From: "Derrick, Jonathan" <jonathan.derrick@intel.com>
To: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"zub@linux.fjfi.cvut.cz" <zub@linux.fjfi.cvut.cz>,
"linux-block@vger.kernel.org" <linux-block@vger.kernel.org>,
"sbauer@plzdonthack.me" <sbauer@plzdonthack.me>,
"axboe@kernel.dk" <axboe@kernel.dk>
Cc: "jonas.rabenstein@studium.uni-erlangen.de"
<jonas.rabenstein@studium.uni-erlangen.de>
Subject: Re: [PATCH 3/3] block: sed-opal: check size of shadow mbr
Date: Mon, 6 May 2019 20:15:56 +0000 [thread overview]
Message-ID: <36dab0ec1f7e0f974e035abb597bb38be517c959.camel@intel.com> (raw)
In-Reply-To: <1556666459-17948-4-git-send-email-zub@linux.fjfi.cvut.cz>
[-- Attachment #1: Type: text/plain, Size: 4122 bytes --]
lgtm again
Reviewed-by: Jon Derrick <jonathan.derrick@intel.com>
On Wed, 2019-05-01 at 01:20 +0200, David Kozub wrote:
> From: Jonas Rabenstein <jonas.rabenstein@studium.uni-erlangen.de>
>
> Check whether the shadow mbr does fit in the provided space on the
> target. Also a proper firmware should handle this case and return an
> error we may prevent problems or even damage with crappy firmwares.
>
> Signed-off-by: Jonas Rabenstein <
> jonas.rabenstein@studium.uni-erlangen.de>
> Signed-off-by: David Kozub <zub@linux.fjfi.cvut.cz>
> Reviewed-by: Scott Bauer <sbauer@plzdonthack.me>
> Reviewed-by: Jon Derrick <jonathan.derrick@intel.com>
> ---
> block/opal_proto.h | 16 ++++++++++++++++
> block/sed-opal.c | 39 +++++++++++++++++++++++++++++++++++++++
> 2 files changed, 55 insertions(+)
>
> diff --git a/block/opal_proto.h b/block/opal_proto.h
> index b6e352cfe982..5e8df3245eb0 100644
> --- a/block/opal_proto.h
> +++ b/block/opal_proto.h
> @@ -106,6 +106,7 @@ enum opal_uid {
> OPAL_ENTERPRISE_BANDMASTER0_UID,
> OPAL_ENTERPRISE_ERASEMASTER_UID,
> /* tables */
> + OPAL_TABLE_TABLE,
> OPAL_LOCKINGRANGE_GLOBAL,
> OPAL_LOCKINGRANGE_ACE_RDLOCKED,
> OPAL_LOCKINGRANGE_ACE_WRLOCKED,
> @@ -160,6 +161,21 @@ enum opal_token {
> OPAL_STARTCOLUMN = 0x03,
> OPAL_ENDCOLUMN = 0x04,
> OPAL_VALUES = 0x01,
> + /* table table */
> + OPAL_TABLE_UID = 0x00,
> + OPAL_TABLE_NAME = 0x01,
> + OPAL_TABLE_COMMON = 0x02,
> + OPAL_TABLE_TEMPLATE = 0x03,
> + OPAL_TABLE_KIND = 0x04,
> + OPAL_TABLE_COLUMN = 0x05,
> + OPAL_TABLE_COLUMNS = 0x06,
> + OPAL_TABLE_ROWS = 0x07,
> + OPAL_TABLE_ROWS_FREE = 0x08,
> + OPAL_TABLE_ROW_BYTES = 0x09,
> + OPAL_TABLE_LASTID = 0x0A,
> + OPAL_TABLE_MIN = 0x0B,
> + OPAL_TABLE_MAX = 0x0C,
> +
> /* authority table */
> OPAL_PIN = 0x03,
> /* locking tokens */
> diff --git a/block/sed-opal.c b/block/sed-opal.c
> index 5acb873e9037..39e3eecca58d 100644
> --- a/block/sed-opal.c
> +++ b/block/sed-opal.c
> @@ -138,6 +138,8 @@ static const u8 opaluid[][OPAL_UID_LENGTH] = {
>
> /* tables */
>
> + [OPAL_TABLE_TABLE]
> + { 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01 },
> [OPAL_LOCKINGRANGE_GLOBAL] =
> { 0x00, 0x00, 0x08, 0x02, 0x00, 0x00, 0x00, 0x01 },
> [OPAL_LOCKINGRANGE_ACE_RDLOCKED] =
> @@ -1139,6 +1141,29 @@ static int generic_get_column(struct opal_dev
> *dev, const u8 *table,
> return finalize_and_send(dev, parse_and_check_status);
