libnvdimm for 4.21
* Add support for the security features of nvdimm devices that
implement a security model similar to ATA hard drive security. The
security model supports locking access to the media at
device-power-loss, to be unlocked with a passphrase, and secure-erase
(crypto-scramble).
Unlike the ATA security case where the kernel expects device
security to be managed in a pre-OS environment, the libnvdimm security
implementation allows key provisioning and key-operations at OS
runtime. Keys are managed with the kernel's encrypted-keys facility to
provide data-at-rest security for the libnvdimm key material. The
usage model mirrors fscrypt key management, but is driven via
libnvdimm sysfs.
* Miscellaneous updates for api usage and comment fixes.
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJcJalaAAoJEB7SkWpmfYgCmpkP/35Isou2xxbYdICt9HR4WjiE
E4r66Ck+ivZW4oEAub3RQw/SwcZePjuHArO5MgVGFoM1dBMABE+JvKiZm1xybCil
iuWT/V7ozlNf5LuvacvjUXe/suUIoqji9yzLEEx9mDaISehrYvvy579DFxkE8Aww
8Vcx8E1DQkXiWY4d9nmDmAjt8GQPNmsdHfTwMcJg7XSywTkURF64vW7/94aN8QtV
rH5ZKKOra8Lqn0S05RoH4XegZcE6TZxgE23ZXsobBJrWdbGVFmgbz6AaewJc/+QU
ZW3dx/1NAe7Op25xewJOjdG/Kl0gzWtqCrHCu8LeaSjwtHsgMQ/FBhL9g/7GRtHt
hcQy12Iu9YTn3FOl8yfNRKb7lE5/1nJ2MtW8Z55WKHONHzN9cgrZLOwmpTYgrR/r
SmIzwKNFavLwwz9bj+paHhmTngLDnNbvR6FwAKwSbWinotbLEyfMhU1jJ9RmHxSV
M+jqS1BJ9IvH+WVN5bVa7oCNpVeq6yMw0Ow2vWXMPbiwh17ShACI59paqZKRiR06
WH8SgdTPOZuMndtQV+m8zFBiJtmgAtGSiN8c1A/1QZJHDTpXz2MdWhtx5McvFsZ9
Jot4Vd8mFWI7oVLdb+PF/AGZnKNAnD8PdsAlFws0k7+rM6lf6gf5n/CkjjMuSapG
Q/kf0cOpPq8wdsrnOzyc
=7KYd
-----END PGP SIGNATURE-----
Merge tag 'libnvdimm-for-4.21' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm
Pull libnvdimm updates from Dan Williams:
"The vast bulk of this update is the new support for the security
capabilities of some nvdimms.
The userspace tooling for this capability is still a work in progress,
but the changes survive the existing libnvdimm unit tests. The changes
also pass manual checkout on hardware and the new nfit_test emulation
of the security capability.
The touches of the security/keys/ files have received the necessary
acks from Mimi and David. Those changes were necessary to allow for a
new generic encrypted-key type, and allow the nvdimm sub-system to
lookup key material referenced by the libnvdimm-sysfs interface.
Summary:
- Add support for the security features of nvdimm devices that
implement a security model similar to ATA hard drive security. The
security model supports locking access to the media at
device-power-loss, to be unlocked with a passphrase, and
secure-erase (crypto-scramble).
Unlike the ATA security case where the kernel expects device
security to be managed in a pre-OS environment, the libnvdimm
security implementation allows key provisioning and key-operations
at OS runtime. Keys are managed with the kernel's encrypted-keys
facility to provide data-at-rest security for the libnvdimm key
material. The usage model mirrors fscrypt key management, but is
driven via libnvdimm sysfs.
- Miscellaneous updates for api usage and comment fixes"
* tag 'libnvdimm-for-4.21' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm: (21 commits)
libnvdimm/security: Quiet security operations
libnvdimm/security: Add documentation for nvdimm security support
tools/testing/nvdimm: add Intel DSM 1.8 support for nfit_test
tools/testing/nvdimm: Add overwrite support for nfit_test
tools/testing/nvdimm: Add test support for Intel nvdimm security DSMs
acpi/nfit, libnvdimm/security: add Intel DSM 1.8 master passphrase support
acpi/nfit, libnvdimm/security: Add security DSM overwrite support
acpi/nfit, libnvdimm: Add support for issue secure erase DSM to Intel nvdimm
acpi/nfit, libnvdimm: Add enable/update passphrase support for Intel nvdimms
acpi/nfit, libnvdimm: Add disable passphrase support to Intel nvdimm.
