[PATCH 0/5] sed-opal: add command to read locking range attributes

[PATCH 0/5] sed-opal: add command to read locking range attributes

[Ondrej Kozina]

This patch set aims to add ability to user authorities to read locking
range attributes.

It's achieved in two steps (except SUM enabled drives):

1) Patch IOC_OPAL_ADD_USR_TO_LR command so that user authority (together with
OPAL_ADMIN1) is added in ACE that allows getting locking range attributes.

2) Add new ioctl command IOC_OPAL_GET_LR_STATUS to get locking range
attributes to user authority assigned to specific locking range.

libcryptsetup plans to support OPAL2 drives and needs to verify locking
range parameters before device activation (LR unlock) takes place since
it's considered undesirable to have (for example) partition mapped beyond
locking range boundaries.

Ondrej Kozina (5):
  sed-opal: do not add user authority twice in boolean ace.
  sed-opal: add helper for adding user authorities in ACE.
  sed-opal: allow user authority to get locking range attributes.
  sed-opal: add helper to get multiple columns at once.
  sed-opal: Add command to read locking range parameters.

 block/opal_proto.h            |   1 +
 block/sed-opal.c              | 263 ++++++++++++++++++++++++++++------
 include/linux/sed-opal.h      |   1 +
 include/uapi/linux/sed-opal.h |  11 ++
 4 files changed, 233 insertions(+), 43 deletions(-)

-- 
2.31.1

[PATCH 1/5] sed-opal: do not add user authority twice in boolean ace.

[Ondrej Kozina]

While adding user authority in boolean ace value
of uid OPAL_LOCKINGRANGE_ACE_WRLOCKED or
OPAL_LOCKINGRANGE_ACE_RDLOCKED, it was added twice.

Signed-off-by: Ondrej Kozina <okozina@redhat.com>
Tested-by: Luca Boccassi <bluca@debian.org>
Tested-by: Milan Broz <gmazyland@gmail.com>
---
 block/sed-opal.c | 16 ----------------
 1 file changed, 16 deletions(-)

diff --git a/block/sed-opal.c b/block/sed-opal.c
index c320093c14f1..d86d3e5f5a44 100644
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -1798,22 +1798,6 @@ static int add_user_to_lr(struct opal_dev *dev, void *data)
 	add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
 	add_token_u8(&err, dev, OPAL_ENDNAME);
 
-
-	add_token_u8(&err, dev, OPAL_STARTNAME);
-	add_token_bytestring(&err, dev,
-			     opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
-			     OPAL_UID_LENGTH/2);
-	add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
-	add_token_u8(&err, dev, OPAL_ENDNAME);
-
-
-	add_token_u8(&err, dev, OPAL_STARTNAME);
-	add_token_bytestring(&err, dev, opaluid[OPAL_HALF_UID_BOOLEAN_ACE],
-			     OPAL_UID_LENGTH/2);
-	add_token_u8(&err, dev, 1);
-	add_token_u8(&err, dev, OPAL_ENDNAME);
-
-
 	add_token_u8(&err, dev, OPAL_ENDLIST);
 	add_token_u8(&err, dev, OPAL_ENDNAME);
 	add_token_u8(&err, dev, OPAL_ENDLIST);
-- 
2.31.1

[PATCH 2/5] sed-opal: add helper for adding user authorities in ACE.

[Ondrej Kozina]

Moves ACE construction away from add_user_to_lr routine
to be used later in added code.

Signed-off-by: Ondrej Kozina <okozina@redhat.com>
Tested-by: Luca Boccassi <bluca@debian.org>
Tested-by: Milan Broz <gmazyland@gmail.com>
---
 block/sed-opal.c | 64 +++++++++++++++++++++++++++++++++---------------
 1 file changed, 44 insertions(+), 20 deletions(-)

diff --git a/block/sed-opal.c b/block/sed-opal.c
index d86d3e5f5a44..2c3e38df9c65 100644
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -1759,25 +1759,16 @@ static int set_sid_cpin_pin(struct opal_dev *dev, void *data)
 	return finalize_and_send(dev, parse_and_check_status);
 }
 
-static int add_user_to_lr(struct opal_dev *dev, void *data)
+static int set_lr_boolean_ace(struct opal_dev *dev, unsigned int opal_uid, u8 lr,
+			      const u8 *users, size_t users_len)
 {
 	u8 lr_buffer[OPAL_UID_LENGTH];
 	u8 user_uid[OPAL_UID_LENGTH];
-	struct opal_lock_unlock *lkul = data;
+	u8 u;
 	int err;
 
-	memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_RDLOCKED],
-	       OPAL_UID_LENGTH);
-
-	if (lkul->l_state == OPAL_RW)
-		memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_WRLOCKED],
-		       OPAL_UID_LENGTH);
-
-	lr_buffer[7] = lkul->session.opal_key.lr;
-
-	memcpy(user_uid, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
-
-	user_uid[7] = lkul->session.who;
+	memcpy(lr_buffer, opaluid[opal_uid], OPAL_UID_LENGTH);
+	lr_buffer[7] = lr;
 
 	err = cmd_start(dev, lr_buffer, opalmethod[OPAL_SET]);
 
@@ -1790,19 +1781,52 @@ static int add_user_to_lr(struct opal_dev *dev, void *data)
 
 	add_token_u8(&err, dev, OPAL_STARTLIST);
 
+	for (u = 0; u < users_len; u++) {
+		if (users[u] == OPAL_ADMIN1)
+			memcpy(user_uid, opaluid[OPAL_ADMIN1_UID], OPAL_UID_LENGTH);
+		else {
+			memcpy(user_uid, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
+			user_uid[7] = users[u];
+		}
 
-	add_token_u8(&err, dev, OPAL_STARTNAME);
-	add_token_bytestring(&err, dev,
-			     opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
-			     OPAL_UID_LENGTH/2);
-	add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
-	add_token_u8(&err, dev, OPAL_ENDNAME);
+		add_token_u8(&err, dev, OPAL_STARTNAME);
+		add_token_bytestring(&err, dev,
+				     opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
+				     OPAL_UID_LENGTH/2);
+		add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
+		add_token_u8(&err, dev, OPAL_ENDNAME);
+
+		if (u > 0) {
+			add_token_u8(&err, dev, OPAL_STARTNAME);
+			add_token_bytestring(&err, dev, opaluid[OPAL_HALF_UID_BOOLEAN_ACE],
+					     OPAL_UID_LENGTH/2);
+			add_token_u8(&err, dev, 1);
+			add_token_u8(&err, dev, OPAL_ENDNAME);
+		}
+	}
 
 	add_token_u8(&err, dev, OPAL_ENDLIST);
 	add_token_u8(&err, dev, OPAL_ENDNAME);
 	add_token_u8(&err, dev, OPAL_ENDLIST);
 	add_token_u8(&err, dev, OPAL_ENDNAME);
 
+	return err;
+}
+
+static int add_user_to_lr(struct opal_dev *dev, void *data)
+{
+	int err;
+	struct opal_lock_unlock *lkul = data;
+	const u8 users[] = {
+		lkul->session.who
+	};
+
+	err = set_lr_boolean_ace(dev,
+				 lkul->l_state == OPAL_RW ?
+					OPAL_LOCKINGRANGE_ACE_WRLOCKED :
+					OPAL_LOCKINGRANGE_ACE_RDLOCKED,
+				 lkul->session.opal_key.lr, users,
+				 ARRAY_SIZE(users));
 	if (err) {
 		pr_debug("Error building add user to locking range command.\n");
 		return err;
-- 
2.31.1

[PATCH 3/5] sed-opal: allow user authority to get locking range attributes.

[Ondrej Kozina]

Extend ACE set of locking range attributes accessible to user
authority. This patch allows user authority to get following
locking range attribues when user get added to locking range via
IOC_OPAL_ADD_USR_TO_LR:

locking range start
locking range end
read lock enabled
write lock enabled
read locked
write locked
lock on reset
active key

Note: Admin1 authority always remains in the ACE. Otherwise
it breaks current userspace expecting Admin1 in the ACE (sedutils).

See TCG OPAL2 s.4.3.1.7 "ACE_Locking_RangeNNNN_Get_RangeStartToActiveKey".

Signed-off-by: Ondrej Kozina <okozina@redhat.com>
Tested-by: Luca Boccassi <bluca@debian.org>
Tested-by: Milan Broz <gmazyland@gmail.com>
---
 block/opal_proto.h |  1 +
 block/sed-opal.c   | 23 +++++++++++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/block/opal_proto.h b/block/opal_proto.h
index 7152aa1f1a49..6dfaea272db2 100644
--- a/block/opal_proto.h
+++ b/block/opal_proto.h
@@ -105,6 +105,7 @@ enum opal_uid {
 	/* tables */
 	OPAL_TABLE_TABLE,
 	OPAL_LOCKINGRANGE_GLOBAL,
+	OPAL_LOCKINGRANGE_ACE_START_TO_KEY,
 	OPAL_LOCKINGRANGE_ACE_RDLOCKED,
 	OPAL_LOCKINGRANGE_ACE_WRLOCKED,
 	OPAL_MBRCONTROL,
diff --git a/block/sed-opal.c b/block/sed-opal.c
index 2c3e38df9c65..1ce61adc732c 100644
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -132,6 +132,8 @@ static const u8 opaluid[][OPAL_UID_LENGTH] = {
 		{ 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01 },
 	[OPAL_LOCKINGRANGE_GLOBAL] =
 		{ 0x00, 0x00, 0x08, 0x02, 0x00, 0x00, 0x00, 0x01 },
+	[OPAL_LOCKINGRANGE_ACE_START_TO_KEY] =
+		{ 0x00, 0x00, 0x00, 0x08, 0x00, 0x03, 0xD0, 0x01 },
 	[OPAL_LOCKINGRANGE_ACE_RDLOCKED] =
 		{ 0x00, 0x00, 0x00, 0x08, 0x00, 0x03, 0xE0, 0x01 },
 	[OPAL_LOCKINGRANGE_ACE_WRLOCKED] =
@@ -1835,6 +1837,26 @@ static int add_user_to_lr(struct opal_dev *dev, void *data)
 	return finalize_and_send(dev, parse_and_check_status);
 }
 
