On Tue, Sep 25, 2018 at 4:39 PM Dave Jiang <[email protected]> wrote:
>
> Add support to allow query the security status of the Intel nvdimms and
> also unlock the dimm via the kernel key management APIs. The passphrase is
> expected to be pulled from userspace through keyutils. Moving the Intel
> related bits to its own source file as well.
>
> Signed-off-by: Dave Jiang <[email protected]>
> Reviewed-by: Dan Williams <[email protected]>
The series is looking great, just a minor comment here...
[..]
> diff --git a/drivers/nvdimm/dimm_devs.c b/drivers/nvdimm/dimm_devs.c
> index f414ed346215..b7e22e6b80db 100644
> --- a/drivers/nvdimm/dimm_devs.c
> +++ b/drivers/nvdimm/dimm_devs.c
[..]
> +int nvdimm_security_unlock_dimm(struct device *dev)
> +{
[..]
> + if (rc == 0) {
> + if (!cached_key) {
> + key_link(nvdimm_keyring, key);
> + nvdimm->key = key;
> + }
> + nvdimm->state = NVDIMM_SECURITY_UNLOCKED;
> + dev_info(dev, "DIMM %s unlocked\n", dev_name(dev));
I predict the noise from this print will necessitate a dev_dbg()
conversion down the road. Let's go ahead and make it dev_dbg() now.
> + } else {
> + key_unlink(nvdimm_keyring, key);
> + key_invalidate(key);
> + nvdimm->key = NULL;
> + dev_warn(dev, "Failed to unlock dimm: %s\n", dev_name(dev));
This looks good, let's only spam the logs when things go bad.
_______________________________________________
Linux-nvdimm mailing list
[email protected]
https://lists.01.org/mailman/listinfo/linux-nvdimm
