block: sed-opal: add ioctl IOC_OPAL_SET_SID_PW

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

After a SED drive is provisioned, there is no way to change the SID
password via the ioctl() interface. A new ioctl IOC_OPAL_SET_SID_PW
will allow the password to be changed. The valid current password is
required.

Signed-off-by: Greg Joyce <gjoyce@linux.ibm.com>
Reviewed-by: Daniel Wagner <dwagner@suse.de>
Link: https://lore.kernel.org/r/20240829175639.6478-2-gjoyce@linux.ibm.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>

authored by

Greg Joyce and committed by

Jens Axboe 1 year ago b21d948f 69f407ee

+28

3 changed files

expand all

block

sed-opal.c

include

linux

sed-opal.h

uapi

linux

sed-opal.h

+26

block/sed-opal.c

··· 3037 3037 return ret; 3038 3038 } 3039 3039 3040 + static int opal_set_new_sid_pw(struct opal_dev *dev, struct opal_new_pw *opal_pw) 3041 + { 3042 + int ret; 3043 + struct opal_key *newkey = &opal_pw->new_user_pw.opal_key; 3044 + struct opal_key *oldkey = &opal_pw->session.opal_key; 3045 + 3046 + const struct opal_step pw_steps[] = { 3047 + { start_SIDASP_opal_session, oldkey }, 3048 + { set_sid_cpin_pin, newkey }, 3049 + { end_opal_session, } 3050 + }; 3051 + 3052 + if (!dev) 3053 + return -ENODEV; 3054 + 3055 + mutex_lock(&dev->dev_lock); 3056 + setup_opal_dev(dev); 3057 + ret = execute_steps(dev, pw_steps, ARRAY_SIZE(pw_steps)); 3058 + mutex_unlock(&dev->dev_lock); 3059 + 3060 + return ret; 3061 + } 3062 + 3040 3063 static int opal_activate_user(struct opal_dev *dev, 3041 3064 struct opal_session_info *opal_session) 3042 3065 { ··· 3308 3285 break; 3309 3286 case IOC_OPAL_DISCOVERY: 3310 3287 ret = opal_get_discv(dev, p); 3288 + break; 3289 + case IOC_OPAL_SET_SID_PW: 3290 + ret = opal_set_new_sid_pw(dev, p); 3311 3291 break; 3312 3292 3313 3293 default:

include/linux/sed-opal.h

··· 52 52 case IOC_OPAL_GET_GEOMETRY: 53 53 case IOC_OPAL_DISCOVERY: 54 54 case IOC_OPAL_REVERT_LSP: 55 + case IOC_OPAL_SET_SID_PW: 55 56 return true; 56 57 } 57 58 return false;

include/uapi/linux/sed-opal.h

··· 215 215 #define IOC_OPAL_GET_GEOMETRY _IOR('p', 238, struct opal_geometry) 216 216 #define IOC_OPAL_DISCOVERY _IOW('p', 239, struct opal_discovery) 217 217 #define IOC_OPAL_REVERT_LSP _IOW('p', 240, struct opal_revert_lsp) 218 + #define IOC_OPAL_SET_SID_PW _IOW('p', 241, struct opal_new_pw) 218 219 219 220 #endif /* _UAPI_SED_OPAL_H */