January 2019 - Linux-nvdimm

[ndctl PATCH v2] ndctl/build: Fix config.h dependency

by Dan Williams

The config.h file needs to be rebuilt whenever ndctl/Makefile.am changes, not the top-level Makefile. This fixes some missed rebuild events when adding more definitions. This also concatenates the commands into one $(AM_V_GEN) statement so that there is only one "GEN config.h" line in the build output. Reported-by: Dave Jiang <dave.jiang(a)intel.com> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- Changes in v2: * While the previous fix appeared to work it didn't when I did the same for daxctl. Then I found what was actually wrong is that we were looking at the wrong level of the directory hierarchy for Makefile.am. * I also noticed that the build output emitted "GEN config.h" multiple times. ndctl/Makefile.am | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ndctl/Makefile.am b/ndctl/Makefile.am index f96f08974aa6..c7c1ac6ebef6 100644 --- a/ndctl/Makefile.am +++ b/ndctl/Makefile.am @@ -4,9 +4,9 @@ bin_PROGRAMS = ndctl DISTCLEANFILES = config.h BUILT_SOURCES = config.h -config.h: Makefile - $(AM_V_GEN) echo "/* Autogenerated by ndctl/Makefile.am */" >$@ - $(AM_V_GEN) echo '#define NDCTL_CONF_FILE \ +config.h: $(srcdir)/Makefile.am + $(AM_V_GEN) echo "/* Autogenerated by ndctl/Makefile.am */" >$@ && \ + echo '#define NDCTL_CONF_FILE \ "$(ndctl_monitorconfdir)/$(ndctl_monitorconf)"' >>$@ ndctl_SOURCES = ndctl.c \

1 year, 10 months

2
1
0 / 0

[ndctl PATCH] ndctl/build: Fix config.h dependency

by Dan Williams

The config.h file needs to be rebuilt whenever ndctl/Makefile.am changes, not necessarily ndctl/Makefile. This fixes some missed rebuild events when adding more definitions. Reported-by: Dave Jiang <dave.jiang(a)intel.com> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- ndctl/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ndctl/Makefile.am b/ndctl/Makefile.am index f96f08974aa6..97de1814ba96 100644 --- a/ndctl/Makefile.am +++ b/ndctl/Makefile.am @@ -4,7 +4,7 @@ bin_PROGRAMS = ndctl DISTCLEANFILES = config.h BUILT_SOURCES = config.h -config.h: Makefile +config.h: Makefile.am $(AM_V_GEN) echo "/* Autogenerated by ndctl/Makefile.am */" >$@ $(AM_V_GEN) echo '#define NDCTL_CONF_FILE \ "$(ndctl_monitorconfdir)/$(ndctl_monitorconf)"' >>$@

1 year, 10 months

1
0
0 / 0

[daxctl PATCH v2 0/2] daxctl: Opt-in to /sys/bus/dax ABI

by Dan Williams

Changes since v1 [1]: * Make the opt-in based on an explicit command rather than an implicit side-effect of installing a new daxctl. * Split the daxctl support from the patch implementing the opt-in * Rebase on command harness reworks and other ndctl cleanups [1]: https://lists.01.org/pipermail/linux-nvdimm/2018-November/018677.html --- Quote patch2: The kernel is implementing a '/sys/bus/dax' ABI to allow for alternate device-DAX drivers to be bound to device instances. While the kernel conversion to '/sys/bus/dax' does not effect the primary ndctl use case of putting namespaces into 'devdax' mode since that uses libnvdimm namespace device relative paths, it does break current implementations of 'ndctl list -X' and 'daxctl list'. It is also known to break fio and some pmdk versions that explicitly reference "/sys/class/dax". In order to avoid userspace regressions the kernel can be configured to maintain '/sys/class/dax' as the default ABI. However, once all '/sys/class/dax' users have been converted, or removed from the installation, an administrator can opt-in to the new '/sys/bus/dax' ABI. The 'dax migrate-device-model' command installs a modprobe rule to blacklist the dax_pmem_compat module and arrange for the dax_pmem module to auto-load in response to the detection of device-DAX instances emitted from the libnvdimm subsystem. --- Dan Williams (2): daxctl: Support the /sys/bus/dax ABI daxctl: Opt-in to /sys/bus/dax ABI .gitignore | 1 Documentation/daxctl/Makefile.am | 3 + .../daxctl/daxctl-migrate-device-model.txt | 47 +++++++++++++ configure.ac | 5 + daxctl/Makefile.am | 10 +++ daxctl/builtin.h | 1 daxctl/daxctl.c | 1 daxctl/lib/Makefile.am | 2 + daxctl/lib/daxctl.conf | 2 + daxctl/lib/libdaxctl-private.h | 11 +++ daxctl/lib/libdaxctl.c | 70 ++++++++++++++------ daxctl/migrate.c | 41 ++++++++++++ ndctl.spec.in | 1 util/sysfs.c | 2 - 14 files changed, 175 insertions(+), 22 deletions(-) create mode 100644 Documentation/daxctl/daxctl-migrate-device-model.txt create mode 100644 daxctl/lib/daxctl.conf create mode 100644 daxctl/migrate.c

