From patchwork Fri Jan 18 02:39:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Jiang X-Patchwork-Id: 10769321 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 415E413A4 for ; Fri, 18 Jan 2019 02:39:29 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2D2AF2EF7D for ; Fri, 18 Jan 2019 02:39:29 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1FA662EF9D; Fri, 18 Jan 2019 02:39:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from ml01.01.org (ml01.01.org [198.145.21.10]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 999C52EF7D for ; Fri, 18 Jan 2019 02:39:28 +0000 (UTC) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 92790211B85EA; Thu, 17 Jan 2019 18:39:28 -0800 (PST) X-Original-To: linux-nvdimm@lists.01.org Delivered-To: linux-nvdimm@lists.01.org Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.93; helo=mga11.intel.com; envelope-from=dave.jiang@intel.com; receiver=linux-nvdimm@lists.01.org Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id BDC69211B509C for ; Thu, 17 Jan 2019 18:39:27 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Jan 2019 18:39:27 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,489,1539673200"; d="scan'208";a="135639323" Received: from djiang5-desk3.ch.intel.com ([143.182.136.93]) by fmsmga002.fm.intel.com with ESMTP; 17 Jan 2019 18:39:27 -0800 Subject: [PATCH v9 12/13] ndctl: add master secure erase support From: Dave Jiang To: vishal.l.verma@intel.com, dan.j.williams@intel.com Date: Thu, 17 Jan 2019 19:39:27 -0700 Message-ID: <154777916718.42557.17152295696928992092.stgit@djiang5-desk3.ch.intel.com> In-Reply-To: <154777861562.42557.12388414625709189905.stgit@djiang5-desk3.ch.intel.com> References: <154777861562.42557.12388414625709189905.stgit@djiang5-desk3.ch.intel.com> User-Agent: StGit/unknown-version MIME-Version: 1.0 X-BeenThere: linux-nvdimm@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Linux-nvdimm developer list." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: linux-nvdimm@lists.01.org Errors-To: linux-nvdimm-bounces@lists.01.org Sender: "Linux-nvdimm" X-Virus-Scanned: ClamAV using ClamSMTP Intel DSM v1.8 introduced the concept of master passphrase and allowing nvdimm to be secure erased via the master passphrase in addition to the user passphrase. Add ndctl support to provide master passphrase secure erase. Signed-off-by: Dave Jiang --- Documentation/ndctl/ndctl-sanitize-dimm.txt | 6 +++++ ndctl/dimm.c | 13 ++++++++++- ndctl/lib/dimm.c | 9 ++++++++ ndctl/lib/keys.c | 31 ++++++++++++++++++--------- ndctl/lib/libndctl.sym | 1 + ndctl/libndctl.h | 7 ++++-- 6 files changed, 53 insertions(+), 14 deletions(-) diff --git a/Documentation/ndctl/ndctl-sanitize-dimm.txt b/Documentation/ndctl/ndctl-sanitize-dimm.txt index 158392bf..b01360d2 100644 --- a/Documentation/ndctl/ndctl-sanitize-dimm.txt +++ b/Documentation/ndctl/ndctl-sanitize-dimm.txt @@ -33,6 +33,12 @@ include::xable-dimm-options.txt[] --ovewrite:: Wipe the entire DIMM, including label data. Can take significant time. +-M:: +--master_passphrase:: + Parameter to indicate that we are managing the master passphrase + instead of the user passphrase. This only is applicable to the + crypto-erase option. + include::../copyright.txt[] SEE ALSO diff --git a/ndctl/dimm.c b/ndctl/dimm.c index 4a7cca8e..77dc6960 100644 --- a/ndctl/dimm.c +++ b/ndctl/dimm.c @@ -906,6 +906,12 @@ static int action_sanitize_dimm(struct ndctl_dimm *dimm, return -EOPNOTSUPP; } + if (param.overwrite && param.master_pass) { + error("%s: overwrite does not support master passphrase\n", + ndctl_dimm_get_devname(dimm)); + return -EINVAL; + } + /* * Setting crypto erase to be default. The other method will be * overwrite. @@ -916,7 +922,8 @@ static int action_sanitize_dimm(struct ndctl_dimm *dimm, } if (param.crypto_erase) { - rc = ndctl_dimm_secure_erase_key(dimm); + rc = ndctl_dimm_secure_erase_key(dimm, param.master_pass ? + ND_MASTER_KEY : ND_USER_KEY); if (rc < 0) return rc; } @@ -1041,7 +1048,9 @@ OPT_STRING('V', "label-version", ¶m.labelversion, "version-number", \ OPT_BOOLEAN('c', "crypto-erase", ¶m.crypto_erase, \ "crypto erase a dimm"), \ OPT_BOOLEAN('o', "overwrite", ¶m.overwrite, \ - "overwrite a dimm") + "overwrite a dimm"), \ +OPT_BOOLEAN('M', "master-passphrase", ¶m.master_pass, \ + "use master