[mirror_ubuntu-jammy-kernel.git] / include / linux / sed-opal.h

/*
 * Copyright © 2016 Intel Corporation
 *
 * Authors:
 *    Rafael Antognolli <rafael.antognolli@intel.com>
 *    Scott  Bauer      <scott.bauer@intel.com>
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms and conditions of the GNU General Public License,
 * version 2, as published by the Free Software Foundation.
 *
 * This program is distributed in the hope it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
 * more details.
 */

#ifndef LINUX_OPAL_H
#define LINUX_OPAL_H

#include <uapi/linux/sed-opal.h>
#include <linux/kernel.h>

/*
 * These constant values come from:
 * SPC-4 section
 * 6.30 SECURITY PROTOCOL IN command / table 265.
 */
enum {
	TCG_SECP_00 = 0,
	TCG_SECP_01,
};
struct opal_dev;

#define IO_BUFFER_LENGTH 2048
#define MAX_TOKS 64

typedef int (*opal_step)(struct opal_dev *dev);
typedef int (sec_send_recv)(struct opal_dev *ctx, u16 spsp, u8 secp,
			    void *buffer, size_t len, bool send);


enum opal_atom_width {
	OPAL_WIDTH_TINY,
	OPAL_WIDTH_SHORT,
	OPAL_WIDTH_MEDIUM,
	OPAL_WIDTH_LONG,
	OPAL_WIDTH_TOKEN
};

/*
 * Token defs derived from:
 * TCG_Storage_Architecture_Core_Spec_v2.01_r1.00
 * 3.2.2 Data Stream Encoding
 */
enum opal_response_token {
	OPAL_DTA_TOKENID_BYTESTRING = 0xe0,
	OPAL_DTA_TOKENID_SINT = 0xe1,
	OPAL_DTA_TOKENID_UINT = 0xe2,
	OPAL_DTA_TOKENID_TOKEN = 0xe3, /* actual token is returned */
	OPAL_DTA_TOKENID_INVALID = 0X0
};

/*
 * On the parsed response, we don't store again the toks that are already
 * stored in the response buffer. Instead, for each token, we just store a
 * pointer to the position in the buffer where the token starts, and the size
 * of the token in bytes.
 */
struct opal_resp_tok {
	const u8 *pos;
	size_t len;
	enum opal_response_token type;
	enum opal_atom_width width;
	union {
		u64 u;
		s64 s;
	} stored;
};

/*
 * From the response header it's not possible to know how many tokens there are
 * on the payload. So we hardcode that the maximum will be MAX_TOKS, and later
 * if we start dealing with messages that have more than that, we can increase
 * this number. This is done to avoid having to make two passes through the
 * response, the first one counting how many tokens we have and the second one
 * actually storing the positions.
 */
struct parsed_resp {
	int num;
	struct opal_resp_tok toks[MAX_TOKS];
};

/**
 * struct opal_dev - The structure representing a OPAL enabled SED.
 * @supported: Whether or not OPAL is supported on this controller.
 * @send_recv: The combined sec_send/sec_recv function pointer.
 * @opal_step: A series of opal methods that are necessary to complete a command.
 * @func_data: An array of parameters for the opal methods above.
 * @state: Describes the current opal_step we're working on.
 * @dev_lock: Locks the entire opal_dev structure.
 * @parsed: Parsed response from controller.
 * @prev_data: Data returned from a method to the controller.
 * @unlk_lst: A list of Locking ranges to unlock on this device during a resume.
 */
struct opal_dev {
	bool initialized;
	bool supported;
	sec_send_recv *send_recv;

	const opal_step *funcs;
	void **func_data;
	int state;
	struct mutex dev_lock;
	u16 comid;
	u32 hsn;
	u32 tsn;
	u64 align;
	u64 lowest_lba;

	size_t pos;
	u8 cmd[IO_BUFFER_LENGTH];
	u8 resp[IO_BUFFER_LENGTH];

	struct parsed_resp parsed;
	size_t prev_d_len;
	void *prev_data;

	struct list_head unlk_lst;
};