1 year, 10 months

2
4
0 / 0

[PATCH v8 00/12] ndctl: add security support

by Dave Jiang

The following series implements mechanisms that utilize the sysfs knobs provided by the kernel in order to support the Intel DSM v1.8 spec that provides security to NVDIMM. The following abilities are added: 1. display security state 2. enable/update passphrase 3. disable passphrase 4. freeze security 5. secure erase 6. overwrite 7. master passphrase enable/update v8: - Additional cleanup on test script. (Vishal) - Change load-keys script into internal command for ndctl. (Dan) v7: - Added option to provide path to key directory. (Vishal) - Cleaned up shell scripts. (Vishal) - Cleaned up documentation. (Vishal) - Addressed various comments from Vishal. v6: - Fix spelling and grammar errors for documentation. (Jing) - Change bool for indicate master passphrase and old passphrase to enum. - Fix key load script master key name. - Update to match v15 of kernel patch series. v5: - Updated to match latest kernel interface (encrypted keys) - Added overwrite support - Added support for DSM v1.8 master passphrase operations - Removed upcall related code - Moved security state to enum (Dan) - Change security output "security_state" to just "security". (Dan) - Break out enable and update passphrase operation. (Dan) - Security build can be compiled out when keyutils does not exist. (Dan) - Move all keyutils related operations to libndctl. (Dan) v4: - Updated to match latest kernel interface. - Added unit test for all security calls v3: - Added support to inject keys in order to update nvdimm security. v2: - Fixup the upcall util to match recent kernel updates for nvdimm security. --- Dave Jiang (12): ndctl: add support for display security state ndctl: add passphrase update to ndctl ndctl: add disable security support ndctl: add support for freeze security ndctl: add support for sanitize dimm ndctl: add unit test for security ops (minus overwrite) ndctl: add modprobe conf file and load-keys ndctl command ndctl: add overwrite operation support ndctl: add wait-overwrite support ndctl: master phassphrase management support ndctl: add master secure erase support ndctl: documentation for security and key management Documentation/ndctl/Makefile.am | 9 Documentation/ndctl/intel-nvdimm-security.txt | 140 ++++++ Documentation/ndctl/ndctl-disable-passphrase.txt | 35 + Documentation/ndctl/ndctl-enable-passphrase.txt | 49 ++ Documentation/ndctl/ndctl-freeze-security.txt | 22 + Documentation/ndctl/ndctl-list.txt | 8 Documentation/ndctl/ndctl-sanitize-dimm.txt | 50 ++ Documentation/ndctl/ndctl-update-passphrase.txt | 45 ++ Documentation/ndctl/ndctl-wait-overwrite.txt | 31 + Makefile.am | 4 configure.ac | 19 + contrib/nvdimm-security.conf | 1 ndctl.spec.in | 3 ndctl/Makefile.am | 6 ndctl/builtin.h | 7 ndctl/dimm.c | 259 ++++++++++- ndctl/lib/Makefile.am | 8 ndctl/lib/dimm.c | 202 ++++++++ ndctl/lib/keys.c | 528 ++++++++++++++++++++++ ndctl/lib/libndctl.sym | 20 + ndctl/libndctl.h | 84 ++++ ndctl/load-keys.c | 260 +++++++++++ ndctl/ndctl.c | 7 test/Makefile.am | 4 test/security.sh | 197 ++++++++ util/json.c | 31 + 26 files changed, 2015 insertions(+), 14 deletions(-) create mode 100644 Documentation/ndctl/intel-nvdimm-security.txt create mode 100644 Documentation/ndctl/ndctl-disable-passphrase.txt create mode 100644 Documentation/ndctl/ndctl-enable-passphrase.txt create mode 100644 Documentation/ndctl/ndctl-freeze-security.txt create mode 100644 Documentation/ndctl/ndctl-sanitize-dimm.txt create mode 100644 Documentation/ndctl/ndctl-update-passphrase.txt create mode 100644 Documentation/ndctl/ndctl-wait-overwrite.txt create mode 100644 contrib/nvdimm-security.conf create mode 100644 ndctl/lib/keys.c create mode 100644 ndctl/load-keys.c create mode 100755 test/security.sh -- Signature