+static int add_user_to_lr_ace(struct opal_dev *dev, void *data)
+{
+	int err;
+	struct opal_lock_unlock *lkul = data;
+	const u8 users[] = {
+		OPAL_ADMIN1,
+		lkul->session.who
+	};
+
+	err = set_lr_boolean_ace(dev, OPAL_LOCKINGRANGE_ACE_START_TO_KEY,
+				 lkul->session.opal_key.lr, users, ARRAY_SIZE(users));
+
+	if (err) {
+		pr_debug("Error building add user to locking ranges ACEs.\n");
+		return err;
+	}
+
+	return finalize_and_send(dev, parse_and_check_status);
+}
+
 static int lock_unlock_locking_range(struct opal_dev *dev, void *data)
 {
 	u8 lr_buffer[OPAL_UID_LENGTH];
@@ -2372,6 +2394,7 @@ static int opal_add_user_to_lr(struct opal_dev *dev,
 	const struct opal_step steps[] = {
 		{ start_admin1LSP_opal_session, &lk_unlk->session.opal_key },
 		{ add_user_to_lr, lk_unlk },
+		{ add_user_to_lr_ace, lk_unlk },
 		{ end_opal_session, }
 	};
 	int ret;
-- 
2.31.1

[PATCH 4/5] sed-opal: add helper to get multiple columns at once.

[Ondrej Kozina]

Refactors current code querying single column to use the
new helper. Real multi column usage will be added later.

Signed-off-by: Ondrej Kozina <okozina@redhat.com>
Tested-by: Luca Boccassi <bluca@debian.org>
Tested-by: Milan Broz <gmazyland@gmail.com>
---
 block/sed-opal.c | 22 ++++++++++++++--------
 1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/block/sed-opal.c b/block/sed-opal.c
index 1ce61adc732c..27abed4d60ef 100644
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -1149,12 +1149,8 @@ static int finalize_and_send(struct opal_dev *dev, cont_fn cont)
 	return opal_send_recv(dev, cont);
 }
 
-/*
- * request @column from table @table on device @dev. On success, the column
- * data will be available in dev->resp->tok[4]
- */
-static int generic_get_column(struct opal_dev *dev, const u8 *table,
-			      u64 column)
+static int generic_get_columns(struct opal_dev *dev, const u8 *table,
+			       u64 start_column, u64 end_column)
 {
 	int err;
 
@@ -1164,12 +1160,12 @@ static int generic_get_column(struct opal_dev *dev, const u8 *table,
 
 	add_token_u8(&err, dev, OPAL_STARTNAME);
 	add_token_u8(&err, dev, OPAL_STARTCOLUMN);
-	add_token_u64(&err, dev, column);
+	add_token_u64(&err, dev, start_column);
 	add_token_u8(&err, dev, OPAL_ENDNAME);
 
 	add_token_u8(&err, dev, OPAL_STARTNAME);
 	add_token_u8(&err, dev, OPAL_ENDCOLUMN);
-	add_token_u64(&err, dev, column);
+	add_token_u64(&err, dev, end_column);
 	add_token_u8(&err, dev, OPAL_ENDNAME);
 
 	add_token_u8(&err, dev, OPAL_ENDLIST);
@@ -1180,6 +1176,16 @@ static int generic_get_column(struct opal_dev *dev, const u8 *table,
 	return finalize_and_send(dev, parse_and_check_status);
 }
 
+/*
+ * request @column from table @table on device @dev. On success, the column
+ * data will be available in dev->resp->tok[4]
+ */
+static int generic_get_column(struct opal_dev *dev, const u8 *table,
+			      u64 column)
+{
+	return generic_get_columns(dev, table, column, column);
+}
+
 /*
  * see TCG SAS 5.3.2.3 for a description of the available columns
  *
-- 
2.31.1

[PATCH 5/5] sed-opal: Add command to read locking range parameters.

[Ondrej Kozina]

It returns following attributes:

locking range start
locking range length
read lock enabled
write lock enabled
lock state (RW, RO or LK)

It can be retrieved by user authority provided the authority
was added to locking range via prior IOC_OPAL_ADD_USR_TO_LR
ioctl command. The command was extended to add user in ACE that
allows to read attributes listed above.

Signed-off-by: Ondrej Kozina <okozina@redhat.com>
Tested-by: Luca Boccassi <bluca@debian.org>
Tested-by: Milan Broz <gmazyland@gmail.com>
---
 block/sed-opal.c              | 140 ++++++++++++++++++++++++++++++++++
 include/linux/sed-opal.h      |   1 +
 include/uapi/linux/sed-opal.h |  11 +++
 3 files changed, 152 insertions(+)

diff --git a/block/sed-opal.c b/block/sed-opal.c
index 27abed4d60ef..9af2c72faf0e 100644
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -1445,6 +1445,116 @@ static int setup_locking_range(struct opal_dev *dev, void *data)
 	return finalize_and_send(dev, parse_and_check_status);
 }
 
+static int response_get_column(const struct parsed_resp *resp, int *iter, u8 column, u64 *value)
+{
+	const struct opal_resp_tok *tok;
+	int n = *iter;
+	u64 val;
+
+	tok = response_get_token(resp, n);
+	if (IS_ERR(tok))
+		return PTR_ERR(tok);
+
+	if (!response_token_matches(tok, OPAL_STARTNAME)) {
+		pr_debug("Unexpected response token type %d.\n", n);
+		return OPAL_INVAL_PARAM;
+	}
+
+	if (response_get_u64(resp, ++n) != column) {
+		pr_debug("Token %d does not match expected column %u.\n", n, column);
+		return OPAL_INVAL_PARAM;
+	}
+
+	val = response_get_u64(resp, ++n);
+
+	tok = response_get_token(resp, ++n);
+	if (IS_ERR(tok))
+		return PTR_ERR(tok);
+
+	if (!response_token_matches(tok, OPAL_ENDNAME)) {
+		pr_debug("Unexpected response token type %d.\n", n);
+		return OPAL_INVAL_PARAM;
+	}
+
+	*value = val;
+	*iter = ++n;
+
+	return 0;
+}
+
+static int locking_range_status(struct opal_dev *dev, void *data)
+{
+	u8 lr_buffer[OPAL_UID_LENGTH];
+	u64 resp;
+	bool rlocked, wlocked;
+	int err, tok_n = 2;
+	struct opal_lr_status *lrst = data;
+
+	err = build_locking_range(lr_buffer, sizeof(lr_buffer),
+				  lrst->session.opal_key.lr);
+	if (err)
+		return err;
+
+	err = generic_get_columns(dev, lr_buffer, OPAL_RANGESTART, OPAL_WRITELOCKED);
+	if (err) {
+		pr_debug("Couldn't get lr %u table columns %d to %d.\n",
+			 lrst->session.opal_key.lr, OPAL_RANGESTART,
+			 OPAL_WRITELOCKED);
+		return err;
+	}
+
+	/* range start */
+	err = response_get_column(&dev->parsed, &tok_n, OPAL_RANGESTART, &lrst->range_start);
+	if (err)
+		return err;
+
+	/* range length */
+	err = response_get_column(&dev->parsed, &tok_n, OPAL_RANGELENGTH, &lrst->range_length);
+	if (err)
+		return err;
+
+	/* RLE */
+	err = response_get_column(&dev->parsed, &tok_n, OPAL_READLOCKENABLED, &resp);
+	if (err)
+		return err;
+
+	lrst->RLE = !!resp;
+
+	/* WLE */
+	err = response_get_column(&dev->parsed, &tok_n, OPAL_WRITELOCKENABLED, &resp);
+	if (err)
+		return err;
+
+	lrst->WLE = !!resp;
+
+	/* read locked */
+	err = response_get_column(&dev->parsed, &tok_n, OPAL_READLOCKED, &resp);
+	if (err)
+		return err;
+
+	rlocked = !!resp;
+
+	/* write locked */
+	err = response_get_column(&dev->parsed, &tok_n, OPAL_WRITELOCKED, &resp);
+	if (err)
+		return err;
+
+	wlocked = !!resp;
+
+	/*opal_lock_state can not map 'read locked' only state. */
+	lrst->l_state = OPAL_RW;
+	if (rlocked && wlocked)
+		lrst->l_state = OPAL_LK;
+	else if (wlocked)
+		lrst->l_state = OPAL_RO;
+	else if (rlocked) {
+		pr_debug("Can not report read locked only state.\n");
+		return -EINVAL;
+	}
+
+	return 0;
+}
+
 static int start_generic_opal_session(struct opal_dev *dev,
 				      enum opal_uid auth,
 				      enum opal_uid sp_type,
@@ -2617,6 +2727,33 @@ static int opal_setup_locking_range(struct opal_dev *dev,
 	return ret;
 }
 
