Lines Matching refs:nvdimm
50 static struct key *nvdimm_request_key(struct nvdimm *nvdimm) in nvdimm_request_key() argument
55 struct device *dev = &nvdimm->dev; in nvdimm_request_key()
57 sprintf(desc, "%s%s", NVDIMM_PREFIX, nvdimm->dimm_id); in nvdimm_request_key()
80 static const void *nvdimm_get_key_payload(struct nvdimm *nvdimm, in nvdimm_get_key_payload() argument
83 *key = nvdimm_request_key(nvdimm); in nvdimm_get_key_payload()
90 static struct key *nvdimm_lookup_user_key(struct nvdimm *nvdimm, in nvdimm_lookup_user_key() argument
96 struct device *dev = &nvdimm->dev; in nvdimm_lookup_user_key()
120 static const void *nvdimm_get_user_key_payload(struct nvdimm *nvdimm, in nvdimm_get_user_key_payload() argument
131 *key = nvdimm_lookup_user_key(nvdimm, id, subclass); in nvdimm_get_user_key_payload()
139 static int nvdimm_key_revalidate(struct nvdimm *nvdimm) in nvdimm_key_revalidate() argument
145 if (!nvdimm->sec.ops->change_key) in nvdimm_key_revalidate()
148 data = nvdimm_get_key_payload(nvdimm, &key); in nvdimm_key_revalidate()
154 rc = nvdimm->sec.ops->change_key(nvdimm, data, data, NVDIMM_USER); in nvdimm_key_revalidate()
161 nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_USER); in nvdimm_key_revalidate()
165 static int __nvdimm_security_unlock(struct nvdimm *nvdimm) in __nvdimm_security_unlock() argument
167 struct device *dev = &nvdimm->dev; in __nvdimm_security_unlock()
176 if (!nvdimm->sec.ops || !nvdimm->sec.ops->unlock in __nvdimm_security_unlock()
177 || !nvdimm->sec.flags) in __nvdimm_security_unlock()
181 if (test_bit(NVDIMM_SECURITY_DISABLED, &nvdimm->sec.flags)) in __nvdimm_security_unlock()
184 if (test_bit(NDD_SECURITY_OVERWRITE, &nvdimm->flags)) { in __nvdimm_security_unlock()
196 if (test_bit(NVDIMM_SECURITY_UNLOCKED, &nvdimm->sec.flags)) { in __nvdimm_security_unlock()
200 return nvdimm_key_revalidate(nvdimm); in __nvdimm_security_unlock()
202 data = nvdimm_get_key_payload(nvdimm, &key); in __nvdimm_security_unlock()
204 rc = nvdimm->sec.ops->unlock(nvdimm, data); in __nvdimm_security_unlock()
209 nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_USER); in __nvdimm_security_unlock()
215 struct nvdimm *nvdimm = to_nvdimm(dev); in nvdimm_security_unlock() local
219 rc = __nvdimm_security_unlock(nvdimm); in nvdimm_security_unlock()
224 static int check_security_state(struct nvdimm *nvdimm) in check_security_state() argument
226 struct device *dev = &nvdimm->dev; in check_security_state()
228 if (test_bit(NVDIMM_SECURITY_FROZEN, &nvdimm->sec.flags)) { in check_security_state()
230 nvdimm->sec.flags); in check_security_state()
234 if (test_bit(NDD_SECURITY_OVERWRITE, &nvdimm->flags)) { in check_security_state()
242 static int security_disable(struct nvdimm *nvdimm, unsigned int keyid) in security_disable() argument
244 struct device *dev = &nvdimm->dev; in security_disable()
253 if (!nvdimm->sec.ops || !nvdimm->sec.ops->disable in security_disable()
254 || !nvdimm->sec.flags) in security_disable()
257 rc = check_security_state(nvdimm); in security_disable()
261 data = nvdimm_get_user_key_payload(nvdimm, keyid, in security_disable()
266 rc = nvdimm->sec.ops->disable(nvdimm, data); in security_disable()
271 nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_USER); in security_disable()
275 static int security_update(struct nvdimm *nvdimm, unsigned int keyid, in security_update() argument
279 struct device *dev = &nvdimm->dev; in security_update()
288 if (!nvdimm->sec.ops || !nvdimm->sec.ops->change_key in security_update()
289 || !nvdimm->sec.flags) in security_update()
292 rc = check_security_state(nvdimm); in security_update()
296 data = nvdimm_get_user_key_payload(nvdimm, keyid, in security_update()
301 newdata = nvdimm_get_user_key_payload(nvdimm, new_keyid, in security_update()
308 rc = nvdimm->sec.ops->change_key(nvdimm, data, newdata, pass_type); in security_update()
317 nvdimm->sec.ext_flags = nvdimm_security_flags(nvdimm, in security_update()
320 nvdimm->sec.flags = nvdimm_security_flags(nvdimm, in security_update()
325 static int security_erase(struct nvdimm *nvdimm, unsigned int keyid, in security_erase() argument