1 year, 10 months

5
22
0 / 0

PMEM error-handling forces SIGKILL causes kernel panic

by Jane Chu

Hi, Dan, Sorry for the late report. We recently saw panics from PMEM error handling, here are the log messages and stack trace. "<--" are added by me. > [ 4488.098830] mce: Uncorrected hardware memory error in user-access at a6ec46f8 <-- > [ 4488.131625] Memory failure: 0xa6ec46f: forcibly killing ora_pmon_tpcc1:84778 > [ 4488.144326] Memory failure: 0xa6ec46f: forcibly killing ora_clmn_tpcc1:84780 <-- SIGKILL > [ 4488.156965] Memory failure: 0xa6ec46f: forcibly killing ora_psp0_tpcc1:84782 > [ 4488.169608] Memory failure: 0xa6ec46f: forcibly killing ora_ipc0_tpcc1:84785 > [ 4488.182210] Memory failure: 0xa6ec46f: forcibly killing ora_vktm_tpcc1:84793 > [ 4488.194924] Memory failure: 0xa6ec46f: forcibly killing ora_gen0_tpcc1:84797 > [ 4488.207212] Memory failure: 0xa6ec46f: forcibly killing ora_mman_tpcc1:84799 > [ 4488.220168] Memory failure: 0xa6ec46f: forcibly killing ora_scmn_tpcc1:84803 > [ 4488.232974] Memory failure: 0xa6ec46f: forcibly killing ora_diag_tpcc1:84806 > [ 4488.245660] Memory failure: 0xa6ec46f: forcibly killing ora_scmn_tpcc1:84808 .. > [ 4488.595847] BUG: unable to handle kernel NULL pointer dereference at 00000000 <-- > [ 4488.604834] IP: _raw_spin_lock_irqsave+0x27/0x48 <-- task->sighand->siglock is NULL > [ 4488.610079] PGD 51ef45067 P4D 51ef45067 PUD 51ef44067 PMD 0 > [ 4488.616514] Oops: 0002 [#1] SMP NOPTI <-- 2'010: no-page/write/kernel-mode > [ 4488.620674] Modules linked in: xt_CHECKSUM iptable_mangle ipt_MASQUERADE nf_n > [ 4488.712640] lpc_ich shpchp wmi pcc_cpufreq dm_multipath binfmt_misc sg fuse > [ 4488.749400] CPU: 2 PID: 296408 Comm: oracle_296408_t Tainted: G M > [ 4488.764383] Hardware name: Oracle Corporation ORACLE SERVER X8-2/ASM,MB,X8-2, > [ 4488.778955] task: ffff997ccab28000 task.stack: ffffb9b832944000 > [ 4488.789802] RIP: 0010:_raw_spin_lock_irqsave+0x27/0x48 > [ 4488.799874] RSP: 0018:ffffb9b832947d28 EFLAGS: 00010046 > [ 4488.810071] RAX: 0000000000000000 RBX: 0000000000000808 RCX: 0000000000000000 > [ 4488.822959] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000808 > [ 4488.835375] RBP: ffffb9b832947d38 R08: 0000000000000000 R09: 00000000000052bb > [ 4488.847854] R10: 0000000000000001 R11: 0000000000aaaaaa R12: 0000000000000246 > [ 4488.860446] R13: 0000000000000004 R14: 0000000000000001 R15: 0000000000000009 > [ 4488.872994] FS: 00007fa0f17533c0(0000) GS:ffff98ba00680000(0000) knlGS:00000 > [ 4488.886705] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [ 4488.897877] CR2: 0000000000000808 CR3: 000000051146a004 CR4: 00000000007606e0 > [ 4488.910774] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > [ 4488.923665] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > [ 4488.936517] PKRU: 55555554 > [ 4488.944467] Call Trace: > [ 4488.952152] force_sig_info+0x2e/0xde > [ 4488.961266] force_sig+0x16/0x18 > [ 4488.970568] kill_procs+0x15b/0x1a0 <-- forcing SIGKILL to the user process <-- due to tk->addr_valid=0 which means rmap() <-- can't find a 'vma' hosting the offending <-- 'pfn', because the process has exited by now. > [ 4488.979601] memory_failure+0x1dd/0x235 > [ 4488.989071] do_machine_check+0x738/0xc89 > [ 4488.998739] ? devm_free_irq+0x22/0x71 > [ 4489.008129] ? machine_check+0x115/0x124 > [ 4489.017708] do_mce+0x15/0x17 > [ 4489.026260] machine_check+0x11f/0x124 > [ 4489.035725] RIP: 0033:0x1253b9e6 > [ 4489.044695] RSP: 002b:00007ffc205c1600 EFLAGS: 00010246 > [ 4489.055964] RAX: 000000000000384d RBX: 0000000000000003 RCX: 000000000000002f > [ 4489.069509] RDX: 0000000000000007 RSI: 0000000000003f12 RDI: 0000000000003786 > [ 4489.083065] RBP: 00007ffc205c16a0 R08: 0000009fa526c0e4 R09: 0000009fa526c064 > [ 4489.096672] R10: 0000000000000000 R11: 0000000000000000 R12: 0000009fa526c086 > [ 4489.110342] R13: 00007fa0eb399c08 R14: 0000000000000015 R15: 0000009fa526f8b1 > [ 4489.124026] Code: 00 00 00 00 0f 1f 44 00 00 55 48 89 e5 41 54 53 48 89 fb 9c > [ 4489.156598] RIP: _raw_spin_lock_irqsave+0x27/0x48 RSP: ffffb9b832947d28 After reboot, the offending 'pfn' is recorded in the 'badblock' record in namespace0.0. > "dev":"namespace0.0", > "mode":"fsdax", > "map":"dev", > "size":799063146496, > "uuid":"bf8dc912-e8c2-4099-8571-b0cc32cc9f68", > "blockdev":"pmem0", > "badblock_count":1, > "badblocks":[ > { > "offset":969675644, <-- XXX > "length":1, > "dimms":[ > "nmem4" > ] Per /proc/iomem - 03060000000 - 0ed5fffffff pmem0 pmem0 is region0 with size = 811748818944, namespace0.0 was created over the entire region0, usable size = 799063146496 so the metadata took (811748818944 - 799063146496) = 0x2F4200000 bytes badblock address: (969675644 * 512) + 0x2F4200000 + 0x3060000000 = 0xa6ec46f800 offending 'pfn': 0xa6ec46f at starting address 0xa6ec46f000. Some additional information worth to be noted here: 1. The workload consists many processes forming a group sharing the mmap'ed pmem0 region, processes do 'load' and 'store' to the shared region; 2. If any process encounters a fatal signal (such as SIGBUS), it shoots down the other processes in the group. 3. The hardware consists the latest revision CPU and Intel NVDIMM, we suspected the CPU faulty because it generated MCE over PMEM UE in a unlikely high rate for any reasonable NVDIMM (like a few per 24hours). After swapping the CPU, the problem stopped reproducing. But one could argue that perhaps the faulty CPU exposed a small race window from collect_procs() to unmap_mapping_range() and to kill_procs(), hence caught the kernel PMEM error handler off guard. Also note, the same workload on the same faulty CPU were run on Linux prior to the 4.19 PMEM error handling and did not encounter kernel crash, probably because the prior HWPOISON handler did not force SIGKILL? Should we not to force the SIGKILL, or find a way to close the race window? Thanks, -jane