#ifdef CONFIG_BLK_SED_OPAL
bool opal_unlock_from_suspend(struct opal_dev *dev);
void init_opal_dev(struct opal_dev *opal_dev, sec_send_recv *send_recv);
int sed_ioctl(struct opal_dev *dev, unsigned int cmd, unsigned long ptr);

static inline bool is_sed_ioctl(unsigned int cmd)
{
	switch (cmd) {
	case IOC_OPAL_SAVE:
	case IOC_OPAL_LOCK_UNLOCK:
	case IOC_OPAL_TAKE_OWNERSHIP:
	case IOC_OPAL_ACTIVATE_LSP:
	case IOC_OPAL_SET_PW:
	case IOC_OPAL_ACTIVATE_USR:
	case IOC_OPAL_REVERT_TPR:
	case IOC_OPAL_LR_SETUP:
	case IOC_OPAL_ADD_USR_TO_LR:
	case IOC_OPAL_ENABLE_DISABLE_MBR:
	case IOC_OPAL_ERASE_LR:
	case IOC_OPAL_SECURE_ERASE_LR:
		return true;
	}
	return false;
}
#else
static inline bool is_sed_ioctl(unsigned int cmd)
{
	return false;
}

static inline int sed_ioctl(struct opal_dev *dev, unsigned int cmd,
			    unsigned long ptr)
{
	return 0;
}
static inline bool opal_unlock_from_suspend(struct opal_dev *dev)
{
	return false;
}
static inline void init_opal_dev(struct opal_dev *opal_dev,
				 sec_send_recv *send_recv)
{
	opal_dev->supported = false;
	opal_dev->initialized = true;
}
#endif /* CONFIG_BLK_SED_OPAL */
#endif /* LINUX_OPAL_H */
Commit	Line	Data
455a7b23 SB	1	/*
	2	* Copyright © 2016 Intel Corporation
	3	*
	4	* Authors:
	5	* Rafael Antognolli <rafael.antognolli@intel.com>
	6	* Scott Bauer <scott.bauer@intel.com>
	7	*
	8	* This program is free software; you can redistribute it and/or modify it
	9	* under the terms and conditions of the GNU General Public License,
	10	* version 2, as published by the Free Software Foundation.
	11	*
	12	* This program is distributed in the hope it will be useful, but WITHOUT
	13	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	14	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
	15	* more details.
	16	*/
	17
	18	#ifndef LINUX_OPAL_H
	19	#define LINUX_OPAL_H
	20
	21	#include <uapi/linux/sed-opal.h>
	22	#include <linux/kernel.h>
	23
	24	/*
	25	* These constant values come from:
	26	* SPC-4 section
	27	* 6.30 SECURITY PROTOCOL IN command / table 265.
	28	*/
	29	enum {
	30	TCG_SECP_00 = 0,
	31	TCG_SECP_01,
	32	};
	33	struct opal_dev;
	34
	35	#define IO_BUFFER_LENGTH 2048
	36	#define MAX_TOKS 64
	37
	38	typedef int (opal_step)(struct opal_dev dev);
	39	typedef int (sec_send_recv)(struct opal_dev *ctx, u16 spsp, u8 secp,
	40	void *buffer, size_t len, bool send);
	41
	42
	43	enum opal_atom_width {
	44	OPAL_WIDTH_TINY,
	45	OPAL_WIDTH_SHORT,
	46	OPAL_WIDTH_MEDIUM,
	47	OPAL_WIDTH_LONG,
	48	OPAL_WIDTH_TOKEN
	49	};
	50
	51	/*
	52	* Token defs derived from:
	53	* TCG_Storage_Architecture_Core_Spec_v2.01_r1.00
	54	* 3.2.2 Data Stream Encoding
	55	*/
	56	enum opal_response_token {
	57	OPAL_DTA_TOKENID_BYTESTRING = 0xe0,
	58	OPAL_DTA_TOKENID_SINT = 0xe1,
	59	OPAL_DTA_TOKENID_UINT = 0xe2,
	60	OPAL_DTA_TOKENID_TOKEN = 0xe3, /* actual token is returned */
	61	OPAL_DTA_TOKENID_INVALID = 0X0
	62	};
	63
	64	/*
65	* On the parsed response, we don't store again the toks that are already
66	* stored in the response buffer. Instead, for each token, we just store a
67	* pointer to the position in the buffer where the token starts, and the size
68	* of the token in bytes.
69	*/
