Re: [PATCH] block: sed-opal: Change the check condition for regular session validity

"Derrick, Jonathan" <jonathan.derrick@xxxxxxxxx> · Fri, 28 Feb 2020 23:07:03 +0000

On Fri, 2020-02-28 at 16:01 -0700, Rajashekar, Revanth wrote:
> Hi Jon,
> 
> On 2/28/2020 3:57 PM, Derrick, Jonathan wrote:
> > Hi Revanth
> > 
> > On Fri, 2020-02-28 at 15:42 -0700, Revanth Rajashekar wrote:
> > > This patch changes the check condition for the validity/authentication
> > > of the session.
> > > 
> > > 1. The Host Session Number(HSN) in the response should match the HSN for
> > >    the session.
> > > 2. The TPER Session Number(TSN) can never be less than 4096 for a regular
> > >    session.
> > > 
> > > Reference:
> > > Section 3.2.2.1   of https://trustedcomputinggroup.org/wp-content/uploads/TCG_Storage_Opal_SSC_Application_Note_1-00_1-00-Final.pdf
> > > Section 3.3.7.1.1 of https://trustedcomputinggroup.org/wp-content/uploads/TCG_Storage_Architecture_Core_Spec_v2.01_r1.00.pdf
> > > 
> > > Co-developed-by: Andrzej Jakowski <andrzej.jakowski@xxxxxxxxxxxxxxx>
> > > Signed-off-by: Andrzej Jakowski <andrzej.jakowski@xxxxxxxxxxxxxxx>
> > > Signed-off-by: Revanth Rajashekar <revanth.rajashekar@xxxxxxxxx>
> > > ---
> > >  block/opal_proto.h | 1 +
> > >  block/sed-opal.c   | 2 +-
> > >  2 files changed, 2 insertions(+), 1 deletion(-)
> > > 
> > > diff --git a/block/opal_proto.h b/block/opal_proto.h
> > > index 325cbba2465f..27740baad61d 100644
> > > --- a/block/opal_proto.h
> > > +++ b/block/opal_proto.h
> > > @@ -36,6 +36,7 @@ enum opal_response_token {
> > > 
> > >  #define DTAERROR_NO_METHOD_STATUS 0x89
> > >  #define GENERIC_HOST_SESSION_NUM 0x41
> > > +#define RSVD_TPER_SESSION_NUM	4096
> > This seems confusing as it looks like 4096 the Reserved session rather
> > than 0-4095.
> > Can you name it appropriately?
> Sure, do you think INIT_TPER_SESSION_NUM would be appropriate..?
Init could be confused with Initialize
Maybe MIN_TPER_SESSION_NUM or FIRST_... ?

Thanks for thinking about this.

> > >  #define TPER_SYNC_SUPPORTED 0x01
> > >  #define MBR_ENABLED_MASK 0x10
> > > diff --git a/block/sed-opal.c b/block/sed-opal.c
> > > index 880cc57a5f6b..f2b61a868901 100644
> > > --- a/block/sed-opal.c
> > > +++ b/block/sed-opal.c
> > > @@ -1056,7 +1056,7 @@ static int start_opal_session_cont(struct opal_dev *dev)
> > >  	hsn = response_get_u64(&dev->parsed, 4);
> > >  	tsn = response_get_u64(&dev->parsed, 5);
> > > 
> > > -	if (hsn == 0 && tsn == 0) {
> > > +	if (hsn != GENERIC_HOST_SESSION_NUM || tsn < RSVD_TPER_SESSION_NUM) {
> > >  		pr_debug("Couldn't authenticate session\n");
> > >  		return -EPERM;
> > >  	}
> > > --
> > > 2.17.1
> > > 