acpi/nfit, libnvdimm: Add unlock of nvdimm support for Intel DIMMs
acpi/nfit, libnvdimm: Add freeze security support to Intel nvdimm
acpi/nfit, libnvdimm: Introduce nvdimm_security_ops
keys-encrypted: add nvdimm key format type to encrypted keys
keys: Export lookup_user_key to external users
acpi/nfit, libnvdimm: Store dimm id as a member to struct nvdimm
libnvdimm, namespace: Replace kmemdup() with kstrndup()
libnvdimm, label: Switch to bitmap_zalloc()
ACPI/nfit: Adjust annotation for why return 0 if fail to find NFIT at start
libnvdimm, bus: Check id immediately following ida_simple_get
...
This commit is contained in:
Linus Torvalds
commit
75f95da078
27 changed files with 1971 additions and 54 deletions
|
|
@ -346,6 +346,9 @@ static inline key_serial_t key_serial(const struct key *key)
|
|||
|
||||
extern void key_set_timeout(struct key *, unsigned);
|
||||
|
||||
extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags,
|
||||
key_perm_t perm);
|
||||
|
||||
/*
|
||||
* The permissions required on a key that we're looking up.
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -38,6 +38,10 @@ enum {
|
|||
NDD_UNARMED = 1,
|
||||
/* locked memory devices should not be accessed */
|
||||
NDD_LOCKED = 2,
|
||||
/* memory under security wipes should not be accessed */
|
||||
NDD_SECURITY_OVERWRITE = 3,
|
||||
/* tracking whether or not there is a pending device reference */
|
||||
NDD_WORK_PENDING = 4,
|
||||
|
||||
/* need to set a limit somewhere, but yes, this is likely overkill */
|
||||
ND_IOCTL_MAX_BUFLEN = SZ_4M,
|
||||
|
|
@ -87,7 +91,7 @@ struct nvdimm_bus_descriptor {
|
|||
ndctl_fn ndctl;
|
||||
int (*flush_probe)(struct nvdimm_bus_descriptor *nd_desc);
|
||||
int (*clear_to_send)(struct nvdimm_bus_descriptor *nd_desc,
|
||||
struct nvdimm *nvdimm, unsigned int cmd);
|
||||
struct nvdimm *nvdimm, unsigned int cmd, void *data);
|
||||
};
|
||||
|
||||
struct nd_cmd_desc {
|
||||
|
|
@ -155,6 +159,46 @@ static inline struct nd_blk_region_desc *to_blk_region_desc(
|
|||
|
||||
}
|
||||
|
||||
enum nvdimm_security_state {
|
||||
NVDIMM_SECURITY_DISABLED,
|
||||
NVDIMM_SECURITY_UNLOCKED,
|
||||
NVDIMM_SECURITY_LOCKED,
|
||||
NVDIMM_SECURITY_FROZEN,
|
||||
NVDIMM_SECURITY_OVERWRITE,
|
||||
};
|
||||
|
||||
#define NVDIMM_PASSPHRASE_LEN 32
|
||||
#define NVDIMM_KEY_DESC_LEN 22
|
||||
|
||||
struct nvdimm_key_data {
|
||||
u8 data[NVDIMM_PASSPHRASE_LEN];
|
||||
};
|
||||
|
||||
enum nvdimm_passphrase_type {
|
||||
NVDIMM_USER,
|
||||
NVDIMM_MASTER,
|
||||
};
|
||||
|
||||
struct nvdimm_security_ops {
|
||||
enum nvdimm_security_state (*state)(struct nvdimm *nvdimm,
|
||||
enum nvdimm_passphrase_type pass_type);
|
||||
int (*freeze)(struct nvdimm *nvdimm);
|
||||
int (*change_key)(struct nvdimm *nvdimm,
|
||||
const struct nvdimm_key_data *old_data,
|
||||
const struct nvdimm_key_data *new_data,
|
||||
enum nvdimm_passphrase_type pass_type);
|
||||
int (*unlock)(struct nvdimm *nvdimm,
|
||||
const struct nvdimm_key_data *key_data);
|
||||
int (*disable)(struct nvdimm *nvdimm,
|
||||
const struct nvdimm_key_data *key_data);
|
||||
int (*erase)(struct nvdimm *nvdimm,
|
||||
const struct nvdimm_key_data *key_data,
|
||||
