Add support to secure erase to libndctl and also command line option of "sanitize-dimm" for ndctl. This will initiate the request to crypto erase a DIMM.
Signed-off-by: Dave Jiang <dave.ji...@intel.com> --- Documentation/ndctl/Makefile.am | 3 + Documentation/ndctl/ndctl-sanitize-dimm.txt | 30 +++++++++++++ ndctl/builtin.h | 1 ndctl/dimm.c | 29 ++++++++++++ ndctl/lib/dimm.c | 8 +++ ndctl/lib/keys.c | 63 +++++++++++++++++++++++++-- ndctl/lib/libndctl.sym | 2 + ndctl/libndctl.h | 7 +++ ndctl/ndctl.c | 1 9 files changed, 138 insertions(+), 6 deletions(-) create mode 100644 Documentation/ndctl/ndctl-sanitize-dimm.txt diff --git a/Documentation/ndctl/Makefile.am b/Documentation/ndctl/Makefile.am index f4230ead..2e535940 100644 --- a/Documentation/ndctl/Makefile.am +++ b/Documentation/ndctl/Makefile.am @@ -52,7 +52,8 @@ man1_MANS = \ ndctl-setup-passphrase.1 \ ndctl-update-passphrase.1 \ ndctl-disable-passphrase.1 \ - ndctl-freeze-security.1 + ndctl-freeze-security.1 \ + ndctl-sanitize-dimm.1 CLEANFILES = $(man1_MANS) diff --git a/Documentation/ndctl/ndctl-sanitize-dimm.txt b/Documentation/ndctl/ndctl-sanitize-dimm.txt new file mode 100644 index 00000000..f95be28f --- /dev/null +++ b/Documentation/ndctl/ndctl-sanitize-dimm.txt @@ -0,0 +1,30 @@ +// SPDX-License-Identifier: GPL-2.0 + +ndctl-sanitize-dimm(1) +====================== + +NAME +---- +ndctl-sanitize-dimm - Perform a cryptographic destruction of the contents of the given NVDIMM(s). + +SYNOPSIS +-------- +[verse] +'ndctl sanitize-dimm' <nmem0> [<nmem1>..<nmemN>] [<options>] + +DESCRIPTION +----------- +Search the user key ring for the associated NVDIMM. If not found, +attempt to load the key blob from the default location. After disabling +the passphrase, remove the key and the key blob. + +OPTIONS +------- +<dimm>:: +include::xable-dimm-options.txt[] + +include::../copyright.txt[] + +SEE ALSO +-------- +https://trustedcomputinggroup.org/wp-content/uploads/TCG_SWG_SIIS_Version_1_07_Revision_1_00.pdf [Trusted Computing Group Storage Interface Interactions Specification] diff --git a/ndctl/builtin.h b/ndctl/builtin.h index 8434766d..3d8f4ce7 100644 --- a/ndctl/builtin.h +++ b/ndctl/builtin.h @@ -37,4 +37,5 @@ int cmd_passphrase_setup(int argc, const char **argv, struct ndctl_ctx *ctx); int cmd_passphrase_update(int argc, const char **argv, struct ndctl_ctx *ctx); int cmd_passphrase_remove(int argc, const char **argv, struct ndctl_ctx *ctx); int cmd_freeze_security(int argc, const char **argv, struct ndctl_ctx *ctx); +int cmd_sanitize_dimm(int argc, const char **argv, struct ndctl_ctx *ctx); #endif /* _NDCTL_BUILTIN_H_ */ diff --git a/ndctl/dimm.c b/ndctl/dimm.c index 3222def6..c346b7fb 100644 --- a/ndctl/dimm.c +++ b/ndctl/dimm.c @@ -890,6 +890,24 @@ static int action_security_freeze(struct ndctl_dimm *dimm, return rc; } +static int action_sanitize_dimm(struct ndctl_dimm *dimm, + struct action_context *actx) +{ + int rc; + + if (ndctl_dimm_get_security(dimm) < 0) { + error("%s: security operation not supported\n", + ndctl_dimm_get_devname(dimm)); + return -EOPNOTSUPP; + } + + rc = ndctl_dimm_secure_erase_key(dimm); + if (rc < 0) + return rc; + + return 0; +} + static int __action_init(struct ndctl_dimm *dimm, enum ndctl_namespace_version version, int chk_only) { @@ -1278,3 +1296,14 @@ int cmd_freeze_security(int argc, const char **argv, void *ctx) count > 1 ? "s" : ""); return count >= 0 ? 0 : EXIT_FAILURE; } + +int cmd_sanitize_dimm(int argc, const char **argv, void *ctx) +{ + int count = dimm_action(argc, argv, ctx, action_sanitize_dimm, + base_options, + "ndctl sanitize-dimm <nmem0> [<nmem1>..<nmemN>] [<options>]"); + + fprintf(stderr, "sanitized %d nmem%s.\n", count >= 0 ? count : 0, + count > 1 ? "s" : ""); + return count >= 0 ? 