Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp2789305ybl; Mon, 19 Aug 2019 07:33:44 -0700 (PDT) X-Google-Smtp-Source: APXvYqyLgyfaneTpUpe4BSTOkQKz+FP8mr1R0NlOzN8FtZebr4rDGH50RoVFkv0IRGiuL2yfziAn X-Received: by 2002:a17:90a:1110:: with SMTP id d16mr21630300pja.29.1566225224455; Mon, 19 Aug 2019 07:33:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1566225224; cv=none; d=google.com; s=arc-20160816; b=rQcs48WzuEXEuiAkZBI+67d9bXjyFnEL3s3h7aZrr3Xjj5EMETFsYQLexhnpNNTK2P p7WvuXqwPSIvS7CO15lDOzaOmhV0PjdCl2ZF3AEZDA2znM4gHSSl6TceoM8uVJoOZDLU RnVSVBw7ClTYcc7A7jS65/+mxNEbkXIRmvqeHb1XW1Dwa4iVMdzH6PUSAoZ3Ox/kc9Mx Lrhd/cCAuFEMADIufZTMgqug4cP5aQ5OnZnVGPNSKqM3vF2/zT5uj6l5qRtXVywuWeEJ i4HUt0DlKej1TWnB7kk+ryfywmcjW281K9q59R9R7NysExW7G+bMD5suctNOypeQOw32 b95g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:message-id :in-reply-to:date:references:subject:cc:to:from; bh=zYrBeIyY3EufGnqHHZNN5cGQ1MGsJJnvRlaXt/LPvOw=; b=gbq5TbnGVa+y8FSVfgfBSwgmSwTfppAGVXAmIQlUl+rTxbs98AKDYU6MSVefHgtN65 X6p1WVodOor6s8mwc1wSY5ZfoTGMQlTk6e3t7/7smVB0VScn6rTjQDdVP39gTnqtaTBU GKEnzfZktvX+EUCoHkCK7Sk9UG5Qyc+2CUvb5xl1W+vwQ4orOYkJMXClKtZA70t97sso 2S81ZvXrhTw7SwRdRwGCXMmMjgvGdwZw3Baym+CXEozINrEizY3Sp532OlRzw5mk9xfD 3IoRAPDJwWL8sck4U5k38PPpsxnmlmqHSCe1GUP/K9w/FFZUBNa2FhSwpAy62Zb8fleW SrJQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t1si8881007pjy.39.2019.08.19.07.33.29; Mon, 19 Aug 2019 07:33:44 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726670AbfHSOcX (ORCPT + 99 others); Mon, 19 Aug 2019 10:32:23 -0400 Received: from mx1.redhat.com ([209.132.183.28]:41198 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726261AbfHSOcX (ORCPT ); Mon, 19 Aug 2019 10:32:23 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4804A300413D; Mon, 19 Aug 2019 14:32:23 +0000 (UTC) Received: from segfault.boston.devel.redhat.com (segfault.boston.devel.redhat.com [10.19.60.26]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C58AB1C930; Mon, 19 Aug 2019 14:32:22 +0000 (UTC) From: Jeff Moyer To: Dan Williams Cc: linux-nvdimm , Linux Kernel Mailing List Subject: Re: [PATCH 2/3] libnvdimm/security: Tighten scope of nvdimm->busy vs security operations References: <156583201347.2815870.4687949334637966672.stgit@dwillia2-desk3.amr.corp.intel.com> <156583202386.2815870.16611751329252858110.stgit@dwillia2-desk3.amr.corp.intel.com> X-PGP-KeyID: 1F78E1B4 X-PGP-CertKey: F6FE 280D 8293 F72C 65FD 5A58 1FF8 A7CA 1F78 E1B4 Date: Mon, 19 Aug 2019 10:32:22 -0400 In-Reply-To: (Dan Williams's message of "Fri, 16 Aug 2019 14:02:19 -0700") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.46]); Mon, 19 Aug 2019 14:32:23 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Dan Williams writes: > On Fri, Aug 16, 2019 at 1:49 PM Jeff Moyer wrote: >> >> Dan Williams writes: >> >> > The blanket blocking of all security operations while the DIMM is in >> > active use in a region is too restrictive. The only security operations >> > that need to be aware of the ->busy state are those that mutate the >> > state of data, i.e. erase and overwrite. >> > >> > Refactor the ->busy checks to be applied at the entry common entry point >> > in __security_store() rather than each of the helper routines. >> >> I'm not sure this buys you much. Did you test this on actual hardware >> to make sure your assumptions are correct? I guess the worst case is we >> get an "invalid security state" error back from the firmware.... >> >> Still, what's the motivation for this? > > The motivation was when I went to test setting the frozen state and > found that it complained about the DIMM being active. There's nothing > wrong with freezing security while the DIMM is mapped. ...but then I > somehow managed to write this generalized commit message that left out > the explicit failure I was worried about. Yes, moved too fast, but the > motivation is "allow freeze while active" and centralize the ->busy > check so it's just one function to review that common constraint. OK, thanks for the info. Reviewed-by: Jeff Moyer