Hi Revanth On Fri, 2020-02-28 at 15:42 -0700, Revanth Rajashekar wrote: > This patch changes the check condition for the validity/authentication > of the session. > > 1. The Host Session Number(HSN) in the response should match the HSN for > the session. > 2. The TPER Session Number(TSN) can never be less than 4096 for a regular > session. > > Reference: > Section 3.2.2.1 of https://trustedcomputinggroup.org/wp-content/uploads/TCG_Storage_Opal_SSC_Application_Note_1-00_1-00-Final.pdf > Section 3.3.7.1.1 of https://trustedcomputinggroup.org/wp-content/uploads/TCG_Storage_Architecture_Core_Spec_v2.01_r1.00.pdf > > Co-developed-by: Andrzej Jakowski <andrzej.jakowski@xxxxxxxxxxxxxxx> > Signed-off-by: Andrzej Jakowski <andrzej.jakowski@xxxxxxxxxxxxxxx> > Signed-off-by: Revanth Rajashekar <revanth.rajashekar@xxxxxxxxx> > --- > block/opal_proto.h | 1 + > block/sed-opal.c | 2 +- > 2 files changed, 2 insertions(+), 1 deletion(-) > > diff --git a/block/opal_proto.h b/block/opal_proto.h > index 325cbba2465f..27740baad61d 100644 > --- a/block/opal_proto.h > +++ b/block/opal_proto.h > @@ -36,6 +36,7 @@ enum opal_response_token { > > #define DTAERROR_NO_METHOD_STATUS 0x89 > #define GENERIC_HOST_SESSION_NUM 0x41 > +#define RSVD_TPER_SESSION_NUM 4096 This seems confusing as it looks like 4096 the Reserved session rather than 0-4095. Can you name it appropriately? > > #define TPER_SYNC_SUPPORTED 0x01 > #define MBR_ENABLED_MASK 0x10 > diff --git a/block/sed-opal.c b/block/sed-opal.c > index 880cc57a5f6b..f2b61a868901 100644 > --- a/block/sed-opal.c > +++ b/block/sed-opal.c > @@ -1056,7 +1056,7 @@ static int start_opal_session_cont(struct opal_dev *dev) > hsn = response_get_u64(&dev->parsed, 4); > tsn = response_get_u64(&dev->parsed, 5); > > - if (hsn == 0 && tsn == 0) { > + if (hsn != GENERIC_HOST_SESSION_NUM || tsn < RSVD_TPER_SESSION_NUM) { > pr_debug("Couldn't authenticate session\n"); > return -EPERM; > } > -- > 2.17.1 >