passphrase") #define MASTER_OPTIONS() \ OPT_BOOLEAN('m', "master-passphrase", ¶m.master_pass, \ diff --git a/ndctl/lib/dimm.c b/ndctl/lib/dimm.c index 5c65d171..0a4ca797 100644 --- a/ndctl/lib/dimm.c +++ b/ndctl/lib/dimm.c @@ -772,3 +772,12 @@ NDCTL_EXPORT int ndctl_dimm_update_master_passphrase(struct ndctl_dimm *dimm, sprintf(buf, "master_update %ld %ld\n", ckey, nkey); return write_security(dimm, buf); } + +NDCTL_EXPORT int ndctl_dimm_master_secure_erase(struct ndctl_dimm *dimm, + long key) +{ + char buf[SYSFS_ATTR_SIZE]; + + sprintf(buf, "master_erase %ld\n", key); + return write_security(dimm, buf); +} diff --git a/ndctl/lib/keys.c b/ndctl/lib/keys.c index 9abff45b..4d89074d 100644 --- a/ndctl/lib/keys.c +++ b/ndctl/lib/keys.c @@ -466,14 +466,15 @@ NDCTL_EXPORT int ndctl_dimm_update_key(struct ndctl_dimm *dimm, return 0; } -static key_serial_t check_dimm_key(struct ndctl_dimm *dimm, bool need_key) +static key_serial_t check_dimm_key(struct ndctl_dimm *dimm, bool need_key, + enum ndctl_key_type key_type) { struct ndctl_ctx *ctx = ndctl_dimm_get_ctx(dimm); key_serial_t key; - key = dimm_check_key(dimm, ND_USER_KEY); + key = dimm_check_key(dimm, key_type); if (key < 0) { - key = dimm_load_key(dimm, ND_USER_KEY); + key = dimm_load_key(dimm, key_type); if (key < 0 && need_key) { err(ctx, "Unable to load key\n"); return -ENOKEY; @@ -520,7 +521,7 @@ NDCTL_EXPORT int ndctl_dimm_remove_key(struct ndctl_dimm *dimm) key_serial_t key; int rc; - key = check_dimm_key(dimm, true); + key = check_dimm_key(dimm, true, ND_USER_KEY); if (key < 0) return key; @@ -532,21 +533,31 @@ NDCTL_EXPORT int ndctl_dimm_remove_key(struct ndctl_dimm *dimm) return discard_key(dimm); } -NDCTL_EXPORT int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm) +NDCTL_EXPORT int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm, + enum ndctl_key_type key_type) { key_serial_t key; int rc; - key = check_dimm_key(dimm, true); + key = check_dimm_key(dimm, true, key_type); if (key < 0) return key; - rc = run_key_op(dimm, key, ndctl_dimm_secure_erase, - "crypto erase"); + if (key_type == ND_MASTER_KEY) + rc = run_key_op(dimm, key, ndctl_dimm_master_secure_erase, + "master crypto erase"); + else if (key_type == ND_USER_KEY) + rc = run_key_op(dimm, key, ndctl_dimm_secure_erase, + "crypto erase"); + else + rc = -EINVAL; if (rc < 0) return rc; - return discard_key(dimm); + if (key_type == ND_USER_KEY) + return discard_key(dimm); + + return 0; } NDCTL_EXPORT int ndctl_dimm_overwrite_key(struct ndctl_dimm *dimm) @@ -554,7 +565,7 @@ NDCTL_EXPORT int ndctl_dimm_overwrite_key(struct ndctl_dimm *dimm) key_serial_t key; int rc; - key = check_dimm_key(dimm, false); + key = check_dimm_key(dimm, false, ND_USER_KEY); if (key < 0) return key; diff --git a/ndctl/lib/libndctl.sym b/ndctl/lib/libndctl.sym index fd260aae..b4edf0e8 100644 --- a/ndctl/lib/libndctl.sym +++ b/ndctl/lib/libndctl.sym @@ -405,4 +405,5 @@ global: ndctl_dimm_overwrite_key; ndctl_dimm_wait_overwrite; ndctl_dimm_update_master_passphrase; + ndctl_dimm_master_secure_erase; } LIBNDCTL_18; diff --git a/ndctl/libndctl.h b/ndctl/libndctl.h index 7a5236b8..1840c48c 100644 --- a/ndctl/libndctl.h +++ b/ndctl/libndctl.h @@ -712,6 +712,7 @@ int ndctl_dimm_overwrite(struct ndctl_dimm *dimm, long key); int ndctl_dimm_wait_overwrite(struct ndctl_dimm *dimm); int ndctl_dimm_update_master_passphrase(struct ndctl_dimm *dimm, long ckey, long nkey); +int ndctl_dimm_master_secure_erase(struct ndctl_dimm *dimm, long key); enum ndctl_key_type { ND_USER_KEY, @@ -726,7 +727,8 @@ int ndctl_dimm_enable_key(struct ndctl_dimm *dimm, int ndctl_dimm_update_key(struct ndctl_dimm *dimm, enum ndctl_key_type key_type); int ndctl_dimm_remove_key(struct ndctl_dimm *dimm); -int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm); +int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm, + enum ndctl_key_type key_type); int ndctl_dimm_overwrite_key(struct ndctl_dimm *dimm); #else static inline int ndctl_dimm_enable_key(struct ndctl_dimm *dimm, @@ -746,7 +748,8 @@ static inline int ndctl_dimm_remove_key(struct ndctl_dimm *dimm) return -EOPNOTSUPP; } -static inline int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm) +static inline int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm, + enum ndctl_key_type key_type) { return -EOPNOTSUPP; }