This patch set aims to add ability to user authorities to read locking
range attributes.
It's achieved in two steps (except SUM enabled drives):
1) Patch IOC_OPAL_ADD_USR_TO_LR command so that user authority (together with
OPAL_ADMIN1) is added in ACE that allows getting locking range attributes.
2) Add new ioctl command IOC_OPAL_GET_LR_STATUS to get locking range
attributes to user authority assigned to specific locking range.
libcryptsetup plans to support OPAL2 drives and needs to verify locking
range parameters before device activation (LR unlock) takes place since
it's considered undesirable to have (for example) partition mapped beyond
locking range boundaries.
Changes since previous version:
v2:
- Mostly code style fixes (overly long lines)
- Refactored helper for adding user authorities in ACE (added boolean
operators defines, explained addition of boolean ace operator
when adding more than one user authority in ACE)
Ondrej Kozina (5):
sed-opal: do not add same authority twice in boolean ace.
sed-opal: add helper for adding user authorities in ACE.
sed-opal: allow user authority to get locking range attributes.
sed-opal: add helper to get multiple columns at once.
sed-opal: Add command to read locking range parameters.
block/opal_proto.h | 10 ++
block/sed-opal.c | 301 +++++++++++++++++++++++++++++-----
include/linux/sed-opal.h | 1 +
include/uapi/linux/sed-opal.h | 11 ++
4 files changed, 280 insertions(+), 43 deletions(-)
--
2.31.1