> }
>
> +/*
> + * see TCG SAS 5.3.2.3 for a description of the available columns
> + *
> + * the result is provided in dev->resp->tok[4]
> + */
> +static int generic_get_table_info(struct opal_dev *dev, enum
> opal_uid table,
> + u64 column)
> +{
> + u8 uid[OPAL_UID_LENGTH];
> + const unsigned int half = OPAL_UID_LENGTH/2;
> +
> + /* sed-opal UIDs can be split in two halves:
> + * first: actual table index
> + * second: relative index in the table
> + * so we have to get the first half of the OPAL_TABLE_TABLE and
> use the
> + * first part of the target table as relative index into that
> table
> + */
> + memcpy(uid, opaluid[OPAL_TABLE_TABLE], half);
> + memcpy(uid+half, opaluid[table], half);
> +
> + return generic_get_column(dev, uid, column);
> +}
> +
> static int gen_key(struct opal_dev *dev, void *data)
> {
> u8 uid[OPAL_UID_LENGTH];
> @@ -1554,6 +1579,20 @@ static int write_shadow_mbr(struct opal_dev
> *dev, void *data)
> u64 len;
> int err = 0;
>
> + /* do we fit in the available shadow mbr space? */
> + err = generic_get_table_info(dev, OPAL_MBR, OPAL_TABLE_ROWS);
> + if (err) {
> + pr_debug("MBR: could not get shadow size\n");
> + return err;
> + }
> +
> + len = response_get_u64(&dev->parsed, 4);
> + if (shadow->size > len || shadow->offset > len - shadow->size)
> {
> + pr_debug("MBR: does not fit in shadow (%llu vs.
> %llu)\n",
> + shadow->offset + shadow->size, len);
> + return -ENOSPC;
> + }
> +
> /* do the actual transmission(s) */
> src = (u8 __user *)(uintptr_t)shadow->data;
> while (off < shadow->size) {
[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 3278 bytes --]
next prev parent reply other threads:[~2019-05-06 20:16 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-30 23:20 [PATCH 0/3] block: sed-opal: add support for shadow MBR done flag and write David Kozub
2019-04-30 23:20 ` [PATCH 1/3] block: sed-opal: add ioctl for done-mark of shadow mbr David Kozub
2019-05-01 10:36 ` David Kozub
2019-05-01 13:46 ` Christoph Hellwig
2019-05-05 14:16 ` Scott Bauer
2019-05-06 20:02 ` Derrick, Jonathan
2019-04-30 23:20 ` [PATCH 2/3] block: sed-opal: ioctl for writing to " David Kozub
2019-05-01 13:48 ` Christoph Hellwig
2019-05-05 14:22 ` Scott Bauer
2019-04-30 23:20 ` [PATCH 3/3] block: sed-opal: check size of " David Kozub
2019-05-05 14:27 ` Scott Bauer
2019-05-06 20:15 ` Derrick, Jonathan [this message]
2019-05-01 13:49 ` [PATCH 0/3] block: sed-opal: add support for shadow MBR done flag and write Christoph Hellwig
2019-05-03 20:32 ` David Kozub
2019-05-05 14:43 ` Scott Bauer
2019-05-09 19:31 ` Derrick, Jonathan
2019-05-13 22:12 ` David Kozub
2019-05-02 12:30 ` Scott Bauer
2019-05-02 16:03 ` David Kozub
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=36dab0ec1f7e0f974e035abb597bb38be517c959.camel@intel.com \
--to=jonathan.derrick@intel.com \
--cc=axboe@kernel.dk \
--cc=jonas.rabenstein@studium.uni-erlangen.de \
--cc=linux-block@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sbauer@plzdonthack.me \
--cc=zub@linux.fjfi.cvut.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).