[PATCH v4 12/18] tools/testing/cxl: Add "passphrase secure erase" opcode support

Mon, 14 Nov 2022 12:34:27 -0800 

Add support to emulate a CXL mem device support the "passphrase secure
erase" operation.

Signed-off-by: Dave Jiang <dave.ji...@intel.com>
---
 tools/testing/cxl/test/mem.c |   65 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)

diff --git a/tools/testing/cxl/test/mem.c b/tools/testing/cxl/test/mem.c
index 90607597b9a4..fc28f7cc147a 100644
--- a/tools/testing/cxl/test/mem.c
+++ b/tools/testing/cxl/test/mem.c
@@ -362,6 +362,68 @@ static int mock_unlock_security(struct cxl_dev_state 
*cxlds, struct cxl_mbox_cmd
        return 0;
 }
 
+static int mock_passphrase_secure_erase(struct cxl_dev_state *cxlds,
+                                       struct cxl_mbox_cmd *cmd)
+{
+       struct cxl_mock_mem_pdata *mdata = dev_get_platdata(cxlds->dev);
+       struct cxl_pass_erase *erase;
+
+       if (cmd->size_in != sizeof(*erase))
+               return -EINVAL;
+
+       if (cmd->size_out != 0)
+               return -EINVAL;
+
+       erase = cmd->payload_in;
+       if (mdata->security_state & CXL_PMEM_SEC_STATE_FROZEN) {
+               cmd->return_code = CXL_MBOX_CMD_RC_SECURITY;
+               return -ENXIO;
+       }
+
+       if (mdata->security_state & CXL_PMEM_SEC_STATE_USER_PLIMIT &&
+           erase->type == CXL_PMEM_SEC_PASS_USER) {
+               cmd->return_code = CXL_MBOX_CMD_RC_SECURITY;
+               return -ENXIO;
+       }
+
+       if (mdata->security_state & CXL_PMEM_SEC_STATE_MASTER_PLIMIT &&
+           erase->type == CXL_PMEM_SEC_PASS_MASTER) {
+               cmd->return_code = CXL_MBOX_CMD_RC_SECURITY;
+               return -ENXIO;
+       }
+
+       if (erase->type == CXL_PMEM_SEC_PASS_MASTER &&
+           mdata->security_state & CXL_PMEM_SEC_STATE_MASTER_PASS_SET) {
+               if (memcmp(mdata->master_pass, erase->pass, 
NVDIMM_PASSPHRASE_LEN)) {
+                       master_plimit_check(mdata);
+                       cmd->return_code = CXL_MBOX_CMD_RC_PASSPHRASE;
+                       return -ENXIO;
+               }
+               mdata->master_limit = 0;
+               mdata->user_limit = 0;
+               mdata->security_state &= ~CXL_PMEM_SEC_STATE_USER_PASS_SET;
+               memset(mdata->user_pass, 0, NVDIMM_PASSPHRASE_LEN);
+               mdata->security_state &= ~CXL_PMEM_SEC_STATE_LOCKED;
+               return 0;
+       }
+
+       if (erase->type == CXL_PMEM_SEC_PASS_USER &&
+           mdata->security_state & CXL_PMEM_SEC_STATE_USER_PASS_SET) {
+               if (memcmp(mdata->user_pass, erase->pass, 
NVDIMM_PASSPHRASE_LEN)) {
+                       user_plimit_check(mdata);
+                       cmd->return_code = CXL_MBOX_CMD_RC_PASSPHRASE;
+                       return -ENXIO;
+               }
+
+               mdata->user_limit = 0;
+               mdata->security_state &= ~CXL_PMEM_SEC_STATE_USER_PASS_SET;
+               memset(mdata->user_pass, 0, NVDIMM_PASSPHRASE_LEN);
+               return 0;
+       }
+
+       return 0;
+}
+
 static int mock_get_lsa(struct cxl_dev_state *cxlds, struct cxl_mbox_cmd *cmd)
 {
        struct cxl_mbox_get_lsa *get_lsa = cmd->payload_in;
@@ -470,6 +532,9 @@ static int cxl_mock_mbox_send(struct cxl_dev_state *cxlds, 
struct cxl_mbox_cmd *
        case CXL_MBOX_OP_UNLOCK:
                rc = mock_unlock_security(cxlds, cmd);
                break;
+       case CXL_MBOX_OP_PASSPHRASE_SECURE_ERASE:
+               rc = mock_passphrase_secure_erase(cxlds, cmd);
+               break;
        default:
                break;
        }

Reply via email to