1 year, 10 months

4
9
0 / 0

nvdimm crash at boot

by Kees Cook

This is a warn that I added to fail more gracefully (sorry for whitespace damage): diff --git a/drivers/nvdimm/dimm_devs.c b/drivers/nvdimm/dimm_devs.c index 4890310df874..1161b994b1ec 100644 --- a/drivers/nvdimm/dimm_devs.c +++ b/drivers/nvdimm/dimm_devs.c @@ -516,6 +516,8 @@ static umode_t nvdimm_visible(struct kobject *kobj, struct attribute *a, int n) return a->mode; if (nvdimm->sec.state < 0) return 0; + if (WARN_ON_ONCE(!nvdimm->sec.ops)) + return 0; /* Are there any state mutation ops? */ if (nvdimm->sec.ops->freeze || nvdimm->sec.ops->disable || nvdimm->sec.ops->change_key Without it, I would crash at boot due to the sec.ops dereference. It's not clear to me if there is a better solution than just the sec.ops NULL test (i.e. should it ever be NULL?) [ 1.393599] WARNING: CPU: 3 PID: 484 at drivers/nvdimm/dimm_devs.c:519 nvdimm_visible+0x79/0x80 [ 1.393858] Modules linked in: [ 1.393858] CPU: 3 PID: 484 Comm: kworker/u8:3 Not tainted 5.0.0-rc1+ #926 [ 1.393858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014 [ 1.396781] Workqueue: events_unbound async_run_entry_fn [ 1.396781] RIP: 0010:nvdimm_visible+0x79/0x80 [ 1.396781] Code: e8 4c fc ff ff eb c7 48 83 78 20 00 75 e6 48 83 78 10 00 75 df 48 83 78 28 00 75 d8 48 83 78 30 00 75 d1 b8 24 01 00 00 eb b1 <0f> 0b eb ad 0f 1f 00 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 [ 1.396781] RSP: 0000:ffffb911803abd00 EFLAGS: 00010246 [ 1.396781] RAX: 0000000000000000 RBX: ffffffff98cf5a80 RCX: 00000000000001a4 [ 1.396781] RDX: 0000000000000004 RSI: ffffffff98cf5a80 RDI: ffff94e7ed088028 [ 1.396781] RBP: ffffb911803abd10 R08: 0000000000000000 R09: 0000000000000001 [ 1.396781] R10: ffffb911803abaf8 R11: 0000000000000000 R12: ffff94e7ed088028 [ 1.396781] R13: ffff94e7ed088028 R14: ffffffff98cf5a60 R15: 0000000000000000 [ 1.396781] FS: 0000000000000000(0000) GS:ffff94e7efb80000(0000) knlGS:0000000000000000 [ 1.396781] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1.396781] CR2: 00000000ffffffff CR3: 0000000150822001 CR4: 00000000001606e0 [ 1.396781] Call Trace: [ 1.396781] internal_create_group+0xf4/0x380 [ 1.396781] sysfs_create_groups+0x46/0xb0 [ 1.396781] device_add+0x331/0x680 [ 1.396781] nd_async_device_register+0x15/0x60 [ 1.396781] async_run_entry_fn+0x38/0x100 [ 1.396781] process_one_work+0x22b/0x5a0 [ 1.396781] worker_thread+0x3f/0x3b0 [ 1.396781] kthread+0x12b/0x150 [ 1.396781] ? process_one_work+0x5a0/0x5a0 [ 1.396781] ? kthread_park+0xa0/0xa0 [ 1.396781] ret_from_fork+0x24/0x30 [ 1.396781] irq event stamp: 952 [ 1.396781] hardirqs last enabled at (951): [<ffffffff973f5cb4>] __slab_alloc.constprop.79+0x44/0x70 [ 1.396781] hardirqs last disabled at (952): [<ffffffff97201cf0>] trace_hardirqs_off_thunk+0x1a/0x1c [ 1.396781] softirqs last enabled at (0): [<ffffffff97267ae3>] copy_process.part.55+0x413/0x1f10 [ 1.396781] softirqs last disabled at (0): [<0000000000000000>] (null) [ 1.396781] ---[ end trace 5608ce056f09564f ]--- I assume this crash is due to be using nvdimm without any special markings (i.e. I'm using it crudely with pstore), in KVM: RAM_SIZE=16384 NVDIMM_SIZE=128 MAX_SIZE=$(( RAM_SIZE + NVDIMM_SIZE )) sudo qemu-system-x86_64 \ ... -machine pc,nvdimm \ -m ${RAM_SIZE}M,slots=2,maxmem=${MAX_SIZE}M \ -object memory-backend-file,id=mem1,share=on,mem-path=nvdimm.img,size=${NVDIMM_SIZE}M,align=128M \ -device nvdimm,id=nvdimm1,memdev=mem1 \ ... -append '... ramoops.mem_size=1048576 ramoops.ecc=1 ramoops.mem_address=0x440000000 ramoops.console_size=16384 ramoops.ftrace_size=16384 ramoops.pmsg_size=16384 ramoops.record_size=32768' I assume 37833fb7989a9 ("acpi/nfit, libnvdimm: Add freeze security support to Intel nvdimm") was where it started, but I didn't actually bisect. -- Kees Cook

