Commit abf0c838 authored by Dave Jiang's avatar Dave Jiang Committed by Dan Williams
Browse files

tools/testing/cxl: Add "Disable" security opcode support 



Add support to emulate a CXL mem device support the "Disable Passphrase"
operation. The operation supports disabling of either a user or a master
passphrase. The emulation will provide support for both user and master
passphrase.

Reviewed-by: default avatarJonathan Cameron <Jonathan.Cameron@huawei.com>
Signed-off-by: default avatarDave Jiang <dave.jiang@intel.com>
Link: https://lore.kernel.org/r/166983612447.2734609.2767804273351656413.stgit@djiang5-desk3.ch.intel.com


Signed-off-by: default avatarDan Williams <dan.j.williams@intel.com>
parent c4ef680d

tools/testing/cxl/test/mem.c

+74 −0
Original line number Diff line number Diff line
@@ -243,6 +243,77 @@ static int mock_set_passphrase(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd 
	return -EINVAL;

}



static int mock_disable_passphrase(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd)

{

	struct cxl_mock_mem_pdata *mdata = dev_get_platdata(cxlds->dev);

	struct cxl_disable_pass *dis_pass;



	if (cmd->size_in != sizeof(*dis_pass))

		return -EINVAL;



	if (cmd->size_out != 0)

		return -EINVAL;



	if (mdata->security_state & CXL_PMEM_SEC_STATE_FROZEN) {

		cmd->return_code = CXL_MBOX_CMD_RC_SECURITY;

		return -ENXIO;

	}



	dis_pass = cmd->payload_in;

	switch (dis_pass->type) {

	case CXL_PMEM_SEC_PASS_MASTER:

		if (mdata->security_state & CXL_PMEM_SEC_STATE_MASTER_PLIMIT) {

			cmd->return_code = CXL_MBOX_CMD_RC_SECURITY;

			return -ENXIO;

		}



		if (!(mdata->security_state & CXL_PMEM_SEC_STATE_MASTER_PASS_SET)) {

			cmd->return_code = CXL_MBOX_CMD_RC_SECURITY;

			return -ENXIO;

		}



		if (memcmp(dis_pass->pass, mdata->master_pass, NVDIMM_PASSPHRASE_LEN)) {

			master_plimit_check(mdata);

			cmd->return_code = CXL_MBOX_CMD_RC_PASSPHRASE;

			return -ENXIO;

		}



		mdata->master_limit = 0;

		memset(mdata->master_pass, 0, NVDIMM_PASSPHRASE_LEN);

		mdata->security_state &= ~CXL_PMEM_SEC_STATE_MASTER_PASS_SET;

		return 0;



	case CXL_PMEM_SEC_PASS_USER:

		if (mdata->security_state & CXL_PMEM_SEC_STATE_USER_PLIMIT) {

			cmd->return_code = CXL_MBOX_CMD_RC_SECURITY;

			return -ENXIO;

		}



		if (!(mdata->security_state & CXL_PMEM_SEC_STATE_USER_PASS_SET)) {

			cmd->return_code = CXL_MBOX_CMD_RC_SECURITY;

			return -ENXIO;

		}



		if (memcmp(dis_pass->pass, mdata->user_pass, NVDIMM_PASSPHRASE_LEN)) {

			user_plimit_check(mdata);

			cmd->return_code = CXL_MBOX_CMD_RC_PASSPHRASE;

			return -ENXIO;

		}



		mdata->user_limit = 0;

		memset(mdata->user_pass, 0, NVDIMM_PASSPHRASE_LEN);

		mdata->security_state &= ~(CXL_PMEM_SEC_STATE_USER_PASS_SET |

					   CXL_PMEM_SEC_STATE_LOCKED);

		return 0;



	default:

		cmd->return_code = CXL_MBOX_CMD_RC_INPUT;

		return -EINVAL;

	}



	return 0;

}



static int mock_get_lsa(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd)

{

	struct cxl_mbox_get_lsa *get_lsa = cmd->payload_in;
@@ -344,6 +415,9 @@ static int cxl_mock_mbox_send(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd * 
	case CXL_MBOX_OP_SET_PASSPHRASE:

		rc = mock_set_passphrase(cxlds, cmd);

		break;

	case CXL_MBOX_OP_DISABLE_PASSPHRASE:

		rc = mock_disable_passphrase(cxlds, cmd);

		break;

	default:

		break;

	}