0 : EXIT_FAILURE; +} diff --git a/ndctl/lib/dimm.c b/ndctl/lib/dimm.c index 0a7eaaef..50650738 100644 --- a/ndctl/lib/dimm.c +++ b/ndctl/lib/dimm.c @@ -669,3 +669,11 @@ NDCTL_EXPORT int ndctl_dimm_freeze_security(struct ndctl_dimm *dimm) { return write_security(dimm, "freeze"); } + +NDCTL_EXPORT int ndctl_dimm_secure_erase(struct ndctl_dimm *dimm, long key) +{ + char buf[SYSFS_ATTR_SIZE]; + + sprintf(buf, "erase %ld\n", key); + return write_security(dimm, buf); +} diff --git a/ndctl/lib/keys.c b/ndctl/lib/keys.c index fe618870..5353bdc4 100644 --- a/ndctl/lib/keys.c +++ b/ndctl/lib/keys.c @@ -387,11 +387,10 @@ NDCTL_EXPORT int ndctl_dimm_update_key(struct ndctl_dimm *dimm) return 0; } -NDCTL_EXPORT int ndctl_dimm_remove_key(struct ndctl_dimm *dimm) +static key_serial_t check_dimm_key(struct ndctl_dimm *dimm) { struct ndctl_ctx *ctx = ndctl_dimm_get_ctx(dimm); key_serial_t key; - int rc; key = dimm_check_key(dimm, false); if (key < 0) { @@ -402,15 +401,69 @@ NDCTL_EXPORT int ndctl_dimm_remove_key(struct ndctl_dimm *dimm) } } - rc = ndctl_dimm_disable_passphrase(dimm, key); + return key; +} + +static int run_key_op(struct ndctl_dimm *dimm, + key_serial_t key, + int (*run_op)(struct ndctl_dimm *, long), const char *name) +{ + struct ndctl_ctx *ctx = ndctl_dimm_get_ctx(dimm); + int rc; + + rc = run_op(dimm, key); if (rc < 0) { - err(ctx, "Failed to disable security for %s\n", + err(ctx, "Failed %s for %s\n", name, ndctl_dimm_get_devname(dimm)); return rc; } + return 0; +} + +static int discard_key(struct ndctl_dimm *dimm) +{ + struct ndctl_ctx *ctx = ndctl_dimm_get_ctx(dimm); + int rc; + rc = dimm_remove_key(dimm, false); - if (rc < 0) + if (rc < 0) { err(ctx, "Unable to cleanup key.\n"); + return rc; + } return 0; } + +NDCTL_EXPORT int ndctl_dimm_remove_key(struct ndctl_dimm *dimm) +{ + key_serial_t key; + int rc; + + key = check_dimm_key(dimm); + if (key < 0) + return key; + + rc = run_key_op(dimm, key, ndctl_dimm_disable_passphrase, + "remove passphrase"); + if (rc < 0) + return rc; + + return discard_key(dimm); +} + +NDCTL_EXPORT int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm) +{ + key_serial_t key; + int rc; + + key = check_dimm_key(dimm); + if (key < 0) + return key; + + rc = run_key_op(dimm, key, ndctl_dimm_secure_erase, + "crypto erase"); + if (rc < 0) + return rc; + + return discard_key(dimm); +} diff --git a/ndctl/lib/libndctl.sym b/ndctl/lib/libndctl.sym index dfcf4977..f4b487d4 100644 --- a/ndctl/lib/libndctl.sym +++ b/ndctl/lib/libndctl.sym @@ -398,4 +398,6 @@ global: ndctl_dimm_disable_passphrase; ndctl_dimm_remove_key; ndctl_dimm_freeze_security; + ndctl_dimm_secure_erase; + ndctl_dimm_secure_erase_key; } LIBNDCTL_18; diff --git a/ndctl/libndctl.h b/ndctl/libndctl.h index 839d39f1..05c39e8e 100644 --- a/ndctl/libndctl.h +++ b/ndctl/libndctl.h @@ -705,6 +705,7 @@ int ndctl_dimm_update_passphrase(struct ndctl_dimm *dimm, long ckey, long nkey); int ndctl_dimm_disable_passphrase(struct ndctl_dimm *dimm, long key); int ndctl_dimm_freeze_security(struct ndctl_dimm *dimm); +int ndctl_dimm_secure_erase(struct ndctl_dimm *dimm, long key); enum ndctl_key_type { ND_USER_KEY, @@ -715,6 +716,7 @@ enum ndctl_key_type { int ndctl_dimm_enable_key(struct ndctl_dimm *dimm); int ndctl_dimm_update_key(struct ndctl_dimm *dimm); int ndctl_dimm_remove_key(struct ndctl_dimm *dimm); +int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm); #else static inline int ndctl_dimm_enable_key(struct ndctl_dimm *dimm) { @@ -730,6 +732,11 @@ static inline int ndctl_dimm_remove_key(struct ndctl_dimm *dimm) { return -EOPNOTSUPP; } + +static inline int ndctl_dimm_secure_erase_key(struct ndctl_dimm *dimm) +{ + return -EOPNOTSUPP; +} #endif #define ND_KEY_DESC_SIZE 128 diff --git a/ndctl/ndctl.c b/ndctl/ndctl.c index d3b47e26..283ccc33 100644 --- a/ndctl/ndctl.c +++ b/ndctl/ndctl.c @@ -92,6 +92,7 @@ static struct cmd_struct commands[] = { { "update-passphrase", { cmd_passphrase_update } }, { "remove-passphrase", { cmd_passphrase_remove } }, { "freeze-security", { cmd_freeze_security } }, + { "sanitize-dimm", { cmd_sanitize_dimm } }, { "list", { cmd_list } }, { "monitor", { cmd_monitor } }, { "install-encrypt-key", { cmd_install_kek } }, _______________________________________________ Linux-nvdimm mailing list Linux-nvdimm@lists.01.org https://lists.01.org/mailman/listinfo/linux-nvdimm