328 struct device *dev = &nvdimm->dev; in security_erase()
337 if (!nvdimm->sec.ops || !nvdimm->sec.ops->erase in security_erase()
338 || !nvdimm->sec.flags) in security_erase()
341 rc = check_security_state(nvdimm); in security_erase()
345 if (!test_bit(NVDIMM_SECURITY_UNLOCKED, &nvdimm->sec.ext_flags) in security_erase()
352 data = nvdimm_get_user_key_payload(nvdimm, keyid, in security_erase()
357 rc = nvdimm->sec.ops->erase(nvdimm, data, pass_type); in security_erase()
363 nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_USER); in security_erase()
367 static int security_overwrite(struct nvdimm *nvdimm, unsigned int keyid) in security_overwrite() argument
369 struct device *dev = &nvdimm->dev; in security_overwrite()
378 if (!nvdimm->sec.ops || !nvdimm->sec.ops->overwrite in security_overwrite()
379 || !nvdimm->sec.flags) in security_overwrite()
387 rc = check_security_state(nvdimm); in security_overwrite()
391 data = nvdimm_get_user_key_payload(nvdimm, keyid, in security_overwrite()
396 rc = nvdimm->sec.ops->overwrite(nvdimm, data); in security_overwrite()
402 set_bit(NDD_SECURITY_OVERWRITE, &nvdimm->flags); in security_overwrite()
403 set_bit(NDD_WORK_PENDING, &nvdimm->flags); in security_overwrite()
404 set_bit(NVDIMM_SECURITY_OVERWRITE, &nvdimm->sec.flags); in security_overwrite()
410 queue_delayed_work(system_wq, &nvdimm->dwork, 0); in security_overwrite()
416 void __nvdimm_security_overwrite_query(struct nvdimm *nvdimm) in __nvdimm_security_overwrite_query() argument
418 struct nvdimm_bus *nvdimm_bus = walk_to_nvdimm_bus(&nvdimm->dev); in __nvdimm_security_overwrite_query()
429 if (!test_bit(NDD_WORK_PENDING, &nvdimm->flags)) in __nvdimm_security_overwrite_query()
432 tmo = nvdimm->sec.overwrite_tmo; in __nvdimm_security_overwrite_query()
434 if (!nvdimm->sec.ops || !nvdimm->sec.ops->query_overwrite in __nvdimm_security_overwrite_query()
435 || !nvdimm->sec.flags) in __nvdimm_security_overwrite_query()
438 rc = nvdimm->sec.ops->query_overwrite(nvdimm); in __nvdimm_security_overwrite_query()
443 queue_delayed_work(system_wq, &nvdimm->dwork, tmo * HZ); in __nvdimm_security_overwrite_query()
444 nvdimm->sec.overwrite_tmo = min(15U * 60U, tmo); in __nvdimm_security_overwrite_query()
449 dev_dbg(&nvdimm->dev, "overwrite failed\n"); in __nvdimm_security_overwrite_query()
451 dev_dbg(&nvdimm->dev, "overwrite completed\n"); in __nvdimm_security_overwrite_query()
453 if (nvdimm->sec.overwrite_state) in __nvdimm_security_overwrite_query()
454 sysfs_notify_dirent(nvdimm->sec.overwrite_state); in __nvdimm_security_overwrite_query()
455 nvdimm->sec.overwrite_tmo = 0; in __nvdimm_security_overwrite_query()
456 clear_bit(NDD_SECURITY_OVERWRITE, &nvdimm->flags); in __nvdimm_security_overwrite_query()
457 clear_bit(NDD_WORK_PENDING, &nvdimm->flags); in __nvdimm_security_overwrite_query()
458 put_device(&nvdimm->dev); in __nvdimm_security_overwrite_query()
459 nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_USER); in __nvdimm_security_overwrite_query()
460 nvdimm->sec.flags = nvdimm_security_flags(nvdimm, NVDIMM_MASTER); in __nvdimm_security_overwrite_query()
465 struct nvdimm *nvdimm = in nvdimm_security_overwrite_query() local
466 container_of(work, typeof(*nvdimm), dwork.work); in nvdimm_security_overwrite_query()
468 nvdimm_bus_lock(&nvdimm->dev); in nvdimm_security_overwrite_query()
469 __nvdimm_security_overwrite_query(nvdimm); in nvdimm_security_overwrite_query()
470 nvdimm_bus_unlock(&nvdimm->dev); in nvdimm_security_overwrite_query()
497 struct nvdimm *nvdimm = to_nvdimm(dev); in nvdimm_security_store() local
524 rc = nvdimm_security_freeze(nvdimm); in nvdimm_security_store()
527 rc = security_disable(nvdimm, key); in nvdimm_security_store()
530 rc = security_update(nvdimm, key, newkey, i == OP_UPDATE in nvdimm_security_store()
534 if (atomic_read(&nvdimm->busy)) { in nvdimm_security_store()
538 rc = security_erase(nvdimm, key, i == OP_ERASE in nvdimm_security_store()
542 if (atomic_read(&nvdimm->busy)) { in nvdimm_security_store()
546 rc = security_overwrite(nvdimm, key); in nvdimm_security_store()