+static int opal_locking_range_status(struct opal_dev *dev,
+			  struct opal_lr_status *opal_lrst,
+			  void __user *data)
+{
+	const struct opal_step lr_steps[] = {
+		{ start_auth_opal_session, &opal_lrst->session },
+		{ locking_range_status, opal_lrst },
+		{ end_opal_session, }
+	};
+	int ret;
+
+	mutex_lock(&dev->dev_lock);
+	setup_opal_dev(dev);
+	ret = execute_steps(dev, lr_steps, ARRAY_SIZE(lr_steps));
+	mutex_unlock(&dev->dev_lock);
+
+	/* skip session info when copying back to uspace */
+	if (!ret && copy_to_user(data + offsetof(struct opal_lr_status, range_start),
+				(void *)opal_lrst + offsetof(struct opal_lr_status, range_start),
+				sizeof(*opal_lrst) - offsetof(struct opal_lr_status, range_start))) {
+		pr_debug("Error copying status to userspace\n");
+		return -EFAULT;
+	}
+
+	return ret;
+}
+
 static int opal_set_new_pw(struct opal_dev *dev, struct opal_new_pw *opal_pw)
 {
 	const struct opal_step pw_steps[] = {
@@ -2851,6 +2988,9 @@ int sed_ioctl(struct opal_dev *dev, unsigned int cmd, void __user *arg)
 	case IOC_OPAL_GET_STATUS:
 		ret = opal_get_status(dev, arg);
 		break;
+	case IOC_OPAL_GET_LR_STATUS:
+		ret = opal_locking_range_status(dev, p, arg);
+		break;
 	default:
 		break;
 	}
diff --git a/include/linux/sed-opal.h b/include/linux/sed-opal.h
index 31ac562a17d7..042c1e2cb0ce 100644
--- a/include/linux/sed-opal.h
+++ b/include/linux/sed-opal.h
@@ -45,6 +45,7 @@ static inline bool is_sed_ioctl(unsigned int cmd)
 	case IOC_OPAL_WRITE_SHADOW_MBR:
 	case IOC_OPAL_GENERIC_TABLE_RW:
 	case IOC_OPAL_GET_STATUS:
+	case IOC_OPAL_GET_LR_STATUS:
 		return true;
 	}
 	return false;
diff --git a/include/uapi/linux/sed-opal.h b/include/uapi/linux/sed-opal.h
index d7a1524023db..3905c8ffedbf 100644
--- a/include/uapi/linux/sed-opal.h
+++ b/include/uapi/linux/sed-opal.h
@@ -78,6 +78,16 @@ struct opal_user_lr_setup {
 	struct opal_session_info session;
 };
 
+struct opal_lr_status {
+	struct opal_session_info session;
+	__u64 range_start;
+	__u64 range_length;
+	__u32 RLE; /* Read Lock enabled */
+	__u32 WLE; /* Write Lock Enabled */
+	__u32 l_state;
+	__u8  align[4];
+};
+
 struct opal_lock_unlock {
 	struct opal_session_info session;
 	__u32 l_state;
@@ -168,5 +178,6 @@ struct opal_status {
 #define IOC_OPAL_WRITE_SHADOW_MBR   _IOW('p', 234, struct opal_shadow_mbr)
 #define IOC_OPAL_GENERIC_TABLE_RW   _IOW('p', 235, struct opal_read_write_table)
 #define IOC_OPAL_GET_STATUS         _IOR('p', 236, struct opal_status)
+#define IOC_OPAL_GET_LR_STATUS      _IOW('p', 237, struct opal_lr_status)
 
 #endif /* _UAPI_SED_OPAL_H */
-- 
2.31.1

Re: [PATCH 1/5] sed-opal: do not add user authority twice in boolean ace.

[Christian Brauner]

On Wed, Mar 22, 2023 at 04:16:00PM +0100, Ondrej Kozina wrote:
> While adding user authority in boolean ace value
> of uid OPAL_LOCKINGRANGE_ACE_WRLOCKED or
> OPAL_LOCKINGRANGE_ACE_RDLOCKED, it was added twice.
> 
> Signed-off-by: Ondrej Kozina <okozina@redhat.com>
> Tested-by: Luca Boccassi <bluca@debian.org>
> Tested-by: Milan Broz <gmazyland@gmail.com>
> ---
>  block/sed-opal.c | 16 ----------------
>  1 file changed, 16 deletions(-)
> 
> diff --git a/block/sed-opal.c b/block/sed-opal.c
> index c320093c14f1..d86d3e5f5a44 100644
> --- a/block/sed-opal.c
> +++ b/block/sed-opal.c
> @@ -1798,22 +1798,6 @@ static int add_user_to_lr(struct opal_dev *dev, void *data)
>  	add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
>  	add_token_u8(&err, dev, OPAL_ENDNAME);
>  
> -
> -	add_token_u8(&err, dev, OPAL_STARTNAME);
> -	add_token_bytestring(&err, dev,
> -			     opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
> -			     OPAL_UID_LENGTH/2);
> -	add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
> -	add_token_u8(&err, dev, OPAL_ENDNAME);
> -
> -
> -	add_token_u8(&err, dev, OPAL_STARTNAME);
> -	add_token_bytestring(&err, dev, opaluid[OPAL_HALF_UID_BOOLEAN_ACE],

This index only appears one time in the code. IOW, you're completely
removing OPAL_HALF_UID_BOOLEAN_ACE leavig only
OPAL_HALF_UID_AUTHORITY_OBJ_REF. Is that intended and if so why is
OPAL_HALF_UID_BOOLEAN_ACE not needed anymore?

Re: [PATCH 1/5] sed-opal: do not add user authority twice in boolean ace.

[Ondrej Kozina]

On 29. 03. 23 16:15, Christian Brauner wrote:
> On Wed, Mar 22, 2023 at 04:16:00PM +0100, Ondrej Kozina wrote:
> 
> This index only appears one time in the code. IOW, you're completely
> removing OPAL_HALF_UID_BOOLEAN_ACE leavig only
> OPAL_HALF_UID_AUTHORITY_OBJ_REF. Is that intended and if so why is
> OPAL_HALF_UID_BOOLEAN_ACE not needed anymore?
> 

It seemed redundant when only single authority is added in the set 
method aka { authority1, authority1, OR }:

TCG Storage Architecture Core Specification, 5.1.3.3 ACE_expression

"This is an alternative type where the options are either a uidref to an 
Authority object or one of the boolean_ACE (AND = 0 and OR = 1) options. 
This type is used within the AC_element list to form a postfix Boolean 
expression of Authorities."

I add OPAL_HALF_UID_BOOLEAN_ACE when there's more than single authority 
added in any ACE_expression in later code.

Re: [PATCH 2/5] sed-opal: add helper for adding user authorities in ACE.

[Christian Brauner]

On Wed, Mar 22, 2023 at 04:16:01PM +0100, Ondrej Kozina wrote:
> Moves ACE construction away from add_user_to_lr routine
> to be used later in added code.
> 
> Signed-off-by: Ondrej Kozina <okozina@redhat.com>
> Tested-by: Luca Boccassi <bluca@debian.org>
> Tested-by: Milan Broz <gmazyland@gmail.com>
> ---

Seems fine,
Acked-by: Christian Brauner <brauner@kernel.org>

Re: [PATCH 3/5] sed-opal: allow user authority to get locking range attributes.

[Christian Brauner]

On Wed, Mar 22, 2023 at 04:16:02PM +0100, Ondrej Kozina wrote:
> Extend ACE set of locking range attributes accessible to user
> authority. This patch allows user authority to get following
> locking range attribues when user get added to locking range via
> IOC_OPAL_ADD_USR_TO_LR:
> 
> locking range start
> locking range end
> read lock enabled
> write lock enabled
> read locked
> write locked
> lock on reset
> active key
> 
> Note: Admin1 authority always remains in the ACE. Otherwise
> it breaks current userspace expecting Admin1 in the ACE (sedutils).
> 
> See TCG OPAL2 s.4.3.1.7 "ACE_Locking_RangeNNNN_Get_RangeStartToActiveKey".
> 
> Signed-off-by: Ondrej Kozina <okozina@redhat.com>
> Tested-by: Luca Boccassi <bluca@debian.org>
> Tested-by: Milan Broz <gmazyland@gmail.com>
> ---

Seems fine,
Acked-by: Christian Brauner <brauner@kernel.org>

Re: [PATCH 4/5] sed-opal: add helper to get multiple columns at once.

[Christian Brauner]

On Wed, Mar 22, 2023 at 04:16:03PM +0100, Ondrej Kozina wrote:
> Refactors current code querying single column to use the
> new helper. Real multi column usage will be added later.
> 
> Signed-off-by: Ondrej Kozina <okozina@redhat.com>
> Tested-by: Luca Boccassi <bluca@debian.org>
> Tested-by: Milan Broz <gmazyland@gmail.com>
> ---

Seems fine,
Acked-by: Christian Brauner <brauner@kernel.org>

Re: [PATCH 0/5] sed-opal: add command to read locking range attributes

[Luca Boccassi]

On Wed, 22 Mar 2023 at 15:16, Ondrej Kozina <okozina@redhat.com> wrote:
>
> This patch set aims to add ability to user authorities to read locking
> range attributes.
>
> It's achieved in two steps (except SUM enabled drives):
>
> 1) Patch IOC_OPAL_ADD_USR_TO_LR command so that user authority (together with
> OPAL_ADMIN1) is added in ACE that allows getting locking range attributes.
>
> 2) Add new ioctl command IOC_OPAL_GET_LR_STATUS to get locking range
> attributes to user authority assigned to specific locking range.
>
> libcryptsetup plans to support OPAL2 drives and needs to verify locking
> range parameters before device activation (LR unlock) takes place since
> it's considered undesirable to have (for example) partition mapped beyond
> locking range boundaries.
>
> Ondrej Kozina (5):
>   sed-opal: do not add user authority twice in boolean ace.
>   sed-opal: add helper for adding user authorities in ACE.
>   sed-opal: allow user authority to get locking range attributes.
>   sed-opal: add helper to get multiple columns at once.
>   sed-opal: Add command to read locking range parameters.
>
>  block/opal_proto.h            |   1 +
>  block/sed-opal.c              | 263 ++++++++++++++++++++++++++++------
>  include/linux/sed-opal.h      |   1 +
>  include/uapi/linux/sed-opal.h |  11 ++
>  4 files changed, 233 insertions(+), 43 deletions(-)

Hi Jens,

Any chance we could get this series looked at, please? It's the last
thing we need to get userspace support going:
https://gitlab.com/cryptsetup/cryptsetup/-/merge_requests/461

Thanks!

