aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/acpi/nfit/intel.c
diff options
context:
space:
mode:
Diffstat (limited to 'drivers/acpi/nfit/intel.c')
-rw-r--r--drivers/acpi/nfit/intel.c59
1 files changed, 32 insertions, 27 deletions
diff --git a/drivers/acpi/nfit/intel.c b/drivers/acpi/nfit/intel.c
index cddd0fcf622c..1113b679cd7b 100644
--- a/drivers/acpi/nfit/intel.c
+++ b/drivers/acpi/nfit/intel.c
@@ -7,10 +7,11 @@
7#include "intel.h" 7#include "intel.h"
8#include "nfit.h" 8#include "nfit.h"
9 9
10static enum nvdimm_security_state intel_security_state(struct nvdimm *nvdimm, 10static unsigned long intel_security_flags(struct nvdimm *nvdimm,
11 enum nvdimm_passphrase_type ptype) 11 enum nvdimm_passphrase_type ptype)
12{ 12{
13 struct nfit_mem *nfit_mem = nvdimm_provider_data(nvdimm); 13 struct nfit_mem *nfit_mem = nvdimm_provider_data(nvdimm);
14 unsigned long security_flags = 0;
14 struct { 15 struct {
15 struct nd_cmd_pkg pkg; 16 struct nd_cmd_pkg pkg;
16 struct nd_intel_get_security_state cmd; 17 struct nd_intel_get_security_state cmd;
@@ -27,7 +28,7 @@ static enum nvdimm_security_state intel_security_state(struct nvdimm *nvdimm,
27 int rc; 28 int rc;
28 29
29 if (!test_bit(NVDIMM_INTEL_GET_SECURITY_STATE, &nfit_mem->dsm_mask)) 30 if (!test_bit(NVDIMM_INTEL_GET_SECURITY_STATE, &nfit_mem->dsm_mask))
30 return -ENXIO; 31 return 0;
31 32
32 /* 33 /*
33 * Short circuit the state retrieval while we are doing overwrite. 34 * Short circuit the state retrieval while we are doing overwrite.
@@ -35,38 +36,42 @@ static enum nvdimm_security_state intel_security_state(struct nvdimm *nvdimm,
35 * until the overwrite DSM completes. 36 * until the overwrite DSM completes.
36 */ 37 */
37 if (nvdimm_in_overwrite(nvdimm) && ptype == NVDIMM_USER) 38 if (nvdimm_in_overwrite(nvdimm) && ptype == NVDIMM_USER)
38 return NVDIMM_SECURITY_OVERWRITE; 39 return BIT(NVDIMM_SECURITY_OVERWRITE);
39 40
40 rc = nvdimm_ctl(nvdimm, ND_CMD_CALL, &nd_cmd, sizeof(nd_cmd), NULL); 41 rc = nvdimm_ctl(nvdimm, ND_CMD_CALL, &nd_cmd, sizeof(nd_cmd), NULL);
41 if (rc < 0) 42 if (rc < 0 || nd_cmd.cmd.status) {
42 return rc; 43 pr_err("%s: security state retrieval failed (%d:%#x)\n",
43 if (nd_cmd.cmd.status) 44 nvdimm_name(nvdimm), rc, nd_cmd.cmd.status);
44 return -EIO; 45 return 0;
46 }
45 47
46 /* check and see if security is enabled and locked */ 48 /* check and see if security is enabled and locked */
47 if (ptype == NVDIMM_MASTER) { 49 if (ptype == NVDIMM_MASTER) {
48 if (nd_cmd.cmd.extended_state & ND_INTEL_SEC_ESTATE_ENABLED) 50 if (nd_cmd.cmd.extended_state & ND_INTEL_SEC_ESTATE_ENABLED)
49 return NVDIMM_SECURITY_UNLOCKED; 51 set_bit(NVDIMM_SECURITY_UNLOCKED, &security_flags);
50 else if (nd_cmd.cmd.extended_state & 52 else
51 ND_INTEL_SEC_ESTATE_PLIMIT) 53 set_bit(NVDIMM_SECURITY_DISABLED, &security_flags);
52 return NVDIMM_SECURITY_FROZEN; 54 if (nd_cmd.cmd.extended_state & ND_INTEL_SEC_ESTATE_PLIMIT)
53 } else { 55 set_bit(NVDIMM_SECURITY_FROZEN, &security_flags);
54 if (nd_cmd.cmd.state & ND_INTEL_SEC_STATE_UNSUPPORTED) 56 return security_flags;
55 return -ENXIO;
56 else if (nd_cmd.cmd.state & ND_INTEL_SEC_STATE_ENABLED) {
57 if (nd_cmd.cmd.state & ND_INTEL_SEC_STATE_LOCKED)
58 return NVDIMM_SECURITY_LOCKED;
59 else if (nd_cmd.cmd.state & ND_INTEL_SEC_STATE_FROZEN
60 || nd_cmd.cmd.state &
61 ND_INTEL_SEC_STATE_PLIMIT)
62 return NVDIMM_SECURITY_FROZEN;
63 else
64 return NVDIMM_SECURITY_UNLOCKED;
65 }
66 } 57 }
67 58
68 /* this should cover master security disabled as well */ 59 if (nd_cmd.cmd.state & ND_INTEL_SEC_STATE_UNSUPPORTED)
69 return NVDIMM_SECURITY_DISABLED; 60 return 0;
61
62 if (nd_cmd.cmd.state & ND_INTEL_SEC_STATE_ENABLED) {
63 if (nd_cmd.cmd.state & ND_INTEL_SEC_STATE_FROZEN ||
64 nd_cmd.cmd.state & ND_INTEL_SEC_STATE_PLIMIT)
65 set_bit(NVDIMM_SECURITY_FROZEN, &security_flags);
66
67 if (nd_cmd.cmd.state & ND_INTEL_SEC_STATE_LOCKED)
68 set_bit(NVDIMM_SECURITY_LOCKED, &security_flags);
69 else
70 set_bit(NVDIMM_SECURITY_UNLOCKED, &security_flags);
71 } else
72 set_bit(NVDIMM_SECURITY_DISABLED, &security_flags);
73
74 return security_flags;
70} 75}
71 76
72static int intel_security_freeze(struct nvdimm *nvdimm) 77static int intel_security_freeze(struct nvdimm *nvdimm)
@@ -371,7 +376,7 @@ static void nvdimm_invalidate_cache(void)
371#endif 376#endif
372 377
373static const struct nvdimm_security_ops __intel_security_ops = { 378static const struct nvdimm_security_ops __intel_security_ops = {
374 .state = intel_security_state, 379 .get_flags = intel_security_flags,
375 .freeze = intel_security_freeze, 380 .freeze = intel_security_freeze,
376 .change_key = intel_security_change_key, 381 .change_key = intel_security_change_key,
377 .disable = intel_security_disable, 382 .disable = intel_security_disable,
generated by cgit v1.2.2 (git 2.25.0) at 2025-04-25 07:06:03 -0400