From patchwork Fri Jan 18 02:38:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 10769299 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id DE9CA6C5 for ; Fri, 18 Jan 2019 02:38:30 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CA6B32F9D6 for ; Fri, 18 Jan 2019 02:38:30 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BE40B2FA11; Fri, 18 Jan 2019 02:38:30 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from ml01.01.org (ml01.01.org [198.145.21.10]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 610972F9D6 for ; Fri, 18 Jan 2019 02:38:30 +0000 (UTC) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 34BE3211B6C1A; Thu, 17 Jan 2019 18:38:30 -0800 (PST) X-Original-To: linux-nvdimm@lists.01.org Delivered-To: linux-nvdimm@lists.01.org Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.136; helo=mga12.intel.com; envelope-from=dave.jiang@intel.com; receiver=linux-nvdimm@lists.01.org Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id F0C92211B509C for ; Thu, 17 Jan 2019 18:38:28 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Jan 2019 18:38:28 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,489,1539673200"; d="scan'208";a="126973510" Received: from djiang5-desk3.ch.intel.com ([143.182.136.93]) by orsmga002.jf.intel.com with ESMTP; 17 Jan 2019 18:38:27 -0800 Subject: [PATCH v9 01/13] ndctl: add support for display security state From: Dave Jiang To: vishal.l.verma@intel.com, dan.j.williams@intel.com Date: Thu, 17 Jan 2019 19:38:27 -0700 Message-ID: <154777910761.42557.18054008310946968397.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <154777861562.42557.12388414625709189905.stgit@djiang5-desk3.ch.intel.com> References: <154777861562.42557.12388414625709189905.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/unknown-version MIME-Version: 1.0 X-BeenThere: linux-nvdimm@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Linux-nvdimm developer list." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: linux-nvdimm@lists.01.org Errors-To: linux-nvdimm-bounces@lists.01.org Sender: "Linux-nvdimm" X-Virus-Scanned: ClamAV using ClamSMTP Adding libndctl API call for retrieving security state for a DIMM and also adding support to ndctl list for displaying security state. Signed-off-by: Dave Jiang --- Documentation/ndctl/ndctl-list.txt | 8 ++++++++ ndctl/lib/dimm.c | 33 +++++++++++++++++++++++++++++++++ ndctl/lib/libndctl.sym | 1 + ndctl/libndctl.h | 11 +++++++++++ util/json.c | 17 +++++++++++++++++ 5 files changed, 70 insertions(+) diff --git a/Documentation/ndctl/ndctl-list.txt b/Documentation/ndctl/ndctl-list.txt index e24c8f40..bdd69add 100644 --- a/Documentation/ndctl/ndctl-list.txt +++ b/Documentation/ndctl/ndctl-list.txt @@ -98,6 +98,14 @@ include::xable-region-options.txt[] -D:: --dimms:: Include dimm info in the listing +[verse] +{ + "dev":"nmem0", + "id":"cdab-0a-07e0-ffffffff", + "handle":0, + "phys_id":0, + "security:":"disabled" +} -H:: --health:: diff --git a/ndctl/lib/dimm.c b/ndctl/lib/dimm.c index 11a7efe9..712223fc 100644 --- a/ndctl/lib/dimm.c +++ b/ndctl/lib/dimm.c @@ -598,3 +598,36 @@ NDCTL_EXPORT unsigned long ndctl_dimm_get_available_labels( return strtoul(buf, NULL, 0); } + +NDCTL_EXPORT enum ndctl_security_state ndctl_dimm_get_security( + struct ndctl_dimm *dimm) +{ + struct ndctl_ctx *ctx = ndctl_dimm_get_ctx(dimm); + char *path = dimm->dimm_buf; + int len = dimm->buf_len; + char buf[64]; + int rc; + + if (snprintf(path, len, "%s/security", dimm->dimm_path) >= len) { + err(ctx, "%s: buffer too small!\n", + ndctl_dimm_get_devname(dimm)); + return NDCTL_SECURITY_INVALID; + } + + rc = sysfs_read_attr(ctx, path, buf); + if (rc < 0) + return NDCTL_SECURITY_INVALID; + + if (strcmp(buf, "disabled") == 0) + return NDCTL_SECURITY_DISABLED; + else if (strcmp(buf, "unlocked") == 0) + return NDCTL_SECURITY_UNLOCKED; + else if (strcmp(buf, "locked") == 0) + return NDCTL_SECURITY_LOCKED; + else if (strcmp(buf, "frozen") == 0) + return NDCTL_SECURITY_FROZEN; + else if (strcmp(buf, "overwrite") == 0) + return NDCTL_SECURITY_OVERWRITE; + + return NDCTL_SECURITY_INVALID; +} diff --git a/ndctl/lib/libndctl.sym b/ndctl/lib/libndctl.sym index 275db92e..0888c824 100644 --- a/ndctl/lib/libndctl.sym +++ b/ndctl/lib/libndctl.sym @@ -390,4 +390,5 @@ LIBNDCTL_19 { global: ndctl_cmd_xlat_firmware_status; ndctl_cmd_submit_xlat; + ndctl_dimm_get_security; } LIBNDCTL_18; diff --git a/ndctl/libndctl.h b/ndctl/libndctl.h index e55a5932..e228c64f 100644 --- a/ndctl/libndctl.h +++ b/ndctl/libndctl.h @@ -684,6 +684,17 @@ int ndctl_dimm_fw_update_supported(struct ndctl_dimm *dimm); int ndctl_cmd_xlat_firmware_status(struct ndctl_cmd *cmd); int ndctl_cmd_submit_xlat(struct ndctl_cmd *cmd); +enum ndctl_security_state { + NDCTL_SECURITY_INVALID = -1, + NDCTL_SECURITY_DISABLED = 0, + NDCTL_SECURITY_UNLOCKED, + NDCTL_SECURITY_LOCKED, + NDCTL_SECURITY_FROZEN, + NDCTL_SECURITY_OVERWRITE, +}; + +enum ndctl_security_state ndctl_dimm_get_security(struct ndctl_dimm *dimm); + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/util/json.c b/util/json.c index 5c3424e2..9dc420ce 100644 --- a/util/json.c +++ b/util/json.c @@ -164,6 +164,7 @@ struct json_object *util_dimm_to_json(struct ndctl_dimm *dimm, unsigned int handle = ndctl_dimm_get_handle(dimm); unsigned short phys_id = ndctl_dimm_get_phys_id(dimm); struct json_object *jobj; + enum ndctl_security_state sstate; if (!jdimm) return NULL; @@ -243,6 +244,22 @@ struct json_object *util_dimm_to_json(struct ndctl_dimm *dimm, json_object_object_add(jdimm, "flag_smart_event", jobj); } + sstate = ndctl_dimm_get_security(dimm); + if (sstate == NDCTL_SECURITY_DISABLED) + jobj = json_object_new_string("disabled"); + else if (sstate == NDCTL_SECURITY_UNLOCKED) + jobj = json_object_new_string("unlocked"); + else if (sstate == NDCTL_SECURITY_LOCKED) + jobj = json_object_new_string("locked"); + else if (sstate == NDCTL_SECURITY_FROZEN) + jobj = json_object_new_string("frozen"); + else if (sstate == NDCTL_SECURITY_OVERWRITE) + jobj = json_object_new_string("overwrite"); + else + jobj = NULL; + if (jobj) + json_object_object_add(jdimm, "security", jobj); + return jdimm; err: json_object_put(jdimm);