diff mbox series

[v2] block: sed-opal: Change the check condition for regular session validity

Message ID 20200303191700.66667-1-revanth.rajashekar@intel.com (mailing list archive)
State New, archived
Headers show
Series [v2] block: sed-opal: Change the check condition for regular session validity | expand

Commit Message

Revanth Rajashekar March 3, 2020, 7:17 p.m. UTC 
This patch changes the check condition for the validity/authentication
of the session.

1. The Host Session Number(HSN) in the response should match the HSN for
   the session.
2. The TPER Session Number(TSN) can never be less than 4096 for a regular
   session.

Reference:
Section 3.2.2.1   of https://trustedcomputinggroup.org/wp-content/uploads/TCG_Storage_Opal_SSC_Application_Note_1-00_1-00-Final.pdf
Section 3.3.7.1.1 of https://trustedcomputinggroup.org/wp-content/uploads/TCG_Storage_Architecture_Core_Spec_v2.01_r1.00.pdf

Co-developed-by: Andrzej Jakowski <andrzej.jakowski@linux.intel.com>
Signed-off-by: Andrzej Jakowski <andrzej.jakowski@linux.intel.com>
Signed-off-by: Revanth Rajashekar <revanth.rajashekar@intel.com>
---

Changes in v2:
	Rename definition RSVD_TPER_SESSION_NUM -> FIRST_TPER_SESSION_NUM

 block/opal_proto.h | 1 +
 block/sed-opal.c   | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

--
2.17.1

Comments

Jens Axboe March 12, 2020, 2 p.m. UTC | #1 
On 3/3/20 12:17 PM, Revanth Rajashekar wrote:
> This patch changes the check condition for the validity/authentication
> of the session.
> 
> 1. The Host Session Number(HSN) in the response should match the HSN for
>    the session.
> 2. The TPER Session Number(TSN) can never be less than 4096 for a regular
>    session.
> 
> Reference:
> Section 3.2.2.1   of https://trustedcomputinggroup.org/wp-content/uploads/TCG_Storage_Opal_SSC_Application_Note_1-00_1-00-Final.pdf
> Section 3.3.7.1.1 of https://trustedcomputinggroup.org/wp-content/uploads/TCG_Storage_Architecture_Core_Spec_v2.01_r1.00.pdf

Applied, thanks.
diff mbox series

Patch

diff --git a/block/opal_proto.h b/block/opal_proto.h
index 325cbba2465f..b486b3ec7dc4 100644
--- a/block/opal_proto.h
+++ b/block/opal_proto.h
@@ -36,6 +36,7 @@  enum opal_response_token {

 #define DTAERROR_NO_METHOD_STATUS 0x89
 #define GENERIC_HOST_SESSION_NUM 0x41
+#define FIRST_TPER_SESSION_NUM	4096

 #define TPER_SYNC_SUPPORTED 0x01
 #define MBR_ENABLED_MASK 0x10
diff --git a/block/sed-opal.c b/block/sed-opal.c
index 880cc57a5f6b..daafadbb88ca 100644
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -1056,7 +1056,7 @@  static int start_opal_session_cont(struct opal_dev *dev)
 	hsn = response_get_u64(&dev->parsed, 4);
 	tsn = response_get_u64(&dev->parsed, 5);

-	if (hsn == 0 && tsn == 0) {
+	if (hsn != GENERIC_HOST_SESSION_NUM || tsn < FIRST_TPER_SESSION_NUM) {
 		pr_debug("Couldn't authenticate session\n");
 		return -EPERM;
 	}