@@ -37,6 +37,12 @@ include::xable-dimm-options.txt[]
--ovewrite::
Wipe the entire DIMM, including label data. Can take significant time.
+-M::
+--master_passphrase::
+ Parameter to indicate that we are managing the master passphrase
+ instead of the user passphrase. This only is applicable to the
+ crypto-erase option.
+
include::../copyright.txt[]
SEE ALSO
@@ -911,6 +911,12 @@ static int action_sanitize_dimm(struct ndctl_dimm *dimm,
return -EOPNOTSUPP;
}
+ if (param.overwrite && param.master_pass) {
+ error("%s: overwrite does not support master passphrase\n",
+ ndctl_dimm_get_devname(dimm));
+ return -EINVAL;
+ }
+
/*
* Setting crypto erase to be default. The other method will be
* overwrite.
@@ -921,7 +927,8 @@ static int action_sanitize_dimm(struct ndctl_dimm *dimm,
}
if (param.crypto_erase) {
- rc = ndctl_dimm_secure_erase_key(dimm);
+ rc = ndctl_dimm_secure_erase_key(dimm, param.master_pass ?
+ ND_MASTER_KEY : ND_USER_KEY);
if (rc < 0)
return rc;
}
@@ -1050,7 +1057,9 @@ OPT_STRING('k', "key-handle", ¶m.kek, "key-handle", \
OPT_BOOLEAN('c', "crypto-erase", ¶m.crypto_erase, \
"crypto erase a dimm"), \
OPT_BOOLEAN('o', "overwrite", ¶m.overwrite, \
- "overwrite a dimm")
+ "overwrite a dimm"), \
+OPT_BOOLEAN('M', "master-passphrase", ¶m.master_pass, \
+ "use master passphrase")
#define MASTER_OPTIONS() \
OPT_BOOLEAN('m', "master-passphrase", ¶m.master_pass, \
@@ -772,3 +772,12 @@ NDCTL_EXPORT int ndctl_dimm_update_master_passphrase(struct ndctl_dimm *dimm,
sprintf(buf, "master_update %ld %ld\n", ckey, nkey);
return write_security(dimm, buf);
}
+
+NDCTL_EXPORT int ndctl_dimm_master_secure_erase(struct ndctl_dimm *dimm,
+ long key)
+{
+ char buf[SYSFS_ATTR_SIZE];
+
+ sprintf(buf, "master_erase %ld\n", key);
+ return write_security(dimm, buf);
+}
@@ -398,4 +398,5 @@ global:
ndctl_dimm_overwrite;
ndctl_dimm_wait_overwrite;
ndctl_dimm_update_master_passphrase;
+ ndctl_dimm_master_secure_erase;
} LIBNDCTL_18;
@@ -707,6 +707,7 @@ int ndctl_dimm_overwrite(struct ndctl_dimm *dimm, long key);
int ndctl_dimm_wait_overwrite(struct ndctl_dimm *dimm);
int ndctl_dimm_update_master_passphrase(struct ndctl_dimm *dimm,
long ckey, long nkey);
+int ndctl_dimm_master_secure_erase(struct ndctl_dimm *dimm, long key);
#define ND_KEY_DESC_SIZE 128
#define ND_KEY_CMD_SIZE 128
@@ -539,13 +539,14 @@ int ndctl_dimm_update_key(struct ndctl_dimm *dimm, const char *kek,
return 0;
}
-static key_serial_t check_dimm_key(struct ndctl_dimm *dimm, bool need_key)
+static key_serial_t check_dimm_key(struct ndctl_dimm *dimm, bool need_key,
+ enum ndctl_key_type key_type)
{
key_serial_t key;
- key = dimm_check_key(dimm, ND_USER_KEY);
+ key = dimm_check_key(dimm, key_type);
if (key < 0) {
- key = dimm_load_key(dimm, ND_USER_KEY);
+ key = dimm_load_key(dimm, key_type);
if (key < 0 && need_key) {
fprintf(stderr, "Unable to load key\n");
return -ENOKEY;
@@ -589,7 +590,7 @@ int ndctl_dimm_remove_key(struct ndctl_dimm *dimm)
key_serial_t key;
int rc;
- key = check_dimm_key(dimm, true);
+ key = check_dimm_key(dimm, true, ND_USER_KEY);
if (key < 0)
return key;
@@ -601,21 +602,31 @@ int ndctl_dimm_remove_key(struct ndctl_dimm *dimm)
return discard_key(dimm);
}
-int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm)
+int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm,
+ enum ndctl_key_type key_type)
{
key_serial_t key;
int rc;
- key = check_dimm_key(dimm, true);
+ key = check_dimm_key(dimm, true, key_type);
if (key < 0)
return key;
- rc = run_key_op(dimm, key, ndctl_dimm_secure_erase,
- "crypto erase");
+ if (key_type == ND_MASTER_KEY)
+ rc = run_key_op(dimm, key, ndctl_dimm_master_secure_erase,
+ "master crypto erase");
+ else if (key_type == ND_USER_KEY)
+ rc = run_key_op(dimm, key, ndctl_dimm_secure_erase,
+ "crypto erase");
+ else
+ rc = -EINVAL;
if (rc < 0)
return rc;
- return discard_key(dimm);
+ if (key_type == ND_USER_KEY)
+ return discard_key(dimm);
+
+ return 0;
}
int ndctl_dimm_overwrite_key(struct ndctl_dimm *dimm)
@@ -623,7 +634,7 @@ int ndctl_dimm_overwrite_key(struct ndctl_dimm *dimm)
key_serial_t key;
int rc;
- key = check_dimm_key(dimm, false);
+ key = check_dimm_key(dimm, false, ND_USER_KEY);
if (key < 0)
return key;
@@ -19,7 +19,8 @@ int ndctl_dimm_setup_key(struct ndctl_dimm *dimm, const char *kek,
int ndctl_dimm_update_key(struct ndctl_dimm *dimm, const char *kek,
enum ndctl_key_type key_type);
int ndctl_dimm_remove_key(struct ndctl_dimm *dimm);
-int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm);
+int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm,
+ enum ndctl_key_type key_type);
int ndctl_dimm_overwrite_key(struct ndctl_dimm *dimm);
#else
char *ndctl_load_key_blob(const char *path, int *size, const char *postfix,
@@ -44,7 +45,8 @@ static inline int ndctl_dimm_remove_key(struct ndctl_dimm *dimm)
return -EOPNOTSUPP;
}
-static inline int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm)
+static inline int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm,
+ enum ndctl_key_type key_type);
{
return -EOPNOTSUPP;
}
Intel DSM v1.8 introduced the concept of master passphrase and allowing nvdimm to be secure erased via the master passphrase in addition to the user passphrase. Add ndctl support to provide master passphrase secure erase. Signed-off-by: Dave Jiang <dave.jiang@intel.com> --- Documentation/ndctl/ndctl-sanitize-dimm.txt | 6 +++++ ndctl/dimm.c | 13 ++++++++++- ndctl/lib/dimm.c | 9 ++++++++ ndctl/lib/libndctl.sym | 1 + ndctl/libndctl.h | 1 + ndctl/util/keys.c | 31 ++++++++++++++++++--------- ndctl/util/keys.h | 6 +++-- 7 files changed, 53 insertions(+), 14 deletions(-)