* [ndctl PATCH v2 0/4] ndctl: Add security test for cxl devices through nvdimm @ 2022-12-14 22:00 Dave Jiang 2022-12-14 22:00 ` [ndctl PATCH v2 1/4] ndctl: add CXL bus detection Dave Jiang ` (3 more replies) 0 siblings, 4 replies; 12+ messages in thread From: Dave Jiang @ 2022-12-14 22:00 UTC (permalink / raw) To: linux-cxl, nvdimm; +Cc: vishal.l.verma This ndctl series add support to test cxl pmem devices through the nvdimm interface. A new shell script is added for security test due to the discovery of cxl_test dimms are different than nfit_test based dimms. Common code are shared between nfit and cxl security testing. v2: - Fix commit logs (Vishal) - Share common code for test (Vishal) - Add test to cxl suite (Dan) --- Dave Jiang (4): ndctl: add CXL bus detection ndctl/libndctl: Add bus_prefix for CXL ndctl/libndctl: Allow retrievng of unique_id for CXL mem dev ndctl/test: Add CXL test for security ndctl/lib/libndctl.c | 87 ++++++++++++++++++++++++++++++++++++++++++ ndctl/lib/libndctl.sym | 1 + ndctl/lib/private.h | 1 + ndctl/libndctl.h | 1 + test/common | 7 ++++ test/cxl-security | 40 +++++++++++++++++++ test/cxl-security.sh | 5 +++ test/meson.build | 6 ++- test/nfit-security | 40 +++++++++++++++++++ test/nfit-security.sh | 5 +++ test/security.sh | 70 ++++++++++++--------------------- 11 files changed, 216 insertions(+), 47 deletions(-) create mode 100644 test/cxl-security create mode 100755 test/cxl-security.sh create mode 100644 test/nfit-security create mode 100755 test/nfit-security.sh -- ^ permalink raw reply [flat|nested] 12+ messages in thread
* [ndctl PATCH v2 1/4] ndctl: add CXL bus detection 2022-12-14 22:00 [ndctl PATCH v2 0/4] ndctl: Add security test for cxl devices through nvdimm Dave Jiang @ 2022-12-14 22:00 ` Dave Jiang 2022-12-15 20:38 ` Dan Williams 2022-12-14 22:00 ` [ndctl PATCH v2 2/4] ndctl/libndctl: Add bus_prefix for CXL Dave Jiang ` (2 subsequent siblings) 3 siblings, 1 reply; 12+ messages in thread From: Dave Jiang @ 2022-12-14 22:00 UTC (permalink / raw) To: linux-cxl, nvdimm; +Cc: vishal.l.verma Add a CXL bus type, and detect whether a 'dimm' is backed by the CXL subsystem. Reviewed-by: Alison Schofield <alison.schofield@intel.com> Signed-off-by: Dave Jiang <dave.jiang@intel.com> --- v2: - Improve commit log. (Vishal) --- ndctl/lib/libndctl.c | 53 ++++++++++++++++++++++++++++++++++++++++++++++++ ndctl/lib/libndctl.sym | 1 + ndctl/lib/private.h | 1 + ndctl/libndctl.h | 1 + 4 files changed, 56 insertions(+) diff --git a/ndctl/lib/libndctl.c b/ndctl/lib/libndctl.c index ad54f0626510..10422e24d38b 100644 --- a/ndctl/lib/libndctl.c +++ b/ndctl/lib/libndctl.c @@ -12,6 +12,7 @@ #include <ctype.h> #include <fcntl.h> #include <dirent.h> +#include <libgen.h> #include <sys/stat.h> #include <sys/types.h> #include <sys/ioctl.h> @@ -876,6 +877,48 @@ static enum ndctl_fwa_method fwa_method_to_method(const char *fwa_method) return NDCTL_FWA_METHOD_RESET; } +static int is_ndbus_cxl(const char *ctl_base) +{ + char *path, *ppath, *subsys; + char tmp_path[PATH_MAX]; + int rc; + + /* get the real path of ctl_base */ + path = realpath(ctl_base, NULL); + if (!path) + return -errno; + + /* setup to get the nd bridge device backing the ctl */ + sprintf(tmp_path, "%s/device", path); + free(path); + + path = realpath(tmp_path, NULL); + if (!path) + return -errno; + + /* get the parent dir of the ndbus, which should be the nvdimm-bridge */ + ppath = dirname(path); + + /* setup to get the subsystem of the nvdimm-bridge */ + sprintf(tmp_path, "%s/%s", ppath, "subsystem"); + free(path); + + path = realpath(tmp_path, NULL); + if (!path) + return -errno; + + subsys = basename(path); + + /* check if subsystem is cxl */ + if (!strcmp(subsys, "cxl")) + rc = 1; + else + rc = 0; + + free(path); + return rc; +} + static void *add_bus(void *parent, int id, const char *ctl_base) { char buf[SYSFS_ATTR_SIZE]; @@ -919,6 +962,11 @@ static void *add_bus(void *parent, int id, const char *ctl_base) else bus->has_of_node = 1; + if (is_ndbus_cxl(ctl_base)) + bus->has_cxl = 1; + else + bus->has_cxl = 0; + sprintf(path, "%s/device/nfit/dsm_mask", ctl_base); if (sysfs_read_attr(ctx, path, buf) < 0) bus->nfit_dsm_mask = 0; @@ -1050,6 +1098,11 @@ NDCTL_EXPORT int ndctl_bus_has_of_node(struct ndctl_bus *bus) return bus->has_of_node; } +NDCTL_EXPORT int ndctl_bus_has_cxl(struct ndctl_bus *bus) +{ + return bus->has_cxl; +} + NDCTL_EXPORT int ndctl_bus_is_papr_scm(struct ndctl_bus *bus) { char buf[SYSFS_ATTR_SIZE]; diff --git a/ndctl/lib/libndctl.sym b/ndctl/lib/libndctl.sym index 75c32b9d4967..2892544d1985 100644 --- a/ndctl/lib/libndctl.sym +++ b/ndctl/lib/libndctl.sym @@ -464,4 +464,5 @@ LIBNDCTL_27 { } LIBNDCTL_26; LIBNDCTL_28 { ndctl_dimm_disable_master_passphrase; + ndctl_bus_has_cxl; } LIBNDCTL_27; diff --git a/ndctl/lib/private.h b/ndctl/lib/private.h index e5c56295556d..46bc8908bd90 100644 --- a/ndctl/lib/private.h +++ b/ndctl/lib/private.h @@ -163,6 +163,7 @@ struct ndctl_bus { int regions_init; int has_nfit; int has_of_node; + int has_cxl; char *bus_path; char *bus_buf; size_t buf_len; diff --git a/ndctl/libndctl.h b/ndctl/libndctl.h index c52e82a6f826..91ef0f42f654 100644 --- a/ndctl/libndctl.h +++ b/ndctl/libndctl.h @@ -133,6 +133,7 @@ struct ndctl_bus *ndctl_bus_get_next(struct ndctl_bus *bus); struct ndctl_ctx *ndctl_bus_get_ctx(struct ndctl_bus *bus); int ndctl_bus_has_nfit(struct ndctl_bus *bus); int ndctl_bus_has_of_node(struct ndctl_bus *bus); +int ndctl_bus_has_cxl(struct ndctl_bus *bus); int ndctl_bus_is_papr_scm(struct ndctl_bus *bus); unsigned int ndctl_bus_get_major(struct ndctl_bus *bus); unsigned int ndctl_bus_get_minor(struct ndctl_bus *bus); ^ permalink raw reply related [flat|nested] 12+ messages in thread
