Hello folks, here's a patchset that allows enabling libata's tpm features (opal) at runtime. Until now we need to boot with special kernel parameter, in order to use OPAL - this patch also adds a sysctl knob for that. It seems such a knob already had existed once (perhaps just in an wip patchset), as sed-util expects it. The first patch just introduces a systcl subdir for libata, the second one adds the actual knob. I had already sent these patches, few weeks ago, along with some general build fixes. The latter meanwhile went mainline, but haven't received any comments on the two opal related ones yet. Please let me know, whether there's anything wrong w/ it. have fun, --mtx
Register a sysctl directory for libata, so upcoming knobs can be added here. Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net> --- drivers/ata/libata-core.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c index aaa57e0..2af2470 100644 --- a/drivers/ata/libata-core.c +++ b/drivers/ata/libata-core.c @@ -160,6 +160,21 @@ struct ata_force_ent { MODULE_LICENSE("GPL"); MODULE_VERSION(DRV_VERSION); +static struct ctl_table ctl_libata[] = { + {} +}; + +static struct ctl_table libata_dir_table[] = { + { + .procname = "libata", + .maxlen = 0, + .mode = 0555, + .child = ctl_libata, + }, + { }, +}; + +static struct ctl_table_header *libata_sysctl_header; static bool ata_sstatus_online(u32 sstatus) { @@ -7043,6 +7058,8 @@ static int __init ata_init(void) goto err_out; } + libata_sysctl_header = register_sysctl_table(libata_dir_table); + printk(KERN_DEBUG "libata version " DRV_VERSION " loaded.\n"); return 0; @@ -7056,6 +7073,7 @@ static void __exit ata_exit(void) libata_transport_exit(); ata_sff_exit(); kfree(ata_force_tbl); + unregister_sysctl_table(libata_sysctl_header); } subsys_initcall(ata_init); -- 1.9.1
libata tpm functionality, needed for self encrypted devices (OPAL, ...), is currently disabled per default and needs to be enabled via kernel command line. This patch allows enabling it via sysctl. The implementation might look a bit 'naive', as there aren't any locks or barriers, etc. As we're dealing just w/ a plain boolean value, that's only checked when an tpm-related ioctl is called, we're fine w/ that. Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net> --- drivers/ata/libata-core.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c index 2af2470..f241028 100644 --- a/drivers/ata/libata-core.c +++ b/drivers/ata/libata-core.c @@ -161,6 +161,13 @@ struct ata_force_ent { MODULE_VERSION(DRV_VERSION); static struct ctl_table ctl_libata[] = { + { + .procname = "allow_tpm", + .data = &libata_allow_tpm, + .maxlen = sizeof(libata_allow_tpm), + .mode = 0644, + .proc_handler = proc_dointvec, + }, {} }; -- 1.9.1
On Wed, Jun 05, 2019 at 01:36:25PM +0200, Enrico Weigelt, metux IT consult wrote: > Hello folks, > > > here's a patchset that allows enabling libata's tpm features (opal) > at runtime. Until now we need to boot with special kernel parameter, > in order to use OPAL - this patch also adds a sysctl knob for that. Or you can use the block/sed-opal.c code which doesn't require the tweak, and really is the proper way forward to use OPAL. > The first patch just introduces a systcl subdir for libata, the > second one adds the actual knob. I had already sent these patches, > few weeks ago, along with some general build fixes. The latter > meanwhile went mainline, but haven't received any comments on > the two opal related ones yet. Independent of that new sysctls are deprecated.
On 05.06.19 21:23, Christoph Hellwig wrote:
> On Wed, Jun 05, 2019 at 01:36:25PM +0200, Enrico Weigelt, metux IT consult wrote:
>> Hello folks,
>>
>>
>> here's a patchset that allows enabling libata's tpm features (opal)
>> at runtime. Until now we need to boot with special kernel parameter,
>> in order to use OPAL - this patch also adds a sysctl knob for that.
>
> Or you can use the block/sed-opal.c code which doesn't require the
> tweak, and really is the proper way forward to use OPAL.
You're referring to the OPAL ioctl()s ?
hmm, it seems that sed-util doesn't use them at all, but directly
sends raw ata commands.
Shall I use a different userland tool ?
--mtx
--
Enrico Weigelt, metux IT consult
Free software and Linux embedded engineering
info@metux.net -- +49-151-27565287