Re: [PATCH v2 08/11] block: sed-opal: ioctl for writing to shadow mbr
From: Jonas Rabenstein <hidden>
Date: 2018-03-21 01:43:38
Also in:
lkml
On Tue, Mar 20, 2018 at 04:09:08PM -0600, Scott Bauer wrote:
On Tue, Mar 20, 2018 at 10:36:04AM +0100, Jonas Rabenstein wrote:quoted
On Mon, Mar 19, 2018 at 08:52:24PM +0100, Christoph Hellwig wrote:quoted
On Mon, Mar 19, 2018 at 07:36:50PM +0100, Jonas Rabenstein wrote:quoted
Allow modification of the shadow mbr. If the shadow mbr is not marked as done, this data will be presented read only as the device content. Only after marking the shadow mbr as done and unlocking a locking range the actual content is accessible.I hate doing this as an ioctls. Can we make this a sysfs binary file so that people can use dd or cat to write the shadow mbr?I already thought about providing a sysfs interface for all that instead of using ioctls. But as I am pretty new to kernel programming I do not have all the required insight. Especially, as writing the mbr requires the sed-opal password I am unsure how a clean sysfs interface to provide the password together with a simple dd would look like. Moreover I already have a patch that changes the 'void *data' argument to setup_opal_dev to a kobject pointer. As far as I know, this is the first step to get into the sysfs hierarchy. But as I do not have access to an NVMe drive and have no idea about its implementation, this change works only for the scsi side.Post what you have as an RFC (review for comment) and I will test for the NVMe side, and or start a port for NVMe. It doesn't have to be perfect since you're sending it out as RFC. It's just a base for us to test/look at to see if we still like the sysfs way.
Seems, like I failed to make my point in the previous message. I do not have more than adding a directory 'sed_opal' in sysfs for each sed-opal enabled disk. But that directory is completely empty. My further plans are, to fill up that directory with some public info like the one that gets printed by a call to TCG's 'sedutil-cli --query' command. The interesting part - where I am clueless how to achieve it - would be to have a binary sysfs attribute (like mentioned by Christoph) for the features (like shadow mbr) requiring some kind of authentication. Until there is any (good) idea, I do not think it is time for an RFC? -- Jonas