* RE: [ndctl PATCH v2 1/4] ndctl: add CXL bus detection 2022-12-14 22:00 ` [ndctl PATCH v2 1/4] ndctl: add CXL bus detection Dave Jiang @ 2022-12-15 20:38 ` Dan Williams 2022-12-15 21:18 ` Jeff Moyer 0 siblings, 1 reply; 12+ messages in thread From: Dan Williams @ 2022-12-15 20:38 UTC (permalink / raw) To: Dave Jiang, linux-cxl, nvdimm; +Cc: vishal.l.verma Dave Jiang wrote: > Add a CXL bus type, and detect whether a 'dimm' is backed by the CXL > subsystem. > > Reviewed-by: Alison Schofield <alison.schofield@intel.com> > Signed-off-by: Dave Jiang <dave.jiang@intel.com> > > --- > v2: > - Improve commit log. (Vishal) > --- > ndctl/lib/libndctl.c | 53 ++++++++++++++++++++++++++++++++++++++++++++++++ > ndctl/lib/libndctl.sym | 1 + > ndctl/lib/private.h | 1 + > ndctl/libndctl.h | 1 + > 4 files changed, 56 insertions(+) > > diff --git a/ndctl/lib/libndctl.c b/ndctl/lib/libndctl.c > index ad54f0626510..10422e24d38b 100644 > --- a/ndctl/lib/libndctl.c > +++ b/ndctl/lib/libndctl.c > @@ -12,6 +12,7 @@ > #include <ctype.h> > #include <fcntl.h> > #include <dirent.h> > +#include <libgen.h> This new include had me looking for why below... > #include <sys/stat.h> > #include <sys/types.h> > #include <sys/ioctl.h> > @@ -876,6 +877,48 @@ static enum ndctl_fwa_method fwa_method_to_method(const char *fwa_method) > return NDCTL_FWA_METHOD_RESET; > } > > +static int is_ndbus_cxl(const char *ctl_base) > +{ > + char *path, *ppath, *subsys; > + char tmp_path[PATH_MAX]; > + int rc; > + > + /* get the real path of ctl_base */ > + path = realpath(ctl_base, NULL); > + if (!path) > + return -errno; > + > + /* setup to get the nd bridge device backing the ctl */ > + sprintf(tmp_path, "%s/device", path); > + free(path); > + > + path = realpath(tmp_path, NULL); > + if (!path) > + return -errno; > + > + /* get the parent dir of the ndbus, which should be the nvdimm-bridge */ > + ppath = dirname(path); > + > + /* setup to get the subsystem of the nvdimm-bridge */ > + sprintf(tmp_path, "%s/%s", ppath, "subsystem"); > + free(path); > + > + path = realpath(tmp_path, NULL); > + if (!path) > + return -errno; > + > + subsys = basename(path); > + > + /* check if subsystem is cxl */ > + if (!strcmp(subsys, "cxl")) > + rc = 1; > + else > + rc = 0; > + > + free(path); > + return rc; > +} > + > static void *add_bus(void *parent, int id, const char *ctl_base) > { > char buf[SYSFS_ATTR_SIZE]; > @@ -919,6 +962,11 @@ static void *add_bus(void *parent, int id, const char *ctl_base) > else > bus->has_of_node = 1; > > + if (is_ndbus_cxl(ctl_base)) > + bus->has_cxl = 1; > + else > + bus->has_cxl = 0; > + I think you can drop is_ndbus_cxl() and just do this: @@ -981,6 +976,11 @@ static void *add_bus(void *parent, int id, const char *ctl_base) if (!bus->provider) goto err_read; + if (strcasestr("cxl", provider)) + bus->has_cxl = 1; + else + bus->has_cxl = 0; + sprintf(path, "%s/device/wait_probe", ctl_base); bus->wait_probe_path = strdup(path); if (!bus->wait_probe_path) ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [ndctl PATCH v2 1/4] ndctl: add CXL bus detection 2022-12-15 20:38 ` Dan Williams @ 2022-12-15 21:18 ` Jeff Moyer 2022-12-15 22:27 ` Dan Williams 0 siblings, 1 reply; 12+ messages in thread From: Jeff Moyer @ 2022-12-15 21:18 UTC (permalink / raw) To: Dan Williams; +Cc: Dave Jiang, linux-cxl, nvdimm, vishal.l.verma Dan Williams <dan.j.williams@intel.com> writes: > Dave Jiang wrote: >> Add a CXL bus type, and detect whether a 'dimm' is backed by the CXL >> subsystem. >> >> Reviewed-by: Alison Schofield <alison.schofield@intel.com> >> Signed-off-by: Dave Jiang <dave.jiang@intel.com> >> >> --- >> v2: >> - Improve commit log. (Vishal) >> --- >> ndctl/lib/libndctl.c | 53 ++++++++++++++++++++++++++++++++++++++++++++++++ >> ndctl/lib/libndctl.sym | 1 + >> ndctl/lib/private.h | 1 + >> ndctl/libndctl.h | 1 + >> 4 files changed, 56 insertions(+) >> >> diff --git a/ndctl/lib/libndctl.c b/ndctl/lib/libndctl.c >> index ad54f0626510..10422e24d38b 100644 >> --- a/ndctl/lib/libndctl.c >> +++ b/ndctl/lib/libndctl.c >> @@ -12,6 +12,7 @@ >> #include <ctype.h> >> #include <fcntl.h> >> #include <dirent.h> >> +#include <libgen.h> > > This new include had me looking for why below... man 3 basename >> #include <sys/stat.h> >> #include <sys/types.h> >> #include <sys/ioctl.h> >> @@ -876,6 +877,48 @@ static enum ndctl_fwa_method fwa_method_to_method(const char *fwa_method) >> return NDCTL_FWA_METHOD_RESET; >> } >> >> +static int is_ndbus_cxl(const char *ctl_base) >> +{ >> + char *path, *ppath, *subsys; >> + char tmp_path[PATH_MAX]; >> + int rc; >> + >> + /* get the real path of ctl_base */ >> + path = realpath(ctl_base, NULL); >> + if (!path) >> + return -errno; >> + >> + /* setup to get the nd bridge device backing the ctl */ >> + sprintf(tmp_path, "%s/device", path); >> + free(path); >> + >> + path = realpath(tmp_path, NULL); >> + if (!path) >> + return -errno; >> + >> + /* get the parent dir of the ndbus, which should be the nvdimm-bridge */ >> + ppath = dirname(path); >> + >> + /* setup to get the subsystem of the nvdimm-bridge */ >> + sprintf(tmp_path, "%s/%s", ppath, "subsystem"); >> + free(path); >> + >> + path = realpath(tmp_path, NULL); >> + if (!path) >> + return -errno; >> + >> + subsys = basename(path); >> + >> + /* check if subsystem is cxl */ >> + if (!strcmp(subsys, "cxl")) >> + rc = 1; >> + else >> + rc = 0; >> + >> + free(path); >> + return rc; >> +} >> + >> static void *add_bus(void *parent, int id, const char *ctl_base) >> { >> char buf[SYSFS_ATTR_SIZE]; >> @@ -919,6 +962,11 @@ static void *add_bus(void *parent, int id, const char *ctl_base) >> else >> bus->has_of_node = 1; >> >> + if (is_ndbus_cxl(ctl_base)) >> + bus->has_cxl = 1; >> + else >> + bus->has_cxl = 0; >> + > > I think you can drop is_ndbus_cxl() and just do this: > > @@ -981,6 +976,11 @@ static void *add_bus(void *parent, int id, const char *ctl_base) > if (!bus->provider) > goto err_read; > > + if (strcasestr("cxl", provider)) > + bus->has_cxl = 1; > + else > + bus->has_cxl = 0; > + Can you explain why this is preferred? Cheers, Jeff ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [ndctl PATCH v2 1/4] ndctl: add CXL bus detection 2022-12-15 21:18 ` Jeff Moyer @ 2022-12-15 22:27 ` Dan Williams 2022-12-16 17:21 ` [ndctl PATCH v3 " Dave Jiang 0 siblings, 1 reply; 12+ messages in thread From: Dan Williams @ 2022-12-15 22:27 UTC (permalink / raw) To: Jeff Moyer, Dan Williams; +Cc: Dave Jiang, linux-cxl, nvdimm, vishal.l.verma Jeff Moyer wrote: > Dan Williams <dan.j.williams@intel.com> writes: > > > Dave Jiang wrote: > >> Add a CXL bus type, and detect whether a 'dimm' is backed by the CXL > >> subsystem. > >> > >> Reviewed-by: Alison Schofield <alison.schofield@intel.com> > >> Signed-off-by: Dave Jiang <dave.jiang@intel.com> > >> > >> --- > >> v2: > >> - Improve commit log. (Vishal) > >> --- > >> ndctl/lib/libndctl.c | 53 ++++++++++++++++++++++++++++++++++++++++++++++++ > >> ndctl/lib/libndctl.sym | 1 + > >> ndctl/lib/private.h | 1 + > >> ndctl/libndctl.h | 1 + > >> 4 files changed, 56 insertions(+) > >> > >> diff --git a/ndctl/lib/libndctl.c b/ndctl/lib/libndctl.c > >> index ad54f0626510..10422e24d38b 100644 > >> --- a/ndctl/lib/libndctl.c > >> +++ b/ndctl/lib/libndctl.c > >> @@ -12,6 +12,7 @@ > >> #include <ctype.h> > >> #include <fcntl.h> > >> #include <dirent.h> > >> +#include <libgen.h> > > > > This new include had me looking for why below... > > man 3 basename > > >> #include <sys/stat.h> > >> #include <sys/types.h> > >> #include <sys/ioctl.h> > >> @@ -876,6 +877,48 @@ static enum ndctl_fwa_method fwa_method_to_method(const char *fwa_method) > >> return NDCTL_FWA_METHOD_RESET; > >> } > >> > >> +static int is_ndbus_cxl(const char *ctl_base) > >> +{ > >> + char *path, *ppath, *subsys; > >> + char tmp_path[PATH_MAX]; > >> + int rc; > >> + > >> + /* get the real path of ctl_base */ > >> + path = realpath(ctl_base, NULL); > >> + if (!path) > >> + return -errno; > >> + > >> + /* setup to get the nd bridge device backing the ctl */ > >> + sprintf(tmp_path, "%s/device", path); > >> + free(path); > >> + > >> + path = realpath(tmp_path, NULL); > >> + if (!path) > >> + return -errno; > >> + > >> + /* get the parent dir of the ndbus, which should be the nvdimm-bridge */ > >> + ppath = dirname(path); > >> + > >> + /* setup to get the subsystem of the nvdimm-bridge */ > >> + sprintf(tmp_path, "%s/%s", ppath, "subsystem"); > >> + free(path); > >> + > >> + path = realpath(tmp_path, NULL); > >> + if (!path) > >> + return -errno; > >> + > >> + subsys = basename(path); > >> + > >> + /* check if subsystem is cxl */ > >> + if (!strcmp(subsys, "cxl")) > >> + rc = 1; > >> + else > >> + rc = 0; > >> + > >> + free(path); > >> + return rc; > >> +} > >> + > >> static void *add_bus(void *parent, int id, const char *ctl_base) > >> { > >> char buf[SYSFS_ATTR_SIZE]; > >> @@ -919,6 +962,11 @@ static void *add_bus(void *parent, int id, const char *ctl_base) > >> else > >> bus->has_of_node = 1; > >> > >> + if (is_ndbus_cxl(ctl_base)) > >> + bus->has_cxl = 1; > >> + else > >> + bus->has_cxl = 0; > >> + > > > > I think you can drop is_ndbus_cxl() and just do this: > > > > @@ -981,6 +976,11 @@ static void *add_bus(void *parent, int id, const char *ctl_base) > > if (!bus->provider) > > goto err_read; > > > > + if (strcasestr("cxl", provider)) > > + bus->has_cxl = 1; > > + else > > + bus->has_cxl = 0; > > + > > Can you explain why this is preferred? Just less code to achieve a similar result. I do like the precision of looking at the subsytem of bus device parent, just not the multiple calls to realpath() with dirname() and basename() thrown in which struck me as unnecessary. How about this: diff --git a/ndctl/lib/libndctl.c b/ndctl/lib/libndctl.c index c569178b9a3a..76bd7167bc70 100644 --- a/ndctl/lib/libndctl.c +++ b/ndctl/lib/libndctl.c @@ -877,40 +877,16 @@ static enum ndctl_fwa_method fwa_method_to_method(const char *fwa_method) return NDCTL_FWA_METHOD_RESET; } -static int is_ndbus_cxl(const char *ctl_base) +static int is_subsys_cxl(const