Kind regards,
Luca Boccassi

Re: [PATCH 1/5] sed-opal: do not add user authority twice in boolean ace.

[Christoph Hellwig]

On Wed, Mar 29, 2023 at 05:20:29PM +0200, Ondrej Kozina wrote:
> It seemed redundant when only single authority is added in the set method
> aka { authority1, authority1, OR }:
> 
> TCG Storage Architecture Core Specification, 5.1.3.3 ACE_expression
> 
> "This is an alternative type where the options are either a uidref to an
> Authority object or one of the boolean_ACE (AND = 0 and OR = 1) options.
> This type is used within the AC_element list to form a postfix Boolean
> expression of Authorities."

Can you add this information to the commit message?

With that:

Reviewed-by: Christoph Hellwig <hch@lst.de>

Re: [PATCH 2/5] sed-opal: add helper for adding user authorities in ACE.

[Christoph Hellwig]

On Wed, Mar 22, 2023 at 04:16:01PM +0100, Ondrej Kozina wrote:
> Moves ACE construction away from add_user_to_lr routine
> to be used later in added code.
> 
> Signed-off-by: Ondrej Kozina <okozina@redhat.com>
> Tested-by: Luca Boccassi <bluca@debian.org>
> Tested-by: Milan Broz <gmazyland@gmail.com>
> ---
>  block/sed-opal.c | 64 +++++++++++++++++++++++++++++++++---------------
>  1 file changed, 44 insertions(+), 20 deletions(-)
> 
> diff --git a/block/sed-opal.c b/block/sed-opal.c
> index d86d3e5f5a44..2c3e38df9c65 100644
> --- a/block/sed-opal.c
> +++ b/block/sed-opal.c
> @@ -1759,25 +1759,16 @@ static int set_sid_cpin_pin(struct opal_dev *dev, void *data)
>  	return finalize_and_send(dev, parse_and_check_status);
>  }
>  
> -static int add_user_to_lr(struct opal_dev *dev, void *data)
> +static int set_lr_boolean_ace(struct opal_dev *dev, unsigned int opal_uid, u8 lr,
> +			      const u8 *users, size_t users_len)

Please avoid the overly long line here.

> +	for (u = 0; u < users_len; u++) {
> +		if (users[u] == OPAL_ADMIN1)
> +			memcpy(user_uid, opaluid[OPAL_ADMIN1_UID], OPAL_UID_LENGTH);
> +		else {
> +			memcpy(user_uid, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
> +			user_uid[7] = users[u];
> +		}
> +		add_token_u8(&err, dev, OPAL_STARTNAME);
> +		add_token_bytestring(&err, dev,
> +				     opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
> +				     OPAL_UID_LENGTH/2);
> +		add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
> +		add_token_u8(&err, dev, OPAL_ENDNAME);

Please facto the logic for adding each user into a nice little helper,
which wil also avoid the overly long lines.

> +		if (u > 0) {
> +			add_token_u8(&err, dev, OPAL_STARTNAME);
> +			add_token_bytestring(&err, dev, opaluid[OPAL_HALF_UID_BOOLEAN_ACE],
> +					     OPAL_UID_LENGTH/2);
> +			add_token_u8(&err, dev, 1);
> +			add_token_u8(&err, dev, OPAL_ENDNAME);
> +		}

And this would also benefit from both a helper and a comment.

Re: [PATCH 3/5] sed-opal: allow user authority to get locking range attributes.

[Christoph Hellwig]

On Wed, Mar 22, 2023 at 04:16:02PM +0100, Ondrej Kozina wrote:
> +{
> +	int err;
> +	struct opal_lock_unlock *lkul = data;
> +	const u8 users[] = {
> +		OPAL_ADMIN1,
> +		lkul->session.who
> +	};
> +
> +	err = set_lr_boolean_ace(dev, OPAL_LOCKINGRANGE_ACE_START_TO_KEY,
> +				 lkul->session.opal_key.lr, users, ARRAY_SIZE(users));

Please avoid the overly long line here.

Otherwise looks good:

Reviewed-by: Christoph Hellwig <hch@lst.de>

Re: [PATCH 4/5] sed-opal: add helper to get multiple columns at once.

[Christoph Hellwig]

Looks good:

Reviewed-by: Christoph Hellwig <hch@lst.de>

Re: [PATCH 5/5] sed-opal: Add command to read locking range parameters.

[Christoph Hellwig]

On Wed, Mar 22, 2023 at 04:16:04PM +0100, Ondrej Kozina wrote:
> +static int response_get_column(const struct parsed_resp *resp, int *iter, u8 column, u64 *value)

Please avoid the overly long line (plus a few more later).

Otherwise this looks good to me.

Re: [PATCH 1/5] sed-opal: do not add user authority twice in boolean ace.

[Christian Brauner]

On Wed, Mar 29, 2023 at 05:20:29PM +0200, Ondrej Kozina wrote:
> On 29. 03. 23 16:15, Christian Brauner wrote:
> > On Wed, Mar 22, 2023 at 04:16:00PM +0100, Ondrej Kozina wrote:
> > 
> > This index only appears one time in the code. IOW, you're completely
> > removing OPAL_HALF_UID_BOOLEAN_ACE leavig only
> > OPAL_HALF_UID_AUTHORITY_OBJ_REF. Is that intended and if so why is
> > OPAL_HALF_UID_BOOLEAN_ACE not needed anymore?
> > 
> 
> It seemed redundant when only single authority is added in the set method
> aka { authority1, authority1, OR }:
> 
> TCG Storage Architecture Core Specification, 5.1.3.3 ACE_expression
> 
> "This is an alternative type where the options are either a uidref to an
> Authority object or one of the boolean_ACE (AND = 0 and OR = 1) options.
> This type is used within the AC_element list to form a postfix Boolean
> expression of Authorities."
> 
> I add OPAL_HALF_UID_BOOLEAN_ACE when there's more than single authority
> added in any ACE_expression in later code.

Ok, thanks! As Christoph said, would be good to have this in the commit
message. Otherwise,

Acked-by: Christian Brauner <brauner@kernel.org>

Re: [PATCH 5/5] sed-opal: Add command to read locking range parameters.

[Christian Brauner]

On Wed, Mar 22, 2023 at 04:16:04PM +0100, Ondrej Kozina wrote:
> It returns following attributes:
> 
> locking range start
> locking range length
> read lock enabled
> write lock enabled
> lock state (RW, RO or LK)
> 
> It can be retrieved by user authority provided the authority
> was added to locking range via prior IOC_OPAL_ADD_USR_TO_LR
> ioctl command. The command was extended to add user in ACE that
> allows to read attributes listed above.
> 
> Signed-off-by: Ondrej Kozina <okozina@redhat.com>
> Tested-by: Luca Boccassi <bluca@debian.org>
> Tested-by: Milan Broz <gmazyland@gmail.com>
> ---
>  block/sed-opal.c              | 140 ++++++++++++++++++++++++++++++++++
>  include/linux/sed-opal.h      |   1 +
>  include/uapi/linux/sed-opal.h |  11 +++
>  3 files changed, 152 insertions(+)
> 
> diff --git a/block/sed-opal.c b/block/sed-opal.c
> index 27abed4d60ef..9af2c72faf0e 100644
> --- a/block/sed-opal.c
> +++ b/block/sed-opal.c
> @@ -1445,6 +1445,116 @@ static int setup_locking_range(struct opal_dev *dev, void *data)
>  	return finalize_and_send(dev, parse_and_check_status);
>  }
>  
> +static int response_get_column(const struct parsed_resp *resp, int *iter, u8 column, u64 *value)
> +{
> +	const struct opal_resp_tok *tok;
> +	int n = *iter;
> +	u64 val;
> +
> +	tok = response_get_token(resp, n);
> +	if (IS_ERR(tok))
> +		return PTR_ERR(tok);
> +
> +	if (!response_token_matches(tok, OPAL_STARTNAME)) {
> +		pr_debug("Unexpected response token type %d.\n", n);
> +		return OPAL_INVAL_PARAM;
> +	}
> +
> +	if (response_get_u64(resp, ++n) != column) {

Please don't rely on side-effects and increment explicitly before or
after the functin call so ++n and n++ doesn't matter.