1 year, 10 months

3
7
0 / 0

[PATCH v7 00/12] ndctl: add security support

by Dave Jiang

The following series implements mechanisms that utilize the sysfs knobs provided by the kernel in order to support the Intel DSM v1.8 spec that provides security to NVDIMM. The following abilities are added: 1. display security state 2. enable/update passphrase 3. disable passphrase 4. freeze security 5. secure erase 6. overwrite 7. master passphrase enable/update v7: - Added option to provide path to key directory. (Vishal) - Cleaned up shell scripts. (Vishal) - Cleaned up documentation. (Vishal) - Addressed various comments from Vishal. v6: - Fix spelling and grammar errors for documentation. (Jing) - Change bool for indicate master passphrase and old passphrase to enum. - Fix key load script master key name. - Update to match v15 of kernel patch series. v5: - Updated to match latest kernel interface (encrypted keys) - Added overwrite support - Added support for DSM v1.8 master passphrase operations - Removed upcall related code - Moved security state to enum (Dan) - Change security output "security_state" to just "security". (Dan) - Break out enable and update passphrase operation. (Dan) - Security build can be compiled out when keyutils does not exist. (Dan) - Move all keyutils related operations to libndctl. (Dan) v4: - Updated to match latest kernel interface. - Added unit test for all security calls v3: - Added support to inject keys in order to update nvdimm security. v2: - Fixup the upcall util to match recent kernel updates for nvdimm security. --- Dave Jiang (12): ndctl: add support for display security state ndctl: add passphrase update to ndctl ndctl: add disable security support ndctl: add support for freeze security ndctl: add support for sanitize dimm ndctl: add unit test for security ops (minus overwrite) ndctl: setup modprobe rules ndctl: add overwrite operation support ndctl: add wait-overwrite support ndctl: master phassphrase management support ndctl: add master secure erase support ndctl: documentation for security and key management Documentation/ndctl/Makefile.am | 8 Documentation/ndctl/intel-nvdimm-security.txt | 140 ++++++ Documentation/ndctl/ndctl-disable-passphrase.txt | 34 + Documentation/ndctl/ndctl-enable-passphrase.txt | 49 ++ Documentation/ndctl/ndctl-freeze-security.txt | 22 + Documentation/ndctl/ndctl-list.txt | 8 Documentation/ndctl/ndctl-sanitize-dimm.txt | 49 ++ Documentation/ndctl/ndctl-update-passphrase.txt | 45 ++ Documentation/ndctl/ndctl-wait-overwrite.txt | 31 + Makefile.am | 10 configure.ac | 19 + contrib/ndctl-loadkeys.sh | 25 + contrib/nvdimm_modprobe.conf | 1 ndctl.spec.in | 2 ndctl/Makefile.am | 3 ndctl/builtin.h | 6 ndctl/dimm.c | 259 +++++++++++ ndctl/lib/Makefile.am | 8 ndctl/lib/dimm.c | 202 +++++++++ ndctl/lib/keys.c | 512 ++++++++++++++++++++++ ndctl/lib/libndctl.sym | 19 + ndctl/libndctl.h | 79 +++ ndctl/ndctl.c | 6 test/Makefile.am | 4 test/security.sh | 203 +++++++++ util/json.c | 31 + 26 files changed, 1762 insertions(+), 13 deletions(-) create mode 100644 Documentation/ndctl/intel-nvdimm-security.txt create mode 100644 Documentation/ndctl/ndctl-disable-passphrase.txt create mode 100644 Documentation/ndctl/ndctl-enable-passphrase.txt create mode 100644 Documentation/ndctl/ndctl-freeze-security.txt create mode 100644 Documentation/ndctl/ndctl-sanitize-dimm.txt create mode 100644 Documentation/ndctl/ndctl-update-passphrase.txt create mode 100644 Documentation/ndctl/ndctl-wait-overwrite.txt create mode 100755 contrib/ndctl-loadkeys.sh create mode 100644 contrib/nvdimm_modprobe.conf create mode 100644 ndctl/lib/keys.c create mode 100755 test/security.sh --

