cxl/security: Drop security command ioctl uapi

CXL PMEM security operations are routed through the NVDIMM sysfs
interface. For this reason the corresponding commands are marked
"exclusive" to preclude collisions between the ioctl ABI and the sysfs
ABI. However, a better way to preclude that collision is to simply
remove the ioctl ABI (command-id definitions) for those operations.

Now that cxl_internal_send_cmd() (formerly cxl_mbox_send_cmd()) no
longer needs to talk the cxl_mem_commands array, all of the uapi
definitions for the security commands can be dropped.

These never appeared in a released kernel, so no regression risk.

Reviewed-by: Dave Jiang <dave.jiang@intel.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Link: https://lore.kernel.org/r/167030056464.4044561.11486507095384253833.stgit@dwillia2-xfh.jf.intel.com
Signed-off-by: Dan Williams <dan.j.williams@intel.com>

diff --git a/drivers/cxl/core/mbox.c b/drivers/cxl/core/mbox.c
index c36a358..b03fba2 100644 (file)
--- a/drivers/cxl/core/mbox.c
+++ b/drivers/cxl/core/mbox.c
@@ -65,12 +65,6 @@ static struct cxl_mem_command cxl_mem_commands[CXL_MEM_COMMAND_ID_MAX] = {
        CXL_CMD(GET_SCAN_MEDIA_CAPS, 0x10, 0x4, 0),
        CXL_CMD(SCAN_MEDIA, 0x11, 0, 0),
        CXL_CMD(GET_SCAN_MEDIA, 0, CXL_VARIABLE_PAYLOAD, 0),
-       CXL_CMD(GET_SECURITY_STATE, 0, 0x4, 0),
-       CXL_CMD(SET_PASSPHRASE, 0x60, 0, 0),
-       CXL_CMD(DISABLE_PASSPHRASE, 0x40, 0, 0),
-       CXL_CMD(FREEZE_SECURITY, 0, 0, 0),
-       CXL_CMD(UNLOCK, 0x20, 0, 0),
-       CXL_CMD(PASSPHRASE_SECURE_ERASE, 0x40, 0, 0),
 };
 
 /*
@@ -717,17 +711,6 @@ int cxl_enumerate_cmds(struct cxl_dev_state *cxlds)
                /* Found the required CEL */
                rc = 0;
        }
-
-       /*
-        * Setup permanently kernel exclusive commands, i.e. the
-        * mechanism is driven through sysfs, keyctl, etc...
-        */
-       set_bit(CXL_MEM_COMMAND_ID_SET_PASSPHRASE, cxlds->exclusive_cmds);
-       set_bit(CXL_MEM_COMMAND_ID_DISABLE_PASSPHRASE, cxlds->exclusive_cmds);
-       set_bit(CXL_MEM_COMMAND_ID_UNLOCK, cxlds->exclusive_cmds);
-       set_bit(CXL_MEM_COMMAND_ID_PASSPHRASE_SECURE_ERASE,
-               cxlds->exclusive_cmds);
-
 out:
        kvfree(gsl);
        return rc;

diff --git a/include/uapi/linux/cxl_mem.h b/include/uapi/linux/cxl_mem.h
index 82bdad4..c71021a 100644 (file)
--- a/include/uapi/linux/cxl_mem.h
+++ b/include/uapi/linux/cxl_mem.h
@@ -41,12 +41,6 @@
        ___C(GET_SCAN_MEDIA_CAPS, "Get Scan Media Capabilities"),         \
        ___C(SCAN_MEDIA, "Scan Media"),                                   \
        ___C(GET_SCAN_MEDIA, "Get Scan Media Results"),                   \
-       ___C(GET_SECURITY_STATE, "Get Security State"),                   \
-       ___C(SET_PASSPHRASE, "Set Passphrase"),                           \
-       ___C(DISABLE_PASSPHRASE, "Disable Passphrase"),                   \
-       ___C(FREEZE_SECURITY, "Freeze Security"),                         \
-       ___C(UNLOCK, "Unlock"),                                           \
-       ___C(PASSPHRASE_SECURE_ERASE, "Passphrase Secure Erase"),         \
        ___C(MAX, "invalid / last command")
 
 #define ___C(a, b) CXL_MEM_COMMAND_ID_##a