> +		pr_debug("Token %d does not match expected column %u.\n", n, column);
> +		return OPAL_INVAL_PARAM;
> +	}
> +
> +	val = response_get_u64(resp, ++n);
> +
> +	tok = response_get_token(resp, ++n);
> +	if (IS_ERR(tok))
> +		return PTR_ERR(tok);
> +
> +	if (!response_token_matches(tok, OPAL_ENDNAME)) {
> +		pr_debug("Unexpected response token type %d.\n", n);
> +		return OPAL_INVAL_PARAM;
> +	}
> +
> +	*value = val;
> +	*iter = ++n;

This is how they explain side-effects in textbooks. :)

> +
> +	return 0;
> +}
> +
> +static int locking_range_status(struct opal_dev *dev, void *data)
> +{
> +	u8 lr_buffer[OPAL_UID_LENGTH];
> +	u64 resp;
> +	bool rlocked, wlocked;
> +	int err, tok_n = 2;
> +	struct opal_lr_status *lrst = data;
> +
> +	err = build_locking_range(lr_buffer, sizeof(lr_buffer),
> +				  lrst->session.opal_key.lr);
> +	if (err)
> +		return err;
> +
> +	err = generic_get_columns(dev, lr_buffer, OPAL_RANGESTART, OPAL_WRITELOCKED);
> +	if (err) {
> +		pr_debug("Couldn't get lr %u table columns %d to %d.\n",
> +			 lrst->session.opal_key.lr, OPAL_RANGESTART,
> +			 OPAL_WRITELOCKED);
> +		return err;
> +	}
> +
> +	/* range start */
> +	err = response_get_column(&dev->parsed, &tok_n, OPAL_RANGESTART, &lrst->range_start);
> +	if (err)
> +		return err;
> +
> +	/* range length */
> +	err = response_get_column(&dev->parsed, &tok_n, OPAL_RANGELENGTH, &lrst->range_length);
> +	if (err)
> +		return err;
> +
> +	/* RLE */
> +	err = response_get_column(&dev->parsed, &tok_n, OPAL_READLOCKENABLED, &resp);
> +	if (err)
> +		return err;
> +
> +	lrst->RLE = !!resp;
> +
> +	/* WLE */
> +	err = response_get_column(&dev->parsed, &tok_n, OPAL_WRITELOCKENABLED, &resp);
> +	if (err)
> +		return err;
> +
> +	lrst->WLE = !!resp;
> +
> +	/* read locked */
> +	err = response_get_column(&dev->parsed, &tok_n, OPAL_READLOCKED, &resp);
> +	if (err)
> +		return err;
> +
> +	rlocked = !!resp;
> +
> +	/* write locked */
> +	err = response_get_column(&dev->parsed, &tok_n, OPAL_WRITELOCKED, &resp);
> +	if (err)
> +		return err;
> +
> +	wlocked = !!resp;
> +
> +	/*opal_lock_state can not map 'read locked' only state. */
> +	lrst->l_state = OPAL_RW;
> +	if (rlocked && wlocked)
> +		lrst->l_state = OPAL_LK;
> +	else if (wlocked)
> +		lrst->l_state = OPAL_RO;
> +	else if (rlocked) {
> +		pr_debug("Can not report read locked only state.\n");
> +		return -EINVAL;
> +	}
> +
> +	return 0;
> +}
> +
>  static int start_generic_opal_session(struct opal_dev *dev,
>  				      enum opal_uid auth,
>  				      enum opal_uid sp_type,
> @@ -2617,6 +2727,33 @@ static int opal_setup_locking_range(struct opal_dev *dev,
>  	return ret;
>  }
>  
> +static int opal_locking_range_status(struct opal_dev *dev,
> +			  struct opal_lr_status *opal_lrst,
> +			  void __user *data)
> +{
> +	const struct opal_step lr_steps[] = {
> +		{ start_auth_opal_session, &opal_lrst->session },
> +		{ locking_range_status, opal_lrst },
> +		{ end_opal_session, }
> +	};
> +	int ret;
> +
> +	mutex_lock(&dev->dev_lock);
> +	setup_opal_dev(dev);
> +	ret = execute_steps(dev, lr_steps, ARRAY_SIZE(lr_steps));
> +	mutex_unlock(&dev->dev_lock);
> +
> +	/* skip session info when copying back to uspace */
> +	if (!ret && copy_to_user(data + offsetof(struct opal_lr_status, range_start),
> +				(void *)opal_lrst + offsetof(struct opal_lr_status, range_start),

Better written as

(void *)(opal_lrst + offsetof(struct opal_lr_status, range_start))

?

> +				sizeof(*opal_lrst) - offsetof(struct opal_lr_status, range_start))) {
> +		pr_debug("Error copying status to userspace\n");
> +		return -EFAULT;
> +	}
> +
> +	return ret;
> +}
> +
>  static int opal_set_new_pw(struct opal_dev *dev, struct opal_new_pw *opal_pw)
>  {
>  	const struct opal_step pw_steps[] = {
> @@ -2851,6 +2988,9 @@ int sed_ioctl(struct opal_dev *dev, unsigned int cmd, void __user *arg)
>  	case IOC_OPAL_GET_STATUS:
>  		ret = opal_get_status(dev, arg);
>  		break;
> +	case IOC_OPAL_GET_LR_STATUS:
> +		ret = opal_locking_range_status(dev, p, arg);
> +		break;
>  	default:
>  		break;
>  	}
> diff --git a/include/linux/sed-opal.h b/include/linux/sed-opal.h
> index 31ac562a17d7..042c1e2cb0ce 100644
> --- a/include/linux/sed-opal.h
> +++ b/include/linux/sed-opal.h
> @@ -45,6 +45,7 @@ static inline bool is_sed_ioctl(unsigned int cmd)
>  	case IOC_OPAL_WRITE_SHADOW_MBR:
>  	case IOC_OPAL_GENERIC_TABLE_RW:
>  	case IOC_OPAL_GET_STATUS:
> +	case IOC_OPAL_GET_LR_STATUS:
>  		return true;
>  	}
>  	return false;
> diff --git a/include/uapi/linux/sed-opal.h b/include/uapi/linux/sed-opal.h
> index d7a1524023db..3905c8ffedbf 100644
> --- a/include/uapi/linux/sed-opal.h
> +++ b/include/uapi/linux/sed-opal.h
> @@ -78,6 +78,16 @@ struct opal_user_lr_setup {
>  	struct opal_session_info session;
>  };
>  
> +struct opal_lr_status {
> +	struct opal_session_info session;
> +	__u64 range_start;
> +	__u64 range_length;
> +	__u32 RLE; /* Read Lock enabled */
> +	__u32 WLE; /* Write Lock Enabled */

Why is that in capital letters if I may ask? That seems strange uapi for
Linux. And why not just "read_lock_enabled" and "write_lock_enabled"
given that we also have "range_start" and "range_length". Let's not
CREAT one of those weird uapis if we don't have to.

> +	__u32 l_state;

"locking_state"?

> +	__u8  align[4];
> +};
> +
>  struct opal_lock_unlock {
>  	struct opal_session_info session;
>  	__u32 l_state;
> @@ -168,5 +178,6 @@ struct opal_status {
>  #define IOC_OPAL_WRITE_SHADOW_MBR   _IOW('p', 234, struct opal_shadow_mbr)
>  #define IOC_OPAL_GENERIC_TABLE_RW   _IOW('p', 235, struct opal_read_write_table)
>  #define IOC_OPAL_GET_STATUS         _IOR('p', 236, struct opal_status)
> +#define IOC_OPAL_GET_LR_STATUS      _IOW('p', 237, struct opal_lr_status)
>  
>  #endif /* _UAPI_SED_OPAL_H */
> -- 
> 2.31.1
> 

Re: [PATCH 5/5] sed-opal: Add command to read locking range parameters.

[Ondrej Kozina]

On 05. 04. 23 10:27, Christian Brauner wrote:
> On Wed, Mar 22, 2023 at 04:16:04PM +0100, Ondrej Kozina wrote:
>> +	if (!response_token_matches(tok, OPAL_STARTNAME)) {
>> +		pr_debug("Unexpected response token type %d.\n", n);
>> +		return OPAL_INVAL_PARAM;
>> +	}
>> +
>> +	if (response_get_u64(resp, ++n) != column) {
> 
> Please don't rely on side-effects and increment explicitly before or
> after the functin call so ++n and n++ doesn't matter.

Going to fix in version 2.

> 
>> +		pr_debug("Token %d does not match expected column %u.\n", n, column);
>> +		return OPAL_INVAL_PARAM;
>> +	}
>> +
>> +	val = response_get_u64(resp, ++n);
>> +
>> +	tok = response_get_token(resp, ++n);
>> +	if (IS_ERR(tok))
>> +		return PTR_ERR(tok);
>> +
>> +	if (!response_token_matches(tok, OPAL_ENDNAME)) {
>> +		pr_debug("Unexpected response token type %d.\n", n);
>> +		return OPAL_INVAL_PARAM;
>> +	}
>> +
>> +	*value = val;
>> +	*iter = ++n;
> 
> This is how they explain side-effects in textbooks. :)

Ditto.

(...)
>> +
>> +	/* skip session info when copying back to uspace */
>> +	if (!ret && copy_to_user(data + offsetof(struct opal_lr_status, range_start),
>> +				(void *)opal_lrst + offsetof(struct opal_lr_status, range_start),
> 
> Better written as
> 
> (void *)(opal_lrst + offsetof(struct opal_lr_status, range_start))

Nack. I need to read bytes from offset _inside_ struct opal_lr_status. 
This change would actually read from memory beyond pointed to by 
opal_lrst pointer.

(...)
>> diff --git a/include/uapi/linux/sed-opal.h b/include/uapi/linux/sed-opal.h
>> index d7a1524023db..3905c8ffedbf 100644
>> --- a/include/uapi/linux/sed-opal.h
>> +++ b/include/uapi/linux/sed-opal.h
>> @@ -78,6 +78,16 @@ struct opal_user_lr_setup {
>>   	struct opal_session_info session;
>>   };
>>   
>> +struct opal_lr_status {
>> +	struct opal_session_info session;
>> +	__u64 range_start;
>> +	__u64 range_length;
>> +	__u32 RLE; /* Read Lock enabled */
>> +	__u32 WLE; /* Write Lock Enabled */
> 
> Why is that in capital letters if I may ask? That seems strange uapi for
> Linux. And why not just "read_lock_enabled" and "write_lock_enabled"
> given that we also have "range_start" and "range_length". Let's not
> CREAT one of those weird uapis if we don't have to.

