• D
    acpi/nfit: Add support for Intel DSM 1.8 commands · d7258548
    Dave Jiang 提交于
    to #27305291
    
    commit b3ed2ce024c36054e51cca2eb31a1cdbe4a5f11e upstream.
    
    Add command definition for security commands defined in Intel DSM
    specification v1.8 [1]. This includes "get security state", "set
    passphrase", "unlock unit", "freeze lock", "secure erase", "overwrite",
    "overwrite query", "master passphrase enable/disable", and "master
    erase", . Since this adds several Intel definitions, move the relevant
    bits to their own header.
    
    These commands mutate physical data, but that manipulation is not cache
    coherent. The requirement to flush and invalidate caches makes these
    commands unsuitable to be called from userspace, so extra logic is added
    to detect and block these commands from being submitted via the ioctl
    command submission path.
    
    Lastly, the commands may contain sensitive key material that should not
    be dumped in a standard debug session. Update the nvdimm-command
    payload-dump facility to move security command payloads behind a
    default-off compile time switch.
    
    [1]: http://pmem.io/documents/NVDIMM_DSM_Interface-V1.8.pdfSigned-off-by: NDave Jiang <dave.jiang@intel.com>
    Signed-off-by: NDan Williams <dan.j.williams@intel.com>
    
    [ Shile: fixed conflicts:
    This patch updated the file "drivers/acpi/nfit/intel.h". The header file is
    introduced by commit 0ead111 ("acpi, nfit: Collect shutdown status") in
    upstream, which also update the test files. So let's fetch this part to fix
    the conflict:
    - tools/testing/nvdimm/test/nfit.c
    - tools/testing/nvdimm/test/nfit_test.h ]
    Signed-off-by: NShile Zhang <shile.zhang@linux.alibaba.com>
    Reviewed-by: NYang Shi <yang.shi@linux.alibaba.com>
    d7258548
nfit.h 8.7 KB