1 year, 10 months

4
22
0 / 0

[ndctl PATCH] ndctl, rpm: Mark monitor.conf as a configuration file

by Dan Williams

In case a user has made local modifications to /etc/ndctl/monitor.conf, instrument the spec file to not clobber those changes. Cc: Qi Fuli <qi.fuli(a)jp.fujitsu.com> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- ndctl.spec.in | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ndctl.spec.in b/ndctl.spec.in index 26396d4abad7..bc4d65c1f988 100644 --- a/ndctl.spec.in +++ b/ndctl.spec.in @@ -117,9 +117,10 @@ make check %{_bindir}/ndctl %{_mandir}/man1/ndctl* %{bashcompdir}/ -%{_sysconfdir}/ndctl/monitor.conf %{_unitdir}/ndctl-monitor.service +%config(noreplace) %{_sysconfdir}/ndctl/monitor.conf + %files -n daxctl %defattr(-,root,root) %license util/COPYING licenses/BSD-MIT licenses/CC0

1 year, 10 months

2
1
0 / 0

[ndctl PATCH] ndctl: Introduce ndctl/config.h

by Dan Williams

The AC_DEFINE_QUOTED scheme falls over if the autoconf variable requires expansion. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=385769. Define a config.h file autogenerated by the build system and let 'make' do the variable expansion. Cc: Qi Fuli <qi.fuli(a)jp.fujitsu.com> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- .gitignore | 1 + configure.ac | 2 -- ndctl/Makefile.am | 7 +++++++ ndctl/monitor.c | 1 + 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 0baace4b457e..5a3d8e4507e5 100644 --- a/.gitignore +++ b/.gitignore @@ -23,6 +23,7 @@ daxctl/lib/libdaxctl.la daxctl/lib/libdaxctl.lo daxctl/lib/libdaxctl.pc *.a +ndctl/config.h ndctl/lib/libndctl.pc ndctl/ndctl rhel/ diff --git a/configure.ac b/configure.ac index aa07ec7bc870..a02a2d80e1d5 100644 --- a/configure.ac +++ b/configure.ac @@ -158,8 +158,6 @@ ndctl_monitorconfdir=${sysconfdir}/ndctl ndctl_monitorconf=monitor.conf AC_SUBST([ndctl_monitorconfdir]) AC_SUBST([ndctl_monitorconf]) -AC_DEFINE_UNQUOTED(NDCTL_CONF_FILE, ["$ndctl_monitorconfdir/$ndctl_monitorconf"], - [default ndctl monitor conf path]) my_CFLAGS="\ -Wall \ diff --git a/ndctl/Makefile.am b/ndctl/Makefile.am index ff01e0688afd..f96f08974aa6 100644 --- a/ndctl/Makefile.am +++ b/ndctl/Makefile.am @@ -2,6 +2,13 @@ include $(top_srcdir)/Makefile.am.in bin_PROGRAMS = ndctl +DISTCLEANFILES = config.h +BUILT_SOURCES = config.h +config.h: Makefile + $(AM_V_GEN) echo "/* Autogenerated by ndctl/Makefile.am */" >$@ + $(AM_V_GEN) echo '#define NDCTL_CONF_FILE \ + "$(ndctl_monitorconfdir)/$(ndctl_monitorconf)"' >>$@ + ndctl_SOURCES = ndctl.c \ bus.c \ create-nfit.c \ diff --git a/ndctl/monitor.c b/ndctl/monitor.c index 233f2bbd9b55..0daba0e96306 100644 --- a/ndctl/monitor.c +++ b/ndctl/monitor.c @@ -10,6 +10,7 @@ #include <util/util.h> #include <util/parse-options.h> #include <util/strbuf.h> +#include <ndctl/config.h> #include <ndctl/ndctl.h> #include <ndctl/libndctl.h> #include <sys/epoll.h>