See 'opal_user_lr_setup' struct above. Since the new command is supposed 
to return those parameters I did not want to add confusion by naming it 
differently.

> 
>> +	__u32 l_state;
> 
> "locking_state"?

Same as above, see 'opal_lock_unlock' struct. It's even spicier 
considering it's impossible to set WRITE_ONLY state (lock only read I/O)
with sed-opal iface.

Re: [PATCH 5/5] sed-opal: Add command to read locking range parameters.

[Luca Boccassi]

On Wed, 5 Apr 2023 at 10:39, Ondrej Kozina <okozina@redhat.com> wrote:
>
> On 05. 04. 23 10:27, Christian Brauner wrote:
> > On Wed, Mar 22, 2023 at 04:16:04PM +0100, Ondrej Kozina wrote:
> >> diff --git a/include/uapi/linux/sed-opal.h b/include/uapi/linux/sed-opal.h
> >> index d7a1524023db..3905c8ffedbf 100644
> >> --- a/include/uapi/linux/sed-opal.h
> >> +++ b/include/uapi/linux/sed-opal.h
> >> @@ -78,6 +78,16 @@ struct opal_user_lr_setup {
> >>      struct opal_session_info session;
> >>   };
> >>
> >> +struct opal_lr_status {
> >> +    struct opal_session_info session;
> >> +    __u64 range_start;
> >> +    __u64 range_length;
> >> +    __u32 RLE; /* Read Lock enabled */
> >> +    __u32 WLE; /* Write Lock Enabled */
> >
> > Why is that in capital letters if I may ask? That seems strange uapi for
> > Linux. And why not just "read_lock_enabled" and "write_lock_enabled"
> > given that we also have "range_start" and "range_length". Let's not
> > CREAT one of those weird uapis if we don't have to.
>
> See 'opal_user_lr_setup' struct above. Since the new command is supposed
> to return those parameters I did not want to add confusion by naming it
> differently.
>
> >
> >> +    __u32 l_state;
> >
> > "locking_state"?
>
> Same as above, see 'opal_lock_unlock' struct. It's even spicier
> considering it's impossible to set WRITE_ONLY state (lock only read I/O)
> with sed-opal iface.

Yeah we really want to keep the parameters names the same across the
various ioctl, otherwise it's going to get very confusing very
quickly.

[PATCH v2 0/5] sed-opal: add command to read locking range attributes

[Ondrej Kozina]

This patch set aims to add ability to user authorities to read locking
range attributes.

It's achieved in two steps (except SUM enabled drives):

1) Patch IOC_OPAL_ADD_USR_TO_LR command so that user authority (together with
OPAL_ADMIN1) is added in ACE that allows getting locking range attributes.

2) Add new ioctl command IOC_OPAL_GET_LR_STATUS to get locking range
attributes to user authority assigned to specific locking range.

libcryptsetup plans to support OPAL2 drives and needs to verify locking
range parameters before device activation (LR unlock) takes place since
it's considered undesirable to have (for example) partition mapped beyond
locking range boundaries.

Changes since previous version:

v2:
  - Mostly code style fixes (overly long lines)
  - Refactored helper for adding user authorities in ACE (added boolean
    operators defines, explained addition of boolean ace operator
    when adding more than one user authority in ACE)

Ondrej Kozina (5):
  sed-opal: do not add same authority twice in boolean ace.
  sed-opal: add helper for adding user authorities in ACE.
  sed-opal: allow user authority to get locking range attributes.
  sed-opal: add helper to get multiple columns at once.
  sed-opal: Add command to read locking range parameters.

 block/opal_proto.h            |  10 ++
 block/sed-opal.c              | 301 +++++++++++++++++++++++++++++-----
 include/linux/sed-opal.h      |   1 +
 include/uapi/linux/sed-opal.h |  11 ++
 4 files changed, 280 insertions(+), 43 deletions(-)

-- 
2.31.1

[PATCH v2 1/5] sed-opal: do not add same authority twice in boolean ace.

[Ondrej Kozina]

While adding user authority in boolean ace value
of uid OPAL_LOCKINGRANGE_ACE_WRLOCKED or
OPAL_LOCKINGRANGE_ACE_RDLOCKED, it was added twice.

It seemed redundant when only single authority was added
in the set method aka { authority1, authority1, OR }:

TCG Storage Architecture Core Specification, 5.1.3.3 ACE_expression

"This is an alternative type where the options are either a uidref to an
Authority object or one of the boolean_ACE (AND = 0 and OR = 1) options.
This type is used within the AC_element list to form a postfix Boolean
expression of Authorities."

Signed-off-by: Ondrej Kozina <okozina@redhat.com>
Tested-by: Luca Boccassi <bluca@debian.org>
Tested-by: Milan Broz <gmazyland@gmail.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Acked-by: Christian Brauner <brauner@kernel.org>
---
 block/sed-opal.c | 16 ----------------
 1 file changed, 16 deletions(-)

diff --git a/block/sed-opal.c b/block/sed-opal.c
index c320093c14f1..d86d3e5f5a44 100644
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -1798,22 +1798,6 @@ static int add_user_to_lr(struct opal_dev *dev, void *data)
 	add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
 	add_token_u8(&err, dev, OPAL_ENDNAME);
 
-
-	add_token_u8(&err, dev, OPAL_STARTNAME);
-	add_token_bytestring(&err, dev,
-			     opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
-			     OPAL_UID_LENGTH/2);
-	add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
-	add_token_u8(&err, dev, OPAL_ENDNAME);
-
-
-	add_token_u8(&err, dev, OPAL_STARTNAME);
-	add_token_bytestring(&err, dev, opaluid[OPAL_HALF_UID_BOOLEAN_ACE],
-			     OPAL_UID_LENGTH/2);
-	add_token_u8(&err, dev, 1);
-	add_token_u8(&err, dev, OPAL_ENDNAME);
-
-
 	add_token_u8(&err, dev, OPAL_ENDLIST);
 	add_token_u8(&err, dev, OPAL_ENDNAME);
 	add_token_u8(&err, dev, OPAL_ENDLIST);
-- 
2.31.1

[PATCH v2 2/5] sed-opal: add helper for adding user authorities in ACE.

[Ondrej Kozina]

Move ACE construction away from add_user_to_lr routine
and refactor it to be used also in later code.

Also adds boolean operators defines from TCG Core
specification.

Signed-off-by: Ondrej Kozina <okozina@redhat.com>
Tested-by: Luca Boccassi <bluca@debian.org>
Tested-by: Milan Broz <gmazyland@gmail.com>
---
 block/opal_proto.h |  9 +++++
 block/sed-opal.c   | 88 +++++++++++++++++++++++++++++++++++-----------
 2 files changed, 77 insertions(+), 20 deletions(-)

diff --git a/block/opal_proto.h b/block/opal_proto.h
index 7152aa1f1a49..b045cbb9d76e 100644
--- a/block/opal_proto.h
+++ b/block/opal_proto.h
@@ -86,6 +86,15 @@ enum opal_response_token {
 #define OPAL_MSID_KEYLEN 15
 #define OPAL_UID_LENGTH_HALF 4
 
+/*
+ * Boolean operators from TCG Core spec 2.01 Section:
+ * 5.1.3.11
+ * Table 61
+ */
+#define OPAL_BOOLEAN_AND 0
+#define OPAL_BOOLEAN_OR  1
+#define OPAL_BOOLEAN_NOT 2
+
 /* Enum to index OPALUID array */
 enum opal_uid {
 	/* users */
diff --git a/block/sed-opal.c b/block/sed-opal.c
index d86d3e5f5a44..4d0253bc2bfd 100644
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -1759,25 +1759,43 @@ static int set_sid_cpin_pin(struct opal_dev *dev, void *data)
 	return finalize_and_send(dev, parse_and_check_status);
 }
 
-static int add_user_to_lr(struct opal_dev *dev, void *data)
+static void add_authority_object_ref(int *err,
+				     struct opal_dev *dev,
+				     const u8 *uid,
+				     size_t uid_len)
+{
+	add_token_u8(err, dev, OPAL_STARTNAME);
+	add_token_bytestring(err, dev,
+			     opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
+			     OPAL_UID_LENGTH/2);
+	add_token_bytestring(err, dev, uid, uid_len);
+	add_token_u8(err, dev, OPAL_ENDNAME);
+}
+
+static void add_boolean_object_ref(int *err,
+				   struct opal_dev *dev,
+				   u8 boolean_op)
+{
+	add_token_u8(err, dev, OPAL_STARTNAME);
+	add_token_bytestring(err, dev, opaluid[OPAL_HALF_UID_BOOLEAN_ACE],
+			     OPAL_UID_LENGTH/2);
+	add_token_u8(err, dev, boolean_op);
+	add_token_u8(err, dev, OPAL_ENDNAME);
+}
+
+static int set_lr_boolean_ace(struct opal_dev *dev,
+			      unsigned int opal_uid,
+			      u8 lr,
+			      const u8 *users,
+			      size_t users_len)
 {
 	u8 lr_buffer[OPAL_UID_LENGTH];
 	u8 user_uid[OPAL_UID_LENGTH];
-	struct opal_lock_unlock *lkul = data;
+	u8 u;
 	int err;
 
-	memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_RDLOCKED],
-	       OPAL_UID_LENGTH);
-
-	if (lkul->l_state == OPAL_RW)
-		memcpy(lr_buffer, opaluid[OPAL_LOCKINGRANGE_ACE_WRLOCKED],
-		       OPAL_UID_LENGTH);
-
-	lr_buffer[7] = lkul->session.opal_key.lr;
-
-	memcpy(user_uid, opaluid[OPAL_USER1_UID], OPAL_UID_LENGTH);
-
-	user_uid[7] = lkul->session.who;
+	memcpy(lr_buffer, opaluid[opal_uid], OPAL_UID_LENGTH);
+	lr_buffer[7] = lr;
 
 	err = cmd_start(dev, lr_buffer, opalmethod[OPAL_SET]);
 
