cxl/security: Drop security command ioctl uapi

CXL PMEM security operations are routed through the NVDIMM sysfs
interface. For this reason the corresponding commands are marked
"exclusive" to preclude collisions between the ioctl ABI and the sysfs
ABI. However, a better way to preclude that collision is to simply
remove the ioctl ABI (command-id definitions) for those operations.

Now that cxl_internal_send_cmd() (formerly cxl_mbox_send_cmd()) no
longer needs to talk the cxl_mem_commands array, all of the uapi
definitions for the security commands can be dropped.

These never appeared in a released kernel, so no regression risk.

Reviewed-by: Dave Jiang <dave.jiang@intel.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Link: https://lore.kernel.org/r/167030056464.4044561.11486507095384253833.stgit@dwillia2-xfh.jf.intel.com
Signed-off-by: Dan Williams <dan.j.williams@intel.com>

diff --git a/drivers/cxl/core/mbox.c b/drivers/cxl/core/mbox.c
index c36a3589377a4449bd57ecbdf561a4acc7005ef3..b03fba21279931661b5bebcc4a330058bb00625e 100644 (file)
--- a/drivers/cxl/core/mbox.c
+++ b/drivers/cxl/core/mbox.c
@@ -65,12 +65,6 @@ static struct cxl_mem_command cxl_mem_commands[CXL_MEM_COMMAND_ID_MAX] = {
        CXL_CMD(GET_SCAN_MEDIA_CAPS, 0x10, 0x4, 0),
        CXL_CMD(SCAN_MEDIA, 0x11, 0, 0),
        CXL_CMD(GET_SCAN_MEDIA, 0, CXL_VARIABLE_PAYLOAD, 0),
-       CXL_CMD(GET_SECURITY_STATE, 0, 0x4, 0),
-       CXL_CMD(SET_PASSPHRASE, 0x60, 0, 0),
-       CXL_CMD(DISABLE_PASSPHRASE, 0x40, 0, 0),
-       CXL_CMD(FREEZE_SECURITY, 0, 0, 0),
-       CXL_CMD(UNLOCK, 0x20, 0, 0),
-       CXL_CMD(PASSPHRASE_SECURE_ERASE, 0x40, 0, 0),
 };
 
 /*
@@ -717,17 +711,6 @@ int cxl_enumerate_cmds(struct cxl_dev_state *cxlds)
                /* Found the required CEL */
                rc = 0;
        }
-
-       /*
-        * Setup permanently kernel exclusive commands, i.e. the
-        * mechanism is driven through sysfs, keyctl, etc...
-        */
-       set_bit(CXL_MEM_COMMAND_ID_SET_PASSPHRASE, cxlds->exclusive_cmds);
-       set_bit(CXL_MEM_COMMAND_ID_DISABLE_PASSPHRASE, cxlds->exclusive_cmds);
-       set_bit(CXL_MEM_COMMAND_ID_UNLOCK, cxlds->exclusive_cmds);
-       set_bit(CXL_MEM_COMMAND_ID_PASSPHRASE_SECURE_ERASE,
-               cxlds->exclusive_cmds);
-
 out:
        kvfree(gsl);
        return rc;

diff --git a/include/uapi/linux/cxl_mem.h b/include/uapi/linux/cxl_mem.h
index 82bdad4ce5de2bf5f8398244fc6637333f45bb3a..c71021a2a9edf5309e3ff1afce7d146142b9ba77 100644 (file)
--- a/include/uapi/linux/cxl_mem.h
+++ b/include/uapi/linux/cxl_mem.h
@@ -41,12 +41,6 @@
        ___C(GET_SCAN_MEDIA_CAPS, "Get Scan Media Capabilities"),         \
        ___C(SCAN_MEDIA, "Scan Media"),                                   \
        ___C(GET_SCAN_MEDIA, "Get Scan Media Results"),                   \
-       ___C(GET_SECURITY_STATE, "Get Security State"),                   \
-       ___C(SET_PASSPHRASE, "Set Passphrase"),                           \
-       ___C(DISABLE_PASSPHRASE, "Disable Passphrase"),                   \
-       ___C(FREEZE_SECURITY, "Freeze Security"),                         \
-       ___C(UNLOCK, "Unlock"),                                           \
-       ___C(PASSPHRASE_SECURE_ERASE, "Passphrase Secure Erase"),         \
        ___C(MAX, "invalid / last command")
 
 #define ___C(a, b) CXL_MEM_COMMAND_ID_##a