enum nvdimm_passphrase_type pass_type);
|
||||
int (*overwrite)(struct nvdimm *nvdimm,
|
||||
const struct nvdimm_key_data *key_data);
|
||||
int (*query_overwrite)(struct nvdimm *nvdimm);
|
||||
};
|
||||
|
||||
void badrange_init(struct badrange *badrange);
|
||||
int badrange_add(struct badrange *badrange, u64 addr, u64 length);
|
||||
void badrange_forget(struct badrange *badrange, phys_addr_t start,
|
||||
|
|
@ -165,6 +209,7 @@ struct nvdimm_bus *nvdimm_bus_register(struct device *parent,
|
|||
struct nvdimm_bus_descriptor *nfit_desc);
|
||||
void nvdimm_bus_unregister(struct nvdimm_bus *nvdimm_bus);
|
||||
struct nvdimm_bus *to_nvdimm_bus(struct device *dev);
|
||||
struct nvdimm_bus *nvdimm_to_bus(struct nvdimm *nvdimm);
|
||||
struct nvdimm *to_nvdimm(struct device *dev);
|
||||
struct nd_region *to_nd_region(struct device *dev);
|
||||
struct device *nd_region_dev(struct nd_region *nd_region);
|
||||
|
|
@ -175,10 +220,21 @@ const char *nvdimm_name(struct nvdimm *nvdimm);
|
|||
struct kobject *nvdimm_kobj(struct nvdimm *nvdimm);
|
||||
unsigned long nvdimm_cmd_mask(struct nvdimm *nvdimm);
|
||||
void *nvdimm_provider_data(struct nvdimm *nvdimm);
|
||||
struct nvdimm *nvdimm_create(struct nvdimm_bus *nvdimm_bus, void *provider_data,
|
||||
const struct attribute_group **groups, unsigned long flags,
|
||||
unsigned long cmd_mask, int num_flush,
|
||||
struct resource *flush_wpq);
|
||||
struct nvdimm *__nvdimm_create(struct nvdimm_bus *nvdimm_bus,
|
||||
void *provider_data, const struct attribute_group **groups,
|
||||
unsigned long flags, unsigned long cmd_mask, int num_flush,
|
||||
struct resource *flush_wpq, const char *dimm_id,
|
||||
const struct nvdimm_security_ops *sec_ops);
|
||||
static inline struct nvdimm *nvdimm_create(struct nvdimm_bus *nvdimm_bus,
|
||||
void *provider_data, const struct attribute_group **groups,
|
||||
unsigned long flags, unsigned long cmd_mask, int num_flush,
|
||||
struct resource *flush_wpq)
|
||||
{
|
||||
return __nvdimm_create(nvdimm_bus, provider_data, groups, flags,
|
||||
cmd_mask, num_flush, flush_wpq, NULL, NULL);
|
||||
}
|
||||
|
||||
int nvdimm_security_setup_events(struct nvdimm *nvdimm);
|
||||
const struct nd_cmd_desc *nd_cmd_dimm_desc(int cmd);
|
||||
const struct nd_cmd_desc *nd_cmd_bus_desc(int cmd);
|
||||
u32 nd_cmd_in_size(struct nvdimm *nvdimm, int cmd,
|
||||
|
|
@ -204,6 +260,16 @@ u64 nd_fletcher64(void *addr, size_t len, bool le);
|
|||
void nvdimm_flush(struct nd_region *nd_region);
|
||||
int nvdimm_has_flush(struct nd_region *nd_region);
|
||||
int nvdimm_has_cache(struct nd_region *nd_region);
|
||||
int nvdimm_in_overwrite(struct nvdimm *nvdimm);
|
||||
|
||||
static inline int nvdimm_ctl(struct nvdimm *nvdimm, unsigned int cmd, void *buf,
|
||||
unsigned int buf_len, int *cmd_rc)
|
||||
{
|
||||
struct nvdimm_bus *nvdimm_bus = nvdimm_to_bus(nvdimm);
|
||||
struct nvdimm_bus_descriptor *nd_desc = to_nd_desc(nvdimm_bus);
|
||||
|
||||
return nd_desc->ndctl(nd_desc, nvdimm, cmd, buf, buf_len, cmd_rc);
|
||||
}
|
||||
|
||||
#ifdef CONFIG_ARCH_HAS_PMEM_API
|
||||
#define ARCH_MEMREMAP_PMEM MEMREMAP_WB
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue