linux-cxl.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Davidlohr Bueso <dave@stgolabs.net>
To: dan.j.williams@intel.com
Cc: jonathan.cameron@huawei.com, ira.weiny@intel.com,
	fan.ni@samsung.com, a.manzanares@samsung.com,
	linux-cxl@vger.kernel.org, dave.jiang@intel.com
Subject: Re: [PATCH v3 0/7] cxl: Background cmds and device sanitation
Date: Tue, 21 Mar 2023 17:05:14 -0700	[thread overview]
Message-ID: <20230322000514.nlxg5u3oryep3eag@offworld> (raw)
In-Reply-To: <20230224194652.1990604-1-dave@stgolabs.net>

On Fri, 24 Feb 2023, Davidlohr Bueso wrote:

>Hello,
>
>This series adds support for the rest of the security related cxl operations
>which are not strictly dependent on PMEM.
>
>Patch 1 adds the required background cmd handling bits (polling and irq).
>This is really the main motivation of the series as there are various
>features that will need this regardless of sanitation.
>
>Patch 2 adds a new sysfs 'security/state' file, which shows "disabled" if
>no security features are available - which is more intuitive than no showing
>it.
>
>Patch 3 adds a way to check if the device is actively used by tracking regions
>with target the memdevice to sanitize. I realize this might not be what is
>desired and wanted to get the expectations for this. This is more of a RFC
>patch.
>
>Patches 4-7 add the Sanitation and Secure Erase support, per CXL3.0 specs.
>
>These changes have been tested with both the mock device as well as with qemu[0,1].
>
>Changes from v2 (https://lore.kernel.org/linux-cxl/20221206011501.464916-1-dave@stgolabs.net/):
>- Redid the bacground cmd handling to use a syncronous approach instead.
>- Added cxl_memdev_active_region() to check if the memdevice is being used
>  (actively decoding any HPA ranges).
>- Create a new security sysfs directory with a 'state' file which is always visible.
>- The sysfs files' to trigger the security commands is only visible if
>  cpu_cache_has_invalidate_memregion().
>- Added a sanitize test for the mock device.
>
>Please consider for v6.4.

Hi Dan, ping? I would like to see were we stand with this series and hopefully
still time for 6.4 material - but that's not important. The open points which
imo would best be answered before attempting a v4 based on the current input:

- Are you ok with the approach in patch 1?

- Are you ok with security directory always showing at least the state file? As
Dave mentions this differs somewhat with nfit, but for that matter so does the
whole security semantics (this is now a directory vs a single, multiplexed file).

- Regarding ensuring the device is not actively decoding, would Alison/Fan's suggestion
to use commit_end/hdm_end instead of my hacky patch 3 be feasible? Or did you
have something else in mind?

Thanks,
Davidlohr

      parent reply	other threads:[~2023-03-22  0:35 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-02-24 19:46 [PATCH v3 0/7] cxl: Background cmds and device sanitation Davidlohr Bueso
2023-02-24 19:25 ` Davidlohr Bueso
2023-02-24 19:46 ` [PATCH 1/7] cxl/mbox: Add background cmd handling machinery Davidlohr Bueso
2023-02-28 16:27   ` Dave Jiang
2023-02-28 20:18     ` Davidlohr Bueso
2023-02-28 23:35       ` Dave Jiang
2023-03-27 21:57   ` Dan Williams
2023-02-24 19:46 ` [PATCH 2/7] cxl/security: Add security state sysfs ABI Davidlohr Bueso
2023-02-28 16:47   ` Dave Jiang
2023-03-28  1:11   ` Dan Williams
2023-02-24 19:46 ` [PATCH 3/7] cxl/region: Add cxl_memdev_active_region() Davidlohr Bueso
2023-02-27  3:46   ` Alison Schofield
2023-02-28 20:26     ` Davidlohr Bueso
2023-02-28 23:20       ` Fan Ni
2023-03-28  1:15       ` Dan Williams
2023-02-24 19:46 ` [PATCH 4/7] cxl/mem: Support Sanitation Davidlohr Bueso
2023-02-28 17:28   ` Dave Jiang
2023-02-28 20:22     ` Davidlohr Bueso
2023-03-28  6:26   ` Dan Williams
2023-04-05 21:06     ` Davidlohr Bueso
2023-04-05 22:24       ` Dan Williams
2023-02-24 19:46 ` [PATCH 5/7] cxl/test: Add "Sanitize" opcode support Davidlohr Bueso
2023-02-28 18:03   ` Dave Jiang
2023-02-24 19:46 ` [PATCH 6/7] cxl/mem: Support Secure Erase Davidlohr Bueso
2023-02-28 18:31   ` Dave Jiang
2023-02-24 19:46 ` [PATCH 7/7] cxl/test: Add "Secure Erase" opcode support Davidlohr Bueso
2023-02-28 18:36   ` Dave Jiang
2023-03-22  0:05 ` Davidlohr Bueso [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20230322000514.nlxg5u3oryep3eag@offworld \
    --to=dave@stgolabs.net \
    --cc=a.manzanares@samsung.com \
    --cc=dan.j.williams@intel.com \
    --cc=dave.jiang@intel.com \
    --cc=fan.ni@samsung.com \
    --cc=ira.weiny@intel.com \
    --cc=jonathan.cameron@huawei.com \
    --cc=linux-cxl@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).