@@ -1790,19 +1808,49 @@ static int add_user_to_lr(struct opal_dev *dev, void *data)
 
 	add_token_u8(&err, dev, OPAL_STARTLIST);
 
+	for (u = 0; u < users_len; u++) {
+		if (users[u] == OPAL_ADMIN1)
+			memcpy(user_uid, opaluid[OPAL_ADMIN1_UID],
+			       OPAL_UID_LENGTH);
+		else {
+			memcpy(user_uid, opaluid[OPAL_USER1_UID],
+			       OPAL_UID_LENGTH);
+			user_uid[7] = users[u];
+		}
+
+		add_authority_object_ref(&err, dev, user_uid, sizeof(user_uid));
 
-	add_token_u8(&err, dev, OPAL_STARTNAME);
-	add_token_bytestring(&err, dev,
-			     opaluid[OPAL_HALF_UID_AUTHORITY_OBJ_REF],
-			     OPAL_UID_LENGTH/2);
-	add_token_bytestring(&err, dev, user_uid, OPAL_UID_LENGTH);
-	add_token_u8(&err, dev, OPAL_ENDNAME);
+		/*
+		 * Add boolean operator in postfix only with
+		 * two or more authorities being added in ACE
+		 * expresion.
+		 * */
+		if (u > 0)
+			add_boolean_object_ref(&err, dev, OPAL_BOOLEAN_OR);
+	}
 
 	add_token_u8(&err, dev, OPAL_ENDLIST);
 	add_token_u8(&err, dev, OPAL_ENDNAME);
 	add_token_u8(&err, dev, OPAL_ENDLIST);
 	add_token_u8(&err, dev, OPAL_ENDNAME);
 
+	return err;
+}
+
+static int add_user_to_lr(struct opal_dev *dev, void *data)
+{
+	int err;
+	struct opal_lock_unlock *lkul = data;
+	const u8 users[] = {
+		lkul->session.who
+	};
+
+	err = set_lr_boolean_ace(dev,
+				 lkul->l_state == OPAL_RW ?
+					OPAL_LOCKINGRANGE_ACE_WRLOCKED :
+					OPAL_LOCKINGRANGE_ACE_RDLOCKED,
+				 lkul->session.opal_key.lr, users,
+				 ARRAY_SIZE(users));
 	if (err) {
 		pr_debug("Error building add user to locking range command.\n");
 		return err;
-- 
2.31.1

[PATCH v2 3/5] sed-opal: allow user authority to get locking range attributes.

[Ondrej Kozina]

Extend ACE set of locking range attributes accessible to user
authority. This patch allows user authority to get following
locking range attribues when user get added to locking range via
IOC_OPAL_ADD_USR_TO_LR:

locking range start
locking range end
read lock enabled
write lock enabled
read locked
write locked
lock on reset
active key

Note: Admin1 authority always remains in the ACE. Otherwise
it breaks current userspace expecting Admin1 in the ACE (sedutils).

See TCG OPAL2 s.4.3.1.7 "ACE_Locking_RangeNNNN_Get_RangeStartToActiveKey".

Signed-off-by: Ondrej Kozina <okozina@redhat.com>
Tested-by: Luca Boccassi <bluca@debian.org>
Tested-by: Milan Broz <gmazyland@gmail.com>
Acked-by: Christian Brauner <brauner@kernel.org>
Reviewed-by: Christoph Hellwig <hch@lst.de>
---
 block/opal_proto.h |  1 +
 block/sed-opal.c   | 24 ++++++++++++++++++++++++
 2 files changed, 25 insertions(+)

diff --git a/block/opal_proto.h b/block/opal_proto.h
index b045cbb9d76e..a4e56845dd82 100644
--- a/block/opal_proto.h
+++ b/block/opal_proto.h
@@ -114,6 +114,7 @@ enum opal_uid {
 	/* tables */
 	OPAL_TABLE_TABLE,
 	OPAL_LOCKINGRANGE_GLOBAL,
+	OPAL_LOCKINGRANGE_ACE_START_TO_KEY,
 	OPAL_LOCKINGRANGE_ACE_RDLOCKED,
 	OPAL_LOCKINGRANGE_ACE_WRLOCKED,
 	OPAL_MBRCONTROL,
diff --git a/block/sed-opal.c b/block/sed-opal.c
index 4d0253bc2bfd..38cc02b708ac 100644
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -132,6 +132,8 @@ static const u8 opaluid[][OPAL_UID_LENGTH] = {
 		{ 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01 },
 	[OPAL_LOCKINGRANGE_GLOBAL] =
 		{ 0x00, 0x00, 0x08, 0x02, 0x00, 0x00, 0x00, 0x01 },
+	[OPAL_LOCKINGRANGE_ACE_START_TO_KEY] =
+		{ 0x00, 0x00, 0x00, 0x08, 0x00, 0x03, 0xD0, 0x01 },
 	[OPAL_LOCKINGRANGE_ACE_RDLOCKED] =
 		{ 0x00, 0x00, 0x00, 0x08, 0x00, 0x03, 0xE0, 0x01 },
 	[OPAL_LOCKINGRANGE_ACE_WRLOCKED] =
@@ -1859,6 +1861,27 @@ static int add_user_to_lr(struct opal_dev *dev, void *data)
 	return finalize_and_send(dev, parse_and_check_status);
 }
 
+static int add_user_to_lr_ace(struct opal_dev *dev, void *data)
+{
+	int err;
+	struct opal_lock_unlock *lkul = data;
+	const u8 users[] = {
+		OPAL_ADMIN1,
+		lkul->session.who
+	};
+
+	err = set_lr_boolean_ace(dev, OPAL_LOCKINGRANGE_ACE_START_TO_KEY,
+				 lkul->session.opal_key.lr, users,
+				 ARRAY_SIZE(users));
+
+	if (err) {
+		pr_debug("Error building add user to locking ranges ACEs.\n");
+		return err;
+	}
+
+	return finalize_and_send(dev, parse_and_check_status);
+}
+
 static int lock_unlock_locking_range(struct opal_dev *dev, void *data)
 {
 	u8 lr_buffer[OPAL_UID_LENGTH];
@@ -2396,6 +2419,7 @@ static int opal_add_user_to_lr(struct opal_dev *dev,
 	const struct opal_step steps[] = {
 		{ start_admin1LSP_opal_session, &lk_unlk->session.opal_key },
 		{ add_user_to_lr, lk_unlk },
+		{ add_user_to_lr_ace, lk_unlk },
 		{ end_opal_session, }
 	};
 	int ret;
-- 
2.31.1

[PATCH v2 4/5] sed-opal: add helper to get multiple columns at once.

[Ondrej Kozina]

Refactors current code querying single column to use the
new helper. Real multi column usage will be added later.

Signed-off-by: Ondrej Kozina <okozina@redhat.com>
Tested-by: Luca Boccassi <bluca@debian.org>
Tested-by: Milan Broz <gmazyland@gmail.com>
Acked-by: Christian Brauner <brauner@kernel.org>
Reviewed-by: Christoph Hellwig <hch@lst.de>
---
 block/sed-opal.c | 22 ++++++++++++++--------
 1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/block/sed-opal.c b/block/sed-opal.c
index 38cc02b708ac..b95560d9c5eb 100644
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -1149,12 +1149,8 @@ static int finalize_and_send(struct opal_dev *dev, cont_fn cont)
 	return opal_send_recv(dev, cont);
 }
 
-/*
- * request @column from table @table on device @dev. On success, the column
- * data will be available in dev->resp->tok[4]
- */
-static int generic_get_column(struct opal_dev *dev, const u8 *table,
-			      u64 column)
+static int generic_get_columns(struct opal_dev *dev, const u8 *table,
+			       u64 start_column, u64 end_column)
 {
 	int err;
 
@@ -1164,12 +1160,12 @@ static int generic_get_column(struct opal_dev *dev, const u8 *table,
 
 	add_token_u8(&err, dev, OPAL_STARTNAME);
 	add_token_u8(&err, dev, OPAL_STARTCOLUMN);
-	add_token_u64(&err, dev, column);
+	add_token_u64(&err, dev, start_column);
 	add_token_u8(&err, dev, OPAL_ENDNAME);
 
 	add_token_u8(&err, dev, OPAL_STARTNAME);
 	add_token_u8(&err, dev, OPAL_ENDCOLUMN);
-	add_token_u64(&err, dev, column);
+	add_token_u64(&err, dev, end_column);
 	add_token_u8(&err, dev, OPAL_ENDNAME);
 
 	add_token_u8(&err, dev, OPAL_ENDLIST);
@@ -1180,6 +1176,16 @@ static int generic_get_column(struct opal_dev *dev, const u8 *table,
 	return finalize_and_send(dev, parse_and_check_status);
 }
 
+/*
+ * request @column from table @table on device @dev. On success, the column
+ * data will be available in dev->resp->tok[4]
+ */
+static int generic_get_column(struct opal_dev *dev, const u8 *table,
+			      u64 column)
+{
+	return generic_get_columns(dev, table, column, column);
+}
+
 /*
  * see TCG SAS 5.3.2.3 for a description of the available columns
  *
-- 
2.31.1

[PATCH v2 5/5] sed-opal: Add command to read locking range parameters.

[Ondrej Kozina]

It returns following attributes:

locking range start
locking range length
read lock enabled
write lock enabled
lock state (RW, RO or LK)

It can be retrieved by user authority provided the authority
was added to locking range via prior IOC_OPAL_ADD_USR_TO_LR
ioctl command. The command was extended to add user in ACE that
allows to read attributes listed above.