70	struct opal_resp_tok {
71	const u8 *pos;
72	size_t len;
73	enum opal_response_token type;
74	enum opal_atom_width width;
75	union {
76	u64 u;
77	s64 s;
78	} stored;
79	};
80
81	/*
82	* From the response header it's not possible to know how many tokens there are
83	* on the payload. So we hardcode that the maximum will be MAX_TOKS, and later
84	* if we start dealing with messages that have more than that, we can increase
85	* this number. This is done to avoid having to make two passes through the
86	* response, the first one counting how many tokens we have and the second one
87	* actually storing the positions.
88	*/
89	struct parsed_resp {
90	int num;
91	struct opal_resp_tok toks[MAX_TOKS];
92	};
93
94	/**
95	* struct opal_dev - The structure representing a OPAL enabled SED.
96	* @supported: Whether or not OPAL is supported on this controller.
97	* @send_recv: The combined sec_send/sec_recv function pointer.
98	* @opal_step: A series of opal methods that are necessary to complete a command.
99	* @func_data: An array of parameters for the opal methods above.
100	* @state: Describes the current opal_step we're working on.
101	* @dev_lock: Locks the entire opal_dev structure.
102	* @parsed: Parsed response from controller.
103	* @prev_data: Data returned from a method to the controller.
104	* @unlk_lst: A list of Locking ranges to unlock on this device during a resume.
105	*/
106	struct opal_dev {
107	bool initialized;
108	bool supported;
109	sec_send_recv *send_recv;
110
111	const opal_step *funcs;
112	void **func_data;
113	int state;
114	struct mutex dev_lock;
115	u16 comid;
116	u32 hsn;
117	u32 tsn;
118	u64 align;
119	u64 lowest_lba;
120
121	size_t pos;
122	u8 cmd[IO_BUFFER_LENGTH];
123	u8 resp[IO_BUFFER_LENGTH];
124
125	struct parsed_resp parsed;
126	size_t prev_d_len;
127	void *prev_data;
128
129	struct list_head unlk_lst;
130	};
131
132	#ifdef CONFIG_BLK_SED_OPAL
133	bool opal_unlock_from_suspend(struct opal_dev *dev);
134	void init_opal_dev(struct opal_dev opal_dev, sec_send_recv send_recv);
135	int sed_ioctl(struct opal_dev *dev, unsigned int cmd, unsigned long ptr);
136
137	static inline bool is_sed_ioctl(unsigned int cmd)
138	{
139	switch (cmd) {
140	case IOC_OPAL_SAVE:
141	case IOC_OPAL_LOCK_UNLOCK:
142	case IOC_OPAL_TAKE_OWNERSHIP:
143	case IOC_OPAL_ACTIVATE_LSP:
144	case IOC_OPAL_SET_PW:
145	case IOC_OPAL_ACTIVATE_USR:
146	case IOC_OPAL_REVERT_TPR:
147	case IOC_OPAL_LR_SETUP:
148	case IOC_OPAL_ADD_USR_TO_LR:
149	case IOC_OPAL_ENABLE_DISABLE_MBR:
150	case IOC_OPAL_ERASE_LR:
151	case IOC_OPAL_SECURE_ERASE_LR:
152	return true;
153	}
154	return false;
155	}
156	#else
157	static inline bool is_sed_ioctl(unsigned int cmd)
158	{
159	return false;
160	}
161
162	static inline int sed_ioctl(struct opal_dev *dev, unsigned int cmd,
163	unsigned long ptr)
164	{
165	return 0;
166	}
167	static inline bool opal_unlock_from_suspend(struct opal_dev *dev)
168	{
169	return false;
170	}
171	static inline void init_opal_dev(struct opal_dev *opal_dev,
172	sec_send_recv *send_recv)
173	{
174	opal_dev->supported = false;
175	opal_dev->initialized = true;
176	}
177	#endif /* CONFIG_BLK_SED_OPAL */
178	#endif /* LINUX_OPAL_H */