1 year, 10 months

2
1
0 / 0

[ndctl PATCH] ndctl/init-labels: Fix label slot accounting per UEFI 2.7

by Dan Williams

Quoting from Linux kernel commit 9e694d9c18dd "libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7": sizeof_namespace_index() fails when NVDIMM devices have the minimum 1024 bytes label storage area. nvdimm_num_label_slots() returns 3 slots while the area is only big enough for 2 slots. Change nvdimm_num_label_slots() to calculate a number of label slots according to UEFI 2.7 spec. Without this fix attempts to initialize labels on a small (1K) label area results in the following: libndctl: sizeof_namespace_index: nmem2: label area (1024) too small to host (128 byte) labels libndctl: sizeof_namespace_index: nmem2: label area (1024) too small to host (256 byte) labels Based on an original patch by Toshi Kani Fixes: bdaec95463ca ("ndctl: introduce ndctl_dimm_{validate_labels,init_labels}") Reported-by: Sujith Pandel <sujith_pandel(a)dell.com> Link: https://github.com/pmem/ndctl/issues/78 Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- ndctl/lib/dimm.c | 35 +++++++++++++++++++++++++---------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/ndctl/lib/dimm.c b/ndctl/lib/dimm.c index 79e2ca0aa5e2..beb67890a2df 100644 --- a/ndctl/lib/dimm.c +++ b/ndctl/lib/dimm.c @@ -66,9 +66,27 @@ static unsigned int sizeof_namespace_label(struct nvdimm_data *ndd) return ndctl_dimm_sizeof_namespace_label(to_dimm(ndd)); } +static size_t __sizeof_namespace_index(u32 nslot) +{ + return ALIGN(sizeof(struct namespace_index) + DIV_ROUND_UP(nslot, 8), + NSINDEX_ALIGN); +} + +static int __nvdimm_num_label_slots(struct nvdimm_data *ndd, + size_t index_size) +{ + return (ndd->config_size - index_size * 2) / + sizeof_namespace_label(ndd); +} + static int nvdimm_num_label_slots(struct nvdimm_data *ndd) { - return ndd->config_size / (sizeof_namespace_label(ndd) + 1); + u32 tmp_nslot, n; + + tmp_nslot = ndd->config_size / sizeof_namespace_label(ndd); + n = __sizeof_namespace_index(tmp_nslot) / NSINDEX_ALIGN; + + return __nvdimm_num_label_slots(ndd, NSINDEX_ALIGN * n); } static unsigned int sizeof_namespace_index(struct nvdimm_data *ndd) @@ -78,18 +96,15 @@ static unsigned int sizeof_namespace_index(struct nvdimm_data *ndd) struct ndctl_ctx *ctx = ndctl_dimm_get_ctx(dimm); /* - * The minimum index space is 512 bytes, with that amount of - * index we can describe ~1400 labels which is less than a byte - * of overhead per label. Round up to a byte of overhead per - * label and determine the size of the index region. Yes, this - * starts to waste space at larger config_sizes, but it's - * unlikely we'll ever see anything but 128K. + * Per UEFI 2.7, the minimum size of the Label Storage Area is + * large enough to hold 2 index blocks and 2 labels. The + * minimum index block size is 256 bytes, and the minimum label + * size is 256 bytes. */ nslot = nvdimm_num_label_slots(ndd); space = ndd->config_size - nslot * sizeof_namespace_label(ndd); - size = ALIGN(sizeof(struct namespace_index) + DIV_ROUND_UP(nslot, 8), - NSINDEX_ALIGN) * 2; - if (size <= space) + size = __sizeof_namespace_index(nslot) * 2; + if (size <= space && nslot >= 2) return size / 2; err(ctx, "%s: label area (%ld) too small to host (%d byte) labels\n",

1 year, 10 months

2
1
0 / 0

2020

2019

2018

2017

2016

2015

2014

Linux-nvdimm January 2019