Signed-off-by: Ondrej Kozina <okozina@redhat.com>
Tested-by: Luca Boccassi <bluca@debian.org>
Tested-by: Milan Broz <gmazyland@gmail.com>
---
 block/sed-opal.c              | 153 ++++++++++++++++++++++++++++++++++
 include/linux/sed-opal.h      |   1 +
 include/uapi/linux/sed-opal.h |  11 +++
 3 files changed, 165 insertions(+)

diff --git a/block/sed-opal.c b/block/sed-opal.c
index b95560d9c5eb..3fc4e65db111 100644
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -1445,6 +1445,129 @@ static int setup_locking_range(struct opal_dev *dev, void *data)
 	return finalize_and_send(dev, parse_and_check_status);
 }
 
+static int response_get_column(const struct parsed_resp *resp,
+			       int *iter,
+			       u8 column,
+			       u64 *value)
+{
+	const struct opal_resp_tok *tok;
+	int n = *iter;
+	u64 val;
+
+	tok = response_get_token(resp, n);
+	if (IS_ERR(tok))
+		return PTR_ERR(tok);
+
+	if (!response_token_matches(tok, OPAL_STARTNAME)) {
+		pr_debug("Unexpected response token type %d.\n", n);
+		return OPAL_INVAL_PARAM;
+	}
+	n++;
+
+	if (response_get_u64(resp, n) != column) {
+		pr_debug("Token %d does not match expected column %u.\n",
+			 n, column);
+		return OPAL_INVAL_PARAM;
+	}
+	n++;
+
+	val = response_get_u64(resp, n);
+	n++;
+
+	tok = response_get_token(resp, n);
+	if (IS_ERR(tok))
+		return PTR_ERR(tok);
+
+	if (!response_token_matches(tok, OPAL_ENDNAME)) {
+		pr_debug("Unexpected response token type %d.\n", n);
+		return OPAL_INVAL_PARAM;
+	}
+	n++;
+
+	*value = val;
+	*iter = n;
+
+	return 0;
+}
+
+static int locking_range_status(struct opal_dev *dev, void *data)
+{
+	u8 lr_buffer[OPAL_UID_LENGTH];
+	u64 resp;
+	bool rlocked, wlocked;
+	int err, tok_n = 2;
+	struct opal_lr_status *lrst = data;
+
+	err = build_locking_range(lr_buffer, sizeof(lr_buffer),
+				  lrst->session.opal_key.lr);
+	if (err)
+		return err;
+
+	err = generic_get_columns(dev, lr_buffer, OPAL_RANGESTART,
+				  OPAL_WRITELOCKED);
+	if (err) {
+		pr_debug("Couldn't get lr %u table columns %d to %d.\n",
+			 lrst->session.opal_key.lr, OPAL_RANGESTART,
+			 OPAL_WRITELOCKED);
+		return err;
+	}
+
+	/* range start */
+	err = response_get_column(&dev->parsed, &tok_n, OPAL_RANGESTART,
+				  &lrst->range_start);
+	if (err)
+		return err;
+
+	/* range length */
+	err = response_get_column(&dev->parsed, &tok_n, OPAL_RANGELENGTH,
+				  &lrst->range_length);
+	if (err)
+		return err;
+
+	/* RLE */
+	err = response_get_column(&dev->parsed, &tok_n, OPAL_READLOCKENABLED,
+				  &resp);
+	if (err)
+		return err;
+
+	lrst->RLE = !!resp;
+
+	/* WLE */
+	err = response_get_column(&dev->parsed, &tok_n, OPAL_WRITELOCKENABLED,
+				  &resp);
+	if (err)
+		return err;
+
+	lrst->WLE = !!resp;
+
+	/* read locked */
+	err = response_get_column(&dev->parsed, &tok_n, OPAL_READLOCKED, &resp);
+	if (err)
+		return err;
+
+	rlocked = !!resp;
+
+	/* write locked */
+	err = response_get_column(&dev->parsed, &tok_n, OPAL_WRITELOCKED, &resp);
+	if (err)
+		return err;
+
+	wlocked = !!resp;
+
+	/* opal_lock_state can not map 'read locked' only state. */
+	lrst->l_state = OPAL_RW;
+	if (rlocked && wlocked)
+		lrst->l_state = OPAL_LK;
+	else if (wlocked)
+		lrst->l_state = OPAL_RO;
+	else if (rlocked) {
+		pr_debug("Can not report read locked only state.\n");
+		return -EINVAL;
+	}
+
+	return 0;
+}
+
 static int start_generic_opal_session(struct opal_dev *dev,
 				      enum opal_uid auth,
 				      enum opal_uid sp_type,
@@ -2642,6 +2765,33 @@ static int opal_setup_locking_range(struct opal_dev *dev,
 	return ret;
 }
 
+static int opal_locking_range_status(struct opal_dev *dev,
+			  struct opal_lr_status *opal_lrst,
+			  void __user *data)
+{
+	const struct opal_step lr_steps[] = {
+		{ start_auth_opal_session, &opal_lrst->session },
+		{ locking_range_status, opal_lrst },
+		{ end_opal_session, }
+	};
+	int ret;
+
+	mutex_lock(&dev->dev_lock);
+	setup_opal_dev(dev);
+	ret = execute_steps(dev, lr_steps, ARRAY_SIZE(lr_steps));
+	mutex_unlock(&dev->dev_lock);
+
+	/* skip session info when copying back to uspace */
+	if (!ret && copy_to_user(data + offsetof(struct opal_lr_status, range_start),
+				(void *)opal_lrst + offsetof(struct opal_lr_status, range_start),
+				sizeof(*opal_lrst) - offsetof(struct opal_lr_status, range_start))) {
+		pr_debug("Error copying status to userspace\n");
+		return -EFAULT;
+	}
+
+	return ret;
+}
+
 static int opal_set_new_pw(struct opal_dev *dev, struct opal_new_pw *opal_pw)
 {
 	const struct opal_step pw_steps[] = {
@@ -2876,6 +3026,9 @@ int sed_ioctl(struct opal_dev *dev, unsigned int cmd, void __user *arg)
 	case IOC_OPAL_GET_STATUS:
 		ret = opal_get_status(dev, arg);
 		break;
+	case IOC_OPAL_GET_LR_STATUS:
+		ret = opal_locking_range_status(dev, p, arg);
+		break;
 	default:
 		break;
 	}
diff --git a/include/linux/sed-opal.h b/include/linux/sed-opal.h
index 31ac562a17d7..042c1e2cb0ce 100644
--- a/include/linux/sed-opal.h
+++ b/include/linux/sed-opal.h
@@ -45,6 +45,7 @@ static inline bool is_sed_ioctl(unsigned int cmd)
 	case IOC_OPAL_WRITE_SHADOW_MBR:
 	case IOC_OPAL_GENERIC_TABLE_RW:
 	case IOC_OPAL_GET_STATUS:
+	case IOC_OPAL_GET_LR_STATUS:
 		return true;
 	}
 	return false;
diff --git a/include/uapi/linux/sed-opal.h b/include/uapi/linux/sed-opal.h
index d7a1524023db..3905c8ffedbf 100644
--- a/include/uapi/linux/sed-opal.h
+++ b/include/uapi/linux/sed-opal.h
@@ -78,6 +78,16 @@ struct opal_user_lr_setup {
 	struct opal_session_info session;
 };
 
+struct opal_lr_status {
+	struct opal_session_info session;
+	__u64 range_start;
+	__u64 range_length;
+	__u32 RLE; /* Read Lock enabled */
+	__u32 WLE; /* Write Lock Enabled */
+	__u32 l_state;
+	__u8  align[4];
+};
+
 struct opal_lock_unlock {
 	struct opal_session_info session;
 	__u32 l_state;
@@ -168,5 +178,6 @@ struct opal_status {
 #define IOC_OPAL_WRITE_SHADOW_MBR   _IOW('p', 234, struct opal_shadow_mbr)
 #define IOC_OPAL_GENERIC_TABLE_RW   _IOW('p', 235, struct opal_read_write_table)
 #define IOC_OPAL_GET_STATUS         _IOR('p', 236, struct opal_status)
+#define IOC_OPAL_GET_LR_STATUS      _IOW('p', 237, struct opal_lr_status)
 
 #endif /* _UAPI_SED_OPAL_H */
-- 
2.31.1

Re: [PATCH v2 0/5] sed-opal: add command to read locking range attributes

[Jens Axboe]

On Wed, 05 Apr 2023 13:12:18 +0200, Ondrej Kozina wrote:
> This patch set aims to add ability to user authorities to read locking
> range attributes.
> 
> It's achieved in two steps (except SUM enabled drives):
> 
> 1) Patch IOC_OPAL_ADD_USR_TO_LR command so that user authority (together with
> OPAL_ADMIN1) is added in ACE that allows getting locking range attributes.
> 
> [...]

Applied, thanks!

[1/5] sed-opal: do not add same authority twice in boolean ace.
      commit: 2fce95b196d34a17ac3f531933d156a8550d5b82
[2/5] sed-opal: add helper for adding user authorities in ACE.
      commit: 175b654402a11b01870e823f4eaa913b27ed8a63
[3/5] sed-opal: allow user authority to get locking range attributes.
      commit: 8be19a02f1e373d406b3d9e0c17a90c786c51c1f
[4/5] sed-opal: add helper to get multiple columns at once.
      commit: baf82b679cb2c76eb6f4b2881a60380e328ccc79
[5/5] sed-opal: Add command to read locking range parameters.
      commit: 4c4dd04e75e8177311d17387326253674cb0558b

Best regards,
-- 
Jens Axboe