang 2018-07-19 0:28 ` Dave Jiang 2018-07-19 0:28 ` Dave Jiang 2018-07-19 8:22 ` David Howells 2018-07-19 8:22 ` David Howells 2018-07-19 21:28 ` Dave Jiang 2018-07-19 21:28 ` Dave Jiang 2018-07-20 0:04 ` Dave Jiang 2018-07-20 0:04 ` Dave Jiang 2018-07-20 15:40 ` David Howells 2018-07-20 15:40 ` David Howells 2018-07-20 16:40 ` Dave Jiang 2018-07-20 16:40 ` Dave Jiang 2018-08-02 11:07 ` David Howells 2018-08-02 11:07 ` David Howells 2018-07-18 11:17 ` [PATCH v5 05/12] keys: add call key_put_sync() to flush key_gc_work when doing a key_put() David Howells 2018-07-18 11:17 ` David Howells 2018-07-18 11:20 ` [PATCH v5 06/12] nfit/libnvdimm: add set passphrase support for Intel nvdimms David Howells 2018-07-18 11:20 ` David Howells
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=52ca4099-2816-4a42-9109-22b199975821@intel.com \ --to=dave.jiang@intel.com \ --cc=alison.schofield@intel.com \ --cc=dhowells@redhat.com \ --cc=keescook@chromium.org \ --cc=keyrings@vger.kernel.org \ --cc=linux-nvdimm@lists.01.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.