scsi: zfcp: log FC Endpoint Security of connections

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Log the usage of and subsequent changes in FC Endpoint Security of
connections between FCP devices and FC remote ports to the kernel ring
buffer. Activation of FC Endpoint Security is logged as informational.
Change and deactivation are logged as warning.

No logging takes place, if FC Endpoint Security is not used (i.e. never
activated) on a connection or if it does not change during reopen of a port
(e.g. due to adapter or port recovery).

Link: https://lore.kernel.org/r/20200312174505.51294-8-maier@linux.ibm.com
Reviewed-by: Steffen Maier <maier@linux.ibm.com>
Reviewed-by: Fedor Loshakov <loshakov@linux.ibm.com>
Signed-off-by: Jens Remus <jremus@linux.ibm.com>
Signed-off-by: Steffen Maier <maier@linux.ibm.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>

authored by

Jens Remus and committed by

Martin K. Petersen 6 years ago f0d26ae8 a17c7846

+54 -1

2 changed files

expand all

drivers

s390

scsi

zfcp_def.h

zfcp_fsf.c

drivers/s390/scsi/zfcp_def.h

··· 220 220 u32 maxframe_size; 221 221 u32 supported_classes; 222 222 u32 connection_info; 223 + u32 connection_info_old; 223 224 struct work_struct gid_pn_work; 224 225 struct work_struct test_link_work; 225 226 struct work_struct rport_work;

+53 -1

drivers/s390/scsi/zfcp_fsf.c

··· 666 666 667 667 /* 668 668 * Mapping of FC Endpoint Security flag masks to mnemonics 669 + * 670 + * NOTE: Update macro ZFCP_FSF_MAX_FC_SECURITY_MNEMONIC_LENGTH when making any 671 + * changes. 669 672 */ 670 673 static const struct { 671 674 u32 mask; ··· 678 675 { FSF_FC_SECURITY_ENC_FCSP2 | 679 676 FSF_FC_SECURITY_ENC_ERAS, "Encryption" }, 680 677 }; 678 + 679 + /* maximum strlen(zfcp_fsf_fc_security_mnemonics[...].name) + 1 */ 680 + #define ZFCP_FSF_MAX_FC_SECURITY_MNEMONIC_LENGTH 15 681 681 682 682 /** 683 683 * zfcp_fsf_scnprint_fc_security() - translate FC Endpoint Security flags into ··· 706 700 * undefined in zfcp_fsf_fc_security_mnemonics, its value in hexadecimal 707 701 * representation is placed into the buffer. If more than one FC Endpoint 708 702 * Security flag was specified, their value in hexadecimal representation is 709 - * placed into the buffer. 703 + * placed into the buffer. The macro ZFCP_FSF_MAX_FC_SECURITY_MNEMONIC_LENGTH 704 + * can be used to define a buffer that is large enough to hold one mnemonic. 710 705 * 711 706 * Return: The number of characters written into buf not including the trailing 712 707 * '\0'. If size is == 0 the function returns 0. ··· 1579 1572 return retval; 1580 1573 } 1581 1574 1575 + static void zfcp_fsf_log_port_fc_security(struct zfcp_port *port) 1576 + { 1577 + char mnemonic_old[ZFCP_FSF_MAX_FC_SECURITY_MNEMONIC_LENGTH]; 1578 + char mnemonic_new[ZFCP_FSF_MAX_FC_SECURITY_MNEMONIC_LENGTH]; 1579 + 1580 + if (port->connection_info == port->connection_info_old) { 1581 + /* no change, no log */ 1582 + return; 1583 + } 1584 + 1585 + zfcp_fsf_scnprint_fc_security(mnemonic_old, sizeof(mnemonic_old), 1586 + port->connection_info_old, 1587 + ZFCP_FSF_PRINT_FMT_SINGLEITEM); 1588 + zfcp_fsf_scnprint_fc_security(mnemonic_new, sizeof(mnemonic_new), 1589 + port->connection_info, 1590 + ZFCP_FSF_PRINT_FMT_SINGLEITEM); 1591 + 1592 + if (strncmp(mnemonic_old, mnemonic_new, 1593 + ZFCP_FSF_MAX_FC_SECURITY_MNEMONIC_LENGTH) == 0) { 1594 + /* no change in string representation, no log */ 1595 + goto out; 1596 + } 1597 + 1598 + if (port->connection_info_old == 0) { 1599 + /* activation */ 1600 + dev_info(&port->adapter->ccw_device->dev, 1601 + "FC Endpoint Security of connection to remote port 0x%16llx enabled: %s\n", 1602 + port->wwpn, mnemonic_new); 1603 + } else if (port->connection_info == 0) { 1604 + /* deactivation */ 1605 + dev_warn(&port->adapter->ccw_device->dev, 1606 + "FC Endpoint Security of connection to remote port 0x%16llx disabled: was %s\n", 1607 + port->wwpn, mnemonic_old); 1608 + } else { 1609 + /* change */ 1610 + dev_warn(&port->adapter->ccw_device->dev, 1611 + "FC Endpoint Security of connection to remote port 0x%16llx changed: from %s to %s\n", 1612 + port->wwpn, mnemonic_old, mnemonic_new); 1613 + } 1614 + 1615 + out: 1616 + port->connection_info_old = port->connection_info; 1617 + } 1618 + 1582 1619 static void zfcp_fsf_open_port_handler(struct zfcp_fsf_req *req) 1583 1620 { 1584 1621 struct zfcp_adapter *adapter = req->adapter; ··· 1663 1612 port->connection_info = bottom->connection_info; 1664 1613 else 1665 1614 port->connection_info = 0; 1615 + zfcp_fsf_log_port_fc_security(port); 1666 1616 atomic_or(ZFCP_STATUS_COMMON_OPEN | 1667 1617 ZFCP_STATUS_PORT_PHYS_OPEN, &port->status); 1668 1618 atomic_andnot(ZFCP_STATUS_COMMON_ACCESS_BOXED,