| Message ID | 166792840837.3767969.8013121990529095896.stgit@djiang5-desk3.ch.intel.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | Introduce security commands for CXL pmem device | expand |
On Tue, 08 Nov 2022 10:26:48 -0700 Dave Jiang <dave.jiang@intel.com> wrote: > The mock cxl mem devs needs a way to go into "locked" status to simulate > when the platform is rebooted. Add a sysfs mechanism so the device security > state is set to "locked" and the frozen state bits are cleared. > > Signed-off-by: Dave Jiang <dave.jiang@intel.com> Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> > --- > tools/testing/cxl/test/cxl.c | 40 ++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 40 insertions(+) > > diff --git a/tools/testing/cxl/test/cxl.c b/tools/testing/cxl/test/cxl.c > index 6dd286a52839..7384573e8b12 100644 > --- a/tools/testing/cxl/test/cxl.c > +++ b/tools/testing/cxl/test/cxl.c > @@ -628,6 +628,45 @@ static void mock_companion(struct acpi_device *adev, struct device *dev) > #define SZ_512G (SZ_64G * 8) > #endif > > +static ssize_t security_lock_show(struct device *dev, > + struct device_attribute *attr, char *buf) > +{ > + struct cxl_mock_mem_pdata *mdata = dev_get_platdata(dev); > + > + return sysfs_emit(buf, "%u\n", > + !!(mdata->security_state & CXL_PMEM_SEC_STATE_LOCKED)); > +} > + > +static ssize_t security_lock_store(struct device *dev, struct device_attribute *attr, > + const char *buf, size_t count) > +{ > + struct cxl_mock_mem_pdata *mdata = dev_get_platdata(dev); > + u32 mask = CXL_PMEM_SEC_STATE_FROZEN | CXL_PMEM_SEC_STATE_USER_PLIMIT | > + CXL_PMEM_SEC_STATE_MASTER_PLIMIT; > + int val; > + > + if (kstrtoint(buf, 0, &val) < 0) > + return -EINVAL; > + > + if (val == 1) { > + if (!(mdata->security_state & CXL_PMEM_SEC_STATE_USER_PASS_SET)) > + return -ENXIO; > + mdata->security_state |= CXL_PMEM_SEC_STATE_LOCKED; > + mdata->security_state &= ~mask; > + } else { > + return -EINVAL; > + } > + return count; > +} > + > +static DEVICE_ATTR_RW(security_lock); > + > +static struct attribute *cxl_mock_mem_attrs[] = { > + &dev_attr_security_lock.attr, > + NULL > +}; > +ATTRIBUTE_GROUPS(cxl_mock_mem); > + > static __init int cxl_test_init(void) > { > struct cxl_mock_mem_pdata *mem_pdata; > @@ -752,6 +791,7 @@ static __init int cxl_test_init(void) > goto err_mem; > } > > + pdev->dev.groups = cxl_mock_mem_groups; > rc = platform_device_add(pdev); > if (rc) { > platform_device_put(pdev); > >
diff --git a/tools/testing/cxl/test/cxl.c b/tools/testing/cxl/test/cxl.c index 6dd286a52839..7384573e8b12 100644 --- a/tools/testing/cxl/test/cxl.c +++ b/tools/testing/cxl/test/cxl.c @@ -628,6 +628,45 @@ static void mock_companion(struct acpi_device *adev, struct device *dev) #define SZ_512G (SZ_64G * 8) #endif +static ssize_t security_lock_show(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct cxl_mock_mem_pdata *mdata = dev_get_platdata(dev); + + return sysfs_emit(buf, "%u\n", + !!(mdata->security_state & CXL_PMEM_SEC_STATE_LOCKED)); +} + +static ssize_t security_lock_store(struct device *dev, struct device_attribute *attr, + const char *buf, size_t count) +{ + struct cxl_mock_mem_pdata *mdata = dev_get_platdata(dev); + u32 mask = CXL_PMEM_SEC_STATE_FROZEN | CXL_PMEM_SEC_STATE_USER_PLIMIT | + CXL_PMEM_SEC_STATE_MASTER_PLIMIT; + int val; + + if (kstrtoint(buf, 0, &val) < 0) + return -EINVAL; + + if (val == 1) { + if (!(mdata->security_state & CXL_PMEM_SEC_STATE_USER_PASS_SET)) + return -ENXIO; + mdata->security_state |= CXL_PMEM_SEC_STATE_LOCKED; + mdata->security_state &= ~mask; + } else { + return -EINVAL; + } + return count; +} + +static DEVICE_ATTR_RW(security_lock); + +static struct attribute *cxl_mock_mem_attrs[] = { + &dev_attr_security_lock.attr, + NULL +}; +ATTRIBUTE_GROUPS(cxl_mock_mem); + static __init int cxl_test_init(void) { struct cxl_mock_mem_pdata *mem_pdata; @@ -752,6 +791,7 @@ static __init int cxl_test_init(void) goto err_mem; } + pdev->dev.groups = cxl_mock_mem_groups; rc = platform_device_add(pdev); if (rc) { platform_device_put(pdev);
The mock cxl mem devs needs a way to go into "locked" status to simulate when the platform is rebooted. Add a sysfs mechanism so the device security state is set to "locked" and the frozen state bits are cleared. Signed-off-by: Dave Jiang <dave.jiang@intel.com> --- tools/testing/cxl/test/cxl.c | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+)