char *subsys) { - char *path, *ppath, *subsys; - char tmp_path[PATH_MAX]; + char *path; int rc; - /* get the real path of ctl_base */ - path = realpath(ctl_base, NULL); + path = realpath(subsys, NULL); if (!path) return -errno; - /* setup to get the nd bridge device backing the ctl */ - sprintf(tmp_path, "%s/device", path); - free(path); - - path = realpath(tmp_path, NULL); - if (!path) - return -errno; - - /* get the parent dir of the ndbus, which should be the nvdimm-bridge */ - ppath = dirname(path); - - /* setup to get the subsystem of the nvdimm-bridge */ - sprintf(tmp_path, "%s/%s", ppath, "subsystem"); - free(path); - - path = realpath(tmp_path, NULL); - if (!path) - return -errno; - - subsys = basename(path); - - /* check if subsystem is cxl */ - if (!strcmp(subsys, "cxl")) + if (!strcmp(subsys, "/sys/bus/cxl")) rc = 1; else rc = 0; @@ -962,7 +938,8 @@ static void *add_bus(void *parent, int id, const char *ctl_base) else bus->has_of_node = 1; - if (is_ndbus_cxl(ctl_base)) + sprintf(path, "%s/device/../subsys", ctl_base); + if (is_subsys_cxl(path)) bus->has_cxl = 1; else bus->has_cxl = 0; ^ permalink raw reply related [flat|nested] 12+ messages in thread
* [ndctl PATCH v3 1/4] ndctl: add CXL bus detection 2022-12-15 22:27 ` Dan Williams @ 2022-12-16 17:21 ` Dave Jiang 2022-12-16 17:23 ` Dave Jiang 0 siblings, 1 reply; 12+ messages in thread From: Dave Jiang @ 2022-12-16 17:21 UTC (permalink / raw) To: linux-cxl, nvdimm; +Cc: dan.j.williams, jmoyer, vishal.l.verma Add a CXL bus type, and detect whether a 'dimm' is backed by the CXL subsystem. Reviewed-by: Alison Schofield <alison.schofield@intel.com> Signed-off-by: Dave Jiang <dave.jiang@intel.com> --- v3: - Simplify detecting cxl subsystem. (Dan) v2: - Improve commit log. (Vishal) --- ndctl/lib/libndctl.c | 30 ++++++++++++++++++++++++++++++ ndctl/lib/libndctl.sym | 1 + ndctl/lib/private.h | 1 + ndctl/libndctl.h | 1 + 4 files changed, 33 insertions(+) diff --git a/ndctl/lib/libndctl.c b/ndctl/lib/libndctl.c index ad54f0626510..9cd5340b5702 100644 --- a/ndctl/lib/libndctl.c +++ b/ndctl/lib/libndctl.c @@ -12,6 +12,7 @@ #include <ctype.h> #include <fcntl.h> #include <dirent.h> +#include <libgen.h> #include <sys/stat.h> #include <sys/types.h> #include <sys/ioctl.h> @@ -876,6 +877,24 @@ static enum ndctl_fwa_method fwa_method_to_method(const char *fwa_method) return NDCTL_FWA_METHOD_RESET; } +static int is_subsys_cxl(const char *subsys) +{ + char *path; + int rc; + + path = realpath(subsys, NULL); + if (!path) + return -errno; + + if (!strcmp(subsys, "/sys/bus/cxl")) + rc = 1; + else + rc = 0; + + free(path); + return rc; +} + static void *add_bus(void *parent, int id, const char *ctl_base) { char buf[SYSFS_ATTR_SIZE]; @@ -919,6 +938,12 @@ static void *add_bus(void *parent, int id, const char *ctl_base) else bus->has_of_node = 1; + sprintf(path, "%s/device/../subsys", ctl_base); + if (is_subsys_cxl(path)) + bus->has_cxl = 1; + else + bus->has_cxl = 0; + sprintf(path, "%s/device/nfit/dsm_mask", ctl_base); if (sysfs_read_attr(ctx, path, buf) < 0) bus->nfit_dsm_mask = 0; @@ -1050,6 +1075,11 @@ NDCTL_EXPORT int ndctl_bus_has_of_node(struct ndctl_bus *bus) return bus->has_of_node; } +NDCTL_EXPORT int ndctl_bus_has_cxl(struct ndctl_bus *bus) +{ + return bus->has_cxl; +} + NDCTL_EXPORT int ndctl_bus_is_papr_scm(struct ndctl_bus *bus) { char buf[SYSFS_ATTR_SIZE]; diff --git a/ndctl/lib/libndctl.sym b/ndctl/lib/libndctl.sym index 75c32b9d4967..2892544d1985 100644 --- a/ndctl/lib/libndctl.sym +++ b/ndctl/lib/libndctl.sym @@ -464,4 +464,5 @@ LIBNDCTL_27 { } LIBNDCTL_26; LIBNDCTL_28 { ndctl_dimm_disable_master_passphrase; + ndctl_bus_has_cxl; } LIBNDCTL_27; diff --git a/ndctl/lib/private.h b/ndctl/lib/private.h index e5c56295556d..46bc8908bd90 100644 --- a/ndctl/lib/private.h +++ b/ndctl/lib/private.h @@ -163,6 +163,7 @@ struct ndctl_bus { int regions_init; int has_nfit; int has_of_node; + int has_cxl; char *bus_path; char *bus_buf; size_t buf_len; diff --git a/ndctl/libndctl.h b/ndctl/libndctl.h index c52e82a6f826..91ef0f42f654 100644 --- a/ndctl/libndctl.h +++ b/ndctl/libndctl.h @@ -133,6 +133,7 @@ struct ndctl_bus *ndctl_bus_get_next(struct ndctl_bus *bus); struct ndctl_ctx *ndctl_bus_get_ctx(struct ndctl_bus *bus); int ndctl_bus_has_nfit(struct ndctl_bus *bus); int ndctl_bus_has_of_node(struct ndctl_bus *bus); +int ndctl_bus_has_cxl(struct ndctl_bus *bus); int ndctl_bus_is_papr_scm(struct ndctl_bus *bus); unsigned int ndctl_bus_get_major(struct ndctl_bus *bus); unsigned int ndctl_bus_get_minor(struct ndctl_bus *bus); ^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [ndctl PATCH v3 1/4] ndctl: add CXL bus detection 2022-12-16 17:21 ` [ndctl PATCH v3 " Dave Jiang @ 2022-12-16 17:23 ` Dave Jiang 2022-12-16 18:44 ` Dan Williams 2023-01-04 20:30 ` [ndctl PATCH v4 " Dave Jiang 0 siblings, 2 replies; 12+ messages in thread From: Dave Jiang @ 2022-12-16 17:23 UTC (permalink / raw) To: linux-cxl, nvdimm; +Cc: dan.j.williams, jmoyer, vishal.l.verma On 12/16/2022 10:21 AM, Dave Jiang wrote: > Add a CXL bus type, and detect whether a 'dimm' is backed by the CXL > subsystem. > > Reviewed-by: Alison Schofield <alison.schofield@intel.com> > Signed-off-by: Dave Jiang <dave.jiang@intel.com> > > --- > v3: > - Simplify detecting cxl subsystem. (Dan) > v2: > - Improve commit log. (Vishal) > --- > ndctl/lib/libndctl.c | 30 ++++++++++++++++++++++++++++++ > ndctl/lib/libndctl.sym | 1 + > ndctl/lib/private.h | 1 + > ndctl/libndctl.h | 1 + > 4 files changed, 33 insertions(+) > > diff --git a/ndctl/lib/libndctl.c b/ndctl/lib/libndctl.c > index ad54f0626510..9cd5340b5702 100644 > --- a/ndctl/lib/libndctl.c > +++ b/ndctl/lib/libndctl.c > @@ -12,6 +12,7 @@ > #include <ctype.h> > #include <fcntl.h> > #include <dirent.h> > +#include <libgen.h> Of course I missed removing this change. > #include <sys/stat.h> > #include <sys/types.h> > #include <sys/ioctl.h> > @@ -876,6 +877,24 @@ static enum ndctl_fwa_method fwa_method_to_method(const char *fwa_method) > return NDCTL_FWA_METHOD_RESET; > } > > +static int is_subsys_cxl(const char *subsys) > +{ > + char *path; > + int rc; > + > + path = realpath(subsys, NULL); > + if (!path) > + return -errno; > + > + if (!strcmp(subsys, "/sys/bus/cxl")) > + rc = 1; > + else > + rc = 0; > + > + free(path); > + return rc; > +} > + > static void *add_bus(void *parent, int id, const char *ctl_base) > { > char buf[SYSFS_ATTR_SIZE]; > @@ -919,6 +938,12 @@ static void *add_bus(void *parent, int id, const char *ctl_base) > else > bus->has_of_node = 1; > > + sprintf(path, "%s/device/../subsys", ctl_base); > + if (is_subsys_cxl(path)) > + bus->has_cxl = 1; > + else > + bus->has_cxl = 0; > + > sprintf(path, "%s/device/nfit/dsm_mask", ctl_base); > if (sysfs_read_attr(ctx, path, buf) < 0) > bus->nfit_dsm_mask = 0; > @@ -1050,6 +1075,11 @@ NDCTL_EXPORT int ndctl_bus_has_of_node(struct ndctl_bus *bus) > return bus->has_of_node; > } > > +NDCTL_EXPORT int ndctl_bus_has_cxl(struct ndctl_bus *bus) > +{ > + return bus->has_cxl; > +} > + > NDCTL_EXPORT int ndctl_bus_is_papr_scm(struct ndctl_bus *bus) > { > char buf[SYSFS_ATTR_SIZE]; > diff --git a/ndctl/lib/libndctl.sym b/ndctl/lib/libndctl.sym > index 75c32b9d4967..2892544d1985 100644 > --- a/ndctl/lib/libndctl.sym > +++ b/ndctl/lib/libndctl.sym > @@ -464,4 +464,5 @@ LIBNDCTL_27 { > } LIBNDCTL_26; > LIBNDCTL_28 { > ndctl_dimm_disable_master_passphrase; > + ndctl_bus_has_cxl; > } LIBNDCTL_27; > diff --git a/ndctl/lib/private.h b/ndctl/lib/private.h > index e5c56295556d..46bc8908bd90 100644 > --- a/ndctl/lib/private.h > +++ b/ndctl/lib/private.h > @@ -163,6 +163,7 @@ struct ndctl_bus { > int regions_init; > int has_nfit; > int has_of_node; > + int has_cxl; > char *bus_path; > char *bus_buf; > size_t buf_len; > diff --git a/ndctl/libndctl.h b/ndctl/libndctl.h > index c52e82a6f826..91ef0f42f654 100644 > --- a/ndctl/libndctl.h > +++ b/ndctl/libndctl.h > @@ -133,6 +133,7 @@ struct ndctl_bus *ndctl_bus_get_next(struct ndctl_bus *bus); > struct ndctl_ctx *ndctl_bus_get_ctx(struct ndctl_bus *bus); > int ndctl_bus_has_nfit(struct ndctl_bus *bus); > int ndctl_bus_has_of_node(struct ndctl_bus *bus); > +int ndctl_bus_has_cxl(struct ndctl_bus *bus); > int ndctl_bus_is_papr_scm(struct ndctl_bus *bus); > unsigned int ndctl_bus_get_major(struct ndctl_bus *bus); > unsigned int ndctl_bus_get_minor(struct ndctl_bus *bus); > > ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [ndctl PATCH v3 1/4] ndctl: add CXL bus detection 2022-12-16 17:23 ` Dave Jiang @ 2022-12-16 18:44 ` Dan Williams 2023-01-04 20:30 ` [ndctl PATCH v4 " Dave Jiang 1 sibling, 0 replies; 12+ messages in thread From: Dan Williams @ 2022-12-16 18:44 UTC (permalink / raw) To: Dave Jiang, linux-cxl, nvdimm; +Cc: dan.j.williams, jmoyer, vishal.l.verma Dave Jiang wrote: > > > On 12/16/2022 10:21 AM, Dave Jiang wrote: > > Add a CXL bus type, and detect whether a 'dimm' is backed by the CXL > > subsystem. > > > > Reviewed-by: Alison Schofield <alison.schofield@intel.com> > > Signed-off-by: Dave Jiang <dave.jiang@intel.com> > > > > --- > > v3: > > - Simplify detecting cxl subsystem. (Dan) > > v2: > > - Improve commit log. (Vishal) > > --- > > ndctl/lib/libndctl.c | 30 ++++++++++++++++++++++++++++++ > > ndctl/lib/libndctl.sym | 1 + > > ndctl/lib/private.h | 1 + > > ndctl/libndctl.h | 1 + > > 4 files changed, 33 insertions(+) > > > > diff --git a/ndctl/lib/libndctl.c b/ndctl/lib/libndctl.c > > index ad54f0626510..9cd5340b5702 100644 > > --- a/ndctl/lib/libndctl.c > > +++ b/ndctl/lib/libndctl.c > > @@ -12,6 +12,7 @@ > > #include <ctype.h> > > #include <fcntl.h> > > #include <dirent.h> > > +#include <libgen.h> > > Of course I missed removing this change. With this fixed up feel free to add: Reviewed-by: Dan Williams <dan.j.williams@intel.com> ...for the series. ^ permalink raw reply [flat|nested] 12+ messages in thread
* [ndctl PATCH v4 1/4] ndctl: add CXL bus detection 2022-12-16 17:23 ` Dave Jiang 2022-12-16 18:44 ` Dan Williams @ 2023-01-04 20:30 ` Dave Jiang 1 sibling, 0 replies; 12+ messages in thread From: Dave Jiang @ 2023-01-04 20:30 UTC (permalink / raw) To: linux-cxl, nvdimm; +Cc: vishal.l.verma Add a CXL bus type, and detect whether a 'dimm' is backed by the CXL subsystem. Reviewed-by: Alison Schofield <alison.schofield@intel.com> Signed-off-by: Dave Jiang <dave.jiang@intel.com> --- v4: - Remove libgen.h include v3: - Simplify detecting cxl subsystem. (Dan) v2: - Improve commit log. (Vishal) --- ndctl/lib/libndctl.c | 29 +++++++++++++++++++++++++++++ ndctl/lib/libndctl.sym | 1 + ndctl/lib/private.h | 1 + ndctl/libndctl.h | 1 + 4 files changed, 32 insertions(+) diff --git a/ndctl/lib/libndctl.c b/ndctl/lib/libndctl.c index ad54f0626510..2b06dc8be81a 100644 --- a/ndctl/lib/libndctl.c +++ b/ndctl/lib/libndctl.c @@ -876,6 +876,24 @@ static enum ndctl_fwa_method fwa_method_to_method(const char *fwa_method) return NDCTL_FWA_METHOD_RESET; } +static int is_subsys_cxl(const char *subsys) +{ + char *path; + int rc; + + path = realpath(subsys, NULL); + if (!path) + return -errno; + + if (!strcmp(subsys, "/sys/bus/cxl")) + rc = 1; + else + rc = 0; + + free(path); + return rc; +} + static void *add_bus(void *parent, int id, const char *ctl_base) { char buf[SYSFS_ATTR_SIZE]; @@ -919,6 +937,12 @@ static void *add_bus(void *parent, int id, const char *ctl_base) else bus->has_of_node = 1; + sprintf(path, "%s/device/../subsys", ctl_base); + if (is_subsys_cxl(path)) + bus->has_cxl = 1; + else + bus->has_cxl = 0; + sprintf(path, "%s/device/nfit/dsm_mask", ctl_base); if (sysfs_read_attr(ctx, path, buf) < 0) bus->nfit_dsm_mask = 0; @@ -1050,6 +1074,11 @@ NDCTL_EXPORT int ndctl_bus_has_of_node(struct ndctl_bus *bus) return bus->has_of_node; } +NDCTL_EXPORT int ndctl_bus_has_cxl(struct ndctl_bus *bus) +{ + return bus->has_cxl; +} + NDCTL_EXPORT int ndctl_bus_is_papr_scm(struct ndctl_bus *bus) { char buf[SYSFS_ATTR_SIZE]; diff --git a/ndctl/lib/libndctl.sym b/ndctl/lib/libndctl.sym index 75c32b9d4967..2892544d1985 100644 --- a/ndctl/lib/libndctl.sym +++ b/ndctl/lib/libndctl.sym @@ -464,4 +464,5 @@ LIBNDCTL_27 { } LIBNDCTL_26; LIBNDCTL_28 { ndctl_dimm_disable_master_passphrase; + ndctl_bus_has_cxl; } LIBNDCTL_27; diff --git a/ndctl/lib/private.h b/ndctl/lib/private.h index e5c56295556d..46bc8908bd90 100644 --- a/ndctl/lib/private.h +++ b/ndctl/lib/private.h @@ -163,6 +163,7 @@ struct ndctl_bus { int regions_init; int has_nfit; int has_of_node; + int has_cxl; char *bus_path; char *bus_buf; size_t buf_len; diff --git a/ndctl/libndctl.h b/ndctl/libndctl.h index c52e82a6f826..91ef0f42f654 100644 --- a/ndctl/libndctl.h +++ b/ndctl/libndctl.h @@ -133,6 +133,7 @@ struct ndctl_bus *ndctl_bus_get_next(struct ndctl_bus *bus); struct ndctl_ctx *ndctl_bus_get_ctx(struct ndctl_bus *bus); int ndctl_bus_has_nfit(struct ndctl_bus *bus); int ndctl_bus_has_of_node(struct ndctl_bus *bus); +int ndctl_bus_has_cxl(struct ndctl_bus *bus); int ndctl_bus_is_papr_scm(struct ndctl_bus *bus); unsigned int ndctl_bus_get_major(struct ndctl_bus *bus); unsigned int ndctl_bus_get_minor(struct ndctl_bus *bus); ^ permalink raw reply related [flat|nested] 12+ messages in thread
* [ndctl PATCH v2 2/4] ndctl/libndctl: Add bus_prefix for CXL 2022-12-14 22:00 [ndctl PATCH v2 0/4] ndctl: Add security test for cxl devices through nvdimm Dave Jiang 2022-12-14 22:00 ` [ndctl PATCH v2 1/4] ndctl: add CXL bus detection Dave Jiang @ 2022-12-14 22:00 ` Dave Jiang 2022-12-14 22:00 ` [ndctl PATCH v2 3/4] ndctl/libndctl: Allow retrievng of unique_id for CXL mem dev Dave Jiang 2022-12-14 22:00 ` [ndctl PATCH v2 4/4] ndctl/test: Add CXL test for security Dave Jiang 3 siblings, 0 replies; 12+ messages in thread From: Dave Jiang @ 2022-12-14 22:00 UTC (permalink / raw) To: linux-cxl, nvdimm; +Cc: vishal.l.verma When the 'ndbus' is backed by CXL, setup the bus_prefix for dimm object appropriately. Signed-off-by: Dave Jiang <dave.jiang@intel.com> --- v2: - improve commit log. (Vishal) --- ndctl/lib/libndctl.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ndctl/lib/libndctl.c b/ndctl/lib/libndctl.c index 10422e24d38b..d2e800bc840a 100644 --- a/ndctl/lib/libndctl.c +++ b/ndctl/lib/libndctl.c @@ -2012,6 +2012,12 @@ static void *add_dimm(void *parent, int id, const char *dimm_base) goto out; } rc = add_papr_dimm(dimm, dimm_base); + } else if (ndctl_bus_has_cxl(bus)) { + dimm->bus_prefix = strdup("cxl"); + if (!dimm->bus_prefix) { + rc = -ENOMEM; + goto out; + } } if (rc == -ENODEV) { ^ permalink raw reply related [flat|nested] 12+ messages in thread
* [ndctl PATCH v2 3/4] ndctl/libndctl: Allow retrievng of unique_id for CXL mem dev 2022-12-14 22:00 [ndctl PATCH v2 0/4] ndctl: Add security test for cxl devices through nvdimm Dave Jiang 2022-12-14 22:00 ` [ndctl PATCH v2 1/4] ndctl: add CXL bus detection Dave Jiang 2022-12-14 22:00 ` [ndctl PATCH v2 2/4] ndctl/libndctl: Add bus_prefix for CXL Dave Jiang @ 2022-12-14 22:00 ` Dave Jiang 2022-12-14 22:00 ` [ndctl PATCH v2 4/4] ndctl/test: Add CXL test for security Dave Jiang 3 siblings, 0 replies; 12+ messages in thread From: Dave Jiang @ 2022-12-14 22:00 UTC (permalink / raw) To: linux-cxl, nvdimm; +Cc: vishal.l.verma With bus_prefix, retrieve the unique_id of CXL mem device. This will allow selecting a specific CXL mem device for the security test code. Signed-off-by: Dave Jiang <dave.jiang@intel.com> --- v2: - Fix commit subject. (Vishal) --- ndctl/lib/libndctl.c | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/ndctl/lib/libndctl.c b/ndctl/lib/libndctl.c index d2e800bc840a..c569178b9a3a 100644 --- a/ndctl/lib/libndctl.c +++ b/ndctl/lib/libndctl.c @@ -1749,6 +1749,33 @@ NDCTL_EXPORT void ndctl_dimm_refresh_flags(struct ndctl_dimm *dimm) parse_papr_flags(dimm, buf); } +static int populate_cxl_dimm_attributes(struct ndctl_dimm *dimm, + const char *dimm_base) +{ + int rc = 0; + char buf[SYSFS_ATTR_SIZE]; + struct ndctl_ctx *ctx = dimm->bus->ctx; + char *path = calloc(1, strlen(dimm_base) + 100); + const char *bus_prefix = dimm->bus_prefix; + + if (!path) + return -ENOMEM; + + sprintf(path, "%s/%s/id", dimm_base, bus_prefix); + if (sysfs_read_attr(ctx, path, buf) == 0) { + dimm->unique_id = strdup(buf); + if (!dimm->unique_id) { + rc = -ENOMEM; + goto err_read; + } + } + + err_read: + + free(path); + return rc; +} + static int populate_dimm_attributes(struct ndctl_dimm *dimm, const char *dimm_base) { @@ -2018,6 +2045,7 @@ static void *add_dimm(void *parent, int id, const char *dimm_base) rc = -ENOMEM; goto out; } + rc = populate_cxl_dimm_attributes(dimm, dimm_base); } if (rc == -ENODEV) { ^ permalink raw reply related [flat|nested] 12+ messages in thread
* [ndctl PATCH v2 4/4] ndctl/test: Add CXL test for security 2022-12-14 22:00 [ndctl PATCH v2 0/4] ndctl: Add security test for cxl devices through nvdimm Dave Jiang ` (2 preceding siblings ...) 2022-12-14 22:00 ` [ndctl PATCH v2 3/4] ndctl/libndctl: Allow retrievng of unique_id for CXL mem dev Dave Jiang @ 2022-12-14 22:00 ` Dave Jiang 3 siblings, 0 replies; 12+ messages in thread From: Dave Jiang @ 2022-12-14 22:00 UTC (permalink / raw) To: linux-cxl, nvdimm; +Cc: vishal.l.verma Create security-cxl.sh based off of security.sh for nfit security testing. The test will test a cxl_test based security commands enabling through nvdimm. Signed-off-by: Dave Jiang <dave.jiang@intel.com> --- v2: - Have test share common code. (Vishal) - Add cxl test to cxl test suite. (Dan) --- test/common | 7 +++++ test/cxl-security | 40 ++++++++++++++++++++++++++++ test/cxl-security.sh | 5 ++++ test/meson.build | 6 +++- test/nfit-security | 40 ++++++++++++++++++++++++++++ test/nfit-security.sh | 5 ++++ test/security.sh | 70 ++++++++++++++++++------------------------------- 7 files changed, 126 insertions(+), 47 deletions(-) create mode 100644 test/cxl-security create mode 100755 test/cxl-security.sh create mode 100644 test/nfit-security create mode 100755 test/nfit-security.sh diff --git a/test/common b/test/common index 44cc352f6009..b2519c17b34c 100644 --- a/test/common +++ b/test/common @@ -47,6 +47,7 @@ fi # NFIT_TEST_BUS0="nfit_test.0" NFIT_TEST_BUS1="nfit_test.1" +CXL_TEST_BUS="cxl_test" ACPI_BUS="ACPI.NFIT" E820_BUS="e820" @@ -125,6 +126,12 @@ _cleanup() modprobe -r nfit_test } +_cxl_cleanup() +{ + $NDCTL disable-region -b $CXL_TEST_BUS all + modprobe -r cxl_test +} + # json2var # stdin: json # diff --git a/test/cxl-security b/test/cxl-security new file mode 100644 index 000000000000..9a28ffd82b0b --- /dev/null +++ b/test/cxl-security @@ -0,0 +1,40 @@ +# SPDX-License-Identifier: GPL-2.0 +# Copyright (C) 2022, Intel Corp. All rights reserved. + +detect() +{ + dev="$($NDCTL list -b "$CXL_TEST_BUS" -D | jq -r 'sort_by(.id) | .[0].dev')" + [ -n "$dev" ] || err "$LINENO" + id="$($NDCTL list -b "$CXL_TEST_BUS" -D | jq -r 'sort_by(.id) | .[0].id')" + [ -n "$id" ] || err "$LINENO" +} + +lock_dimm() +{ + $NDCTL disable-dimm "$dev" + test_dimm_path="" + + nmem_rpath=$(readlink -f "/sys/bus/nd/devices/${dev}") + nmem_bus=$(dirname ${nmem_rpath}); + bus_provider_path="${nmem_bus}/provider" + test -e "$bus_provider_path" || err "$LINENO" + bus_provider=$(cat ${bus_provider_path}) + + [[ "$bus_provider" == "$CXL_TEST_BUS" ]] || err "$LINENO" + bus="cxl" + nmem_provider_path="/sys/bus/nd/devices/${dev}/${bus}/provider" + nmem_provider=$(cat ${nmem_provider_path}) + + test_dimm_path=$(readlink -f /sys/bus/$bus/devices/${nmem_provider}) + test_dimm_path=$(dirname $(dirname ${test_dimm_path}))/security_lock + + test -e "$test_dimm_path" + + # now lock the dimm + echo 1 > "${test_dimm_path}" + sstate="$(get_security_state)" + if [ "$sstate" != "locked" ]; then + echo "Incorrect security state: $sstate expected: locked" + err "$LINENO" + fi +} diff --git a/test/cxl-security.sh b/test/cxl-security.sh new file mode 100755 index 000000000000..d81ad3fe69d9 --- /dev/null +++ b/test/cxl-security.sh @@ -0,0 +1,5 @@ +#!/bin/bash -Ex +# SPDX-License-Identifier: GPL-2.0 +# Copyright (C) 2022 Intel Corporation. All rights reserved. + +$(dirname $0)/security.sh cxl diff --git a/test/meson.build b/test/meson.build index e0aaf5c6eaa9..a956885f6df6 100644 --- a/test/meson.build +++ b/test/meson.build @@ -215,9 +215,11 @@ if get_option('destructive').enabled() endif if get_option('keyutils').enabled() - security = find_program('security.sh') + nfit_security = find_program('nfit-security.sh') + cxl_security = find_program('cxl-security.sh') tests += [ - [ 'security.sh', security, 'ndctl' ] + [ 'nfit-security.sh', nfit_security, 'ndctl' ], + [ 'cxl-security.sh', cxl_security, 'cxl' ], ] endif diff --git a/test/nfit-security b/test/nfit-security new file mode 100644 index 000000000000..a05274ab801b --- /dev/null +++ b/test/nfit-security @@ -0,0 +1,40 @@ +# SPDX-License-Identifier: GPL-2.0 +# Copyright (C) 2022, Intel Corp. All rights reserved. + +detect() +{ + dev="$($NDCTL list -b "$NFIT_TEST_BUS0" -D | jq -r .[0].dev)" + [ -n "$dev" ] || err "$LINENO" + id="$($NDCTL list -b "$NFIT_TEST_BUS0" -D | jq -r .[0].id)" + [ -n "$id" ] || err "$LINENO" +} + +lock_dimm() +{ + $NDCTL disable-dimm "$dev" + # convert nmemX --> test_dimmY + # For now this is the only user of such a conversion so we can leave it + # inline. Once a subsequent user arrives we can refactor this to a + # helper in test/common: + # get_test_dimm_path "nfit_test.0" "nmem3" + handle="$($NDCTL list -b "$NFIT_TEST_BUS0" -d "$dev" -i | jq -r .[].dimms[0].handle)" + test_dimm_path="" + for test_dimm in /sys/devices/platform/"$NFIT_TEST_BUS0"/nfit_test_dimm/test_dimm*; do + td_handle_file="$test_dimm/handle" + test -e "$td_handle_file" || continue + td_handle="$(cat "$td_handle_file")" + if [[ "$td_handle" -eq "$handle" ]]; then + test_dimm_path="$test_dimm" + break + fi + done + test -d "$test_dimm_path" + + # now lock the dimm + echo 1 > "${test_dimm_path}/lock_dimm" + sstate="$(get_security_state)" + if [ "$sstate" != "locked" ]; then + echo "Incorrect security state: $sstate expected: locked" + err "$LINENO" + fi +} diff --git a/test/nfit-security.sh b/test/nfit-security.sh new file mode 100755 index 000000000000..3df9392438ab --- /dev/null +++ b/test/nfit-security.sh @@ -0,0 +1,5 @@ +#!/bin/bash -Ex +# SPDX-License-Identifier: GPL-2.0 +# Copyright (C) 2022 Intel Corporation. All rights reserved. + +$(dirname $0)/security.sh nfit diff --git a/test/security.sh b/test/security.sh index 1aa848839ea7..04f630e1946e 100755 --- a/test/security.sh +++ b/test/security.sh @@ -17,15 +17,7 @@ trap 'err $LINENO' ERR setup() { - $NDCTL disable-region -b "$NFIT_TEST_BUS0" all -} - -detect() -{ - dev="$($NDCTL list -b "$NFIT_TEST_BUS0" -D | jq -r .[0].dev)" - [ -n "$dev" ] || err "$LINENO" - id="$($NDCTL list -b "$NFIT_TEST_BUS0" -D | jq -r .[0].id)" - [ -n "$id" ] || err "$LINENO" + $NDCTL disable-region -b "$TEST_BUS" all } setup_keys() @@ -78,44 +70,14 @@ post_cleanup() fi } -lock_dimm() -{ - $NDCTL disable-dimm "$dev" - # convert nmemX --> test_dimmY - # For now this is the only user of such a conversion so we can leave it - # inline. Once a subsequent user arrives we can refactor this to a - # helper in test/common: - # get_test_dimm_path "nfit_test.0" "nmem3" - handle="$($NDCTL list -b "$NFIT_TEST_BUS0" -d "$dev" -i | jq -r .[].dimms[0].handle)" - test_dimm_path="" - for test_dimm in /sys/devices/platform/"$NFIT_TEST_BUS0"/nfit_test_dimm/test_dimm*; do - td_handle_file="$test_dimm/handle" - test -e "$td_handle_file" || continue - td_handle="$(cat "$td_handle_file")" - if [[ "$td_handle" -eq "$handle" ]]; then - test_dimm_path="$test_dimm" - break - fi - done - test -d "$test_dimm_path" - - # now lock the dimm - echo 1 > "${test_dimm_path}/lock_dimm" - sstate="$(get_security_state)" - if [ "$sstate" != "locked" ]; then - echo "Incorrect security state: $sstate expected: locked" - err "$LINENO" - fi -} - get_frozen_state() { - $NDCTL list -i -b "$NFIT_TEST_BUS0" -d "$dev" | jq -r .[].dimms[0].security_frozen + $NDCTL list -i -b "$TEST_BUS" -d "$dev" | jq -r .[].dimms[0].security_frozen } get_security_state() { - $NDCTL list -i -b "$NFIT_TEST_BUS0" -d "$dev" | jq -r .[].dimms[0].security + $NDCTL list -i -b "$TEST_BUS" -d "$dev" | jq -r .[].dimms[0].security } setup_passphrase() @@ -192,7 +154,7 @@ test_4_security_unlock() echo "Incorrect security state: $sstate expected: unlocked" err "$LINENO" fi - $NDCTL disable-region -b "$NFIT_TEST_BUS0" all + $NDCTL disable-region -b "$TEST_BUS" all remove_passphrase } @@ -243,13 +205,26 @@ test_6_load_keys() fi } -check_min_kver "5.0" || do_skip "may lack security handling" +if [ "$1" = "nfit" ]; then + . $(dirname $0)/nfit-security + TEST_BUS="$NFIT_TEST_BUS0" + check_min_kver "5.0" || do_skip "may lack security handling" + KMOD_TEST="nfit_test" +elif [ "$1" = "cxl" ]; then + . $(dirname $0)/cxl-security + TEST_BUS="$CXL_TEST_BUS" + check_min_kver "6.2" || do_skip "may lack security handling" + KMOD_TEST="cxl_test" +else + do_skip "Missing input parameters" +fi + uid="$(keyctl show | grep -Eo "_uid.[0-9]+" | head -1 | cut -d. -f2-)" if [ "$uid" -ne 0 ]; then do_skip "run as root or with a sudo login shell for test to work" fi -modprobe nfit_test +modprobe "$KMOD_TEST" setup check_prereq "keyctl" rc=1 @@ -278,5 +253,10 @@ test_6_load_keys test_cleanup post_cleanup -_cleanup +if [ "$1" = "nfit" ]; then + _cleanup +elif [ "$1" = "cxl" ]; then + _cxl_cleanup +fi + exit 0 ^ permalink raw reply related [flat|nested] 12+ messages in thread
end of thread, other threads:[~2023-01-04 20:30 UTC | newest] Thread overview: 12+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-12-14 22:00 [ndctl PATCH v2 0/4] ndctl: Add security test for cxl devices through nvdimm Dave Jiang 2022-12-14 22:00 ` [ndctl PATCH v2 1/4] ndctl: add CXL bus detection Dave Jiang 2022-12-15 20:38 ` Dan Williams 2022-12-15 21:18 ` Jeff Moyer 2022-12-15 22:27 ` Dan Williams 2022-12-16 17:21 ` [ndctl PATCH v3 " Dave Jiang 2022-12-16 17:23 ` Dave Jiang 2022-12-16 18:44 ` Dan Williams 2023-01-04 20:30 ` [ndctl PATCH v4 " Dave Jiang 2022-12-14 22:00 ` [ndctl PATCH v2 2/4] ndctl/libndctl: Add bus_prefix for CXL Dave Jiang 2022-12-14 22:00 ` [ndctl PATCH v2 3/4] ndctl/libndctl: Allow retrievng of unique_id for CXL mem dev Dave Jiang 2022-12-14 22:00 ` [ndctl PATCH v2 4/4] ndctl/test: Add CXL test for security Dave Jiang
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.