Some FC adapters from Marvell offer the ability to encrypt data in flight
(EDIF). This feature requires an application to act as an authenticator.
During runtime, driver and authentication application need to stay in sync
in terms of: Session being down|up, arrival of new authentication
message (AUTH ELS) and SADB update completion.
These events are queued up as doorbell to the authentication
application. Application would read this doorbell on regular basis to stay
up to date. Each SCSI host would have a separate doorbell queue.
The doorbell interface can daisy chain a list of events for each read. Each
event contains an event code + hint to help application steer the next
course of action.
Link: https://lore.kernel.org/r/20210624052606.21613-9-njavali@marvell.com
Reviewed-by: Hannes Reinecke <hare@suse.de>
Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com>
Co-developed-by: Larry Wisneski <Larry.Wisneski@marvell.com>
Signed-off-by: Larry Wisneski <Larry.Wisneski@marvell.com>
Co-developed-by: Duane Grigsby <duane.grigsby@marvell.com>
Signed-off-by: Duane Grigsby <duane.grigsby@marvell.com>
Co-developed-by: Rick Hicksted Jr <rhicksted@marvell.com>
Signed-off-by: Rick Hicksted Jr <rhicksted@marvell.com>
Signed-off-by: Quinn Tran <qutran@marvell.com>
Signed-off-by: Nilesh Javali <njavali@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Some FC adapters from Marvell offer the ability to encrypt data in flight
(EDIF). This feature requires an application to act as an authenticator.
There is no FC switch scan service that can indicate whether a device is
secure or non-secure.
In order to detect whether the remote port supports encrypted operation,
driver must first do a PLOGI with the remote device. On completion of the
PLOGI, driver will query firmware to see if the device supports secure
login. To do that, driver + firmware must advertise the security bit via
PLOGI's service parameter. The remote device shall respond using the same
service parameter whether it supports it or not.
Link: https://lore.kernel.org/r/20210624052606.21613-8-njavali@marvell.com
Reviewed-by: Hannes Reinecke <hare@suse.de>
Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com>
Co-developed-by: Larry Wisneski <Larry.Wisneski@marvell.com>
Signed-off-by: Larry Wisneski <Larry.Wisneski@marvell.com>
Co-developed-by: Duane Grigsby <duane.grigsby@marvell.com>
Signed-off-by: Duane Grigsby <duane.grigsby@marvell.com>
Co-developed-by: Rick Hicksted Jr <rhicksted@marvell.com>
Signed-off-by: Rick Hicksted Jr <rhicksted@marvell.com>
Signed-off-by: Quinn Tran <qutran@marvell.com>
Signed-off-by: Nilesh Javali <njavali@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Some FC adapters from Marvell offer the ability to encrypt data in flight
(EDIF). This feature requires an application to act as an authenticator.
On completion of the authentication process, the authentication application
will notify driver on whether it is successful or not.
In case of success, application will use the QL_VND_SC_AUTH_OK BSG call to
tell driver to proceed to the PRLI phase.
In case of failure, application will use the QL_VND_SC_AUTH_FAIL bsg call
to tell driver to tear down the connection and retry. In the case where an
existing session is active, the re-key process can fail. The session tear
down ensures data is not further compromised.
Link: https://lore.kernel.org/r/20210624052606.21613-7-njavali@marvell.com
Reviewed-by: Hannes Reinecke <hare@suse.de>
Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com>
Co-developed-by: Larry Wisneski <Larry.Wisneski@marvell.com>
Signed-off-by: Larry Wisneski <Larry.Wisneski@marvell.com>
Co-developed-by: Duane Grigsby <duane.grigsby@marvell.com>
Signed-off-by: Duane Grigsby <duane.grigsby@marvell.com>
Co-developed-by: Rick Hicksted Jr <rhicksted@marvell.com>
Signed-off-by: Rick Hicksted Jr <rhicksted@marvell.com>
Signed-off-by: Quinn Tran <qutran@marvell.com>
Signed-off-by: Nilesh Javali <njavali@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Some FC adapters from Marvell offer the ability to encrypt data in flight
(EDIF). This feature requires an application to act as an authenticator.
As part of the authentication process, the authentication application will
generate a SADB entry (Security Association/SA, key, SPI value, etc). This
SADB is then passed to driver to be programmed into hardware. There will be
a pair of SADB's (Tx and Rx) for each connection.
After some period, the application can choose to change the key. At that
time, a new set of SADB pair is given to driver. The old set of SADB will
be deleted.
Add a new bsg call (QL_VND_SC_SA_UPDATE) to allow application to allow
adding or deleting SADB entries. Driver will not keep the key in
memory. It will pass it to HW.
It is assumed that application will assign a unique SPI value to this SADB
(SA + key). Driver + hardware will assign a handle to track this unique
SPI/SADB.
Link: https://lore.kernel.org/r/20210624052606.21613-6-njavali@marvell.com
Reviewed-by: Hannes Reinecke <hare@suse.de>
Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com>
Co-developed-by: Larry Wisneski <Larry.Wisneski@marvell.com>
Signed-off-by: Larry Wisneski <Larry.Wisneski@marvell.com>
Co-developed-by: Duane Grigsby <duane.grigsby@marvell.com>
Signed-off-by: Duane Grigsby <duane.grigsby@marvell.com>
Co-developed-by: Rick Hicksted Jr <rhicksted@marvell.com>
Signed-off-by: Rick Hicksted Jr <rhicksted@marvell.com>
Signed-off-by: Quinn Tran <qutran@marvell.com>
Signed-off-by: Nilesh Javali <njavali@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Some FC adapters from Marvell offer the ability to encrypt data in flight
(EDIF). This feature requires an application to act as an authenticator.
Add the ability for authentication application to send and retrieve
messages as part of the authentication process via existing
FC_BSG_HST_ELS_NOLOGIN BSG interface.
To send a message, application is expected to format the data in the AUTH
ELS format. Refer to FC-SP2 for details.
If a message was received, application is required to reply with either a
LS_ACC or LS_RJT complete the exchange using the same interface. Otherwise,
remote device will treat it as a timeout.
Link: https://lore.kernel.org/r/20210624052606.21613-4-njavali@marvell.com
Reviewed-by: Hannes Reinecke <hare@suse.de>
Reviewed-by: Himanshu Madhani <himanshu.madhani@oracle.com>
Co-developed-by: Larry Wisneski <Larry.Wisneski@marvell.com>
Signed-off-by: Larry Wisneski <Larry.Wisneski@marvell.com>
Co-developed-by: Duane Grigsby <duane.grigsby@marvell.com>
Signed-off-by: Duane Grigsby <duane.grigsby@marvell.com>
Co-developed-by: Rick Hicksted Jr <rhicksted@marvell.com>
Signed-off-by: Rick Hicksted Jr <rhicksted@marvell.com>
Signed-off-by: Quinn Tran <qutran@marvell.com>
Signed-off-by: Nilesh Javali <njavali@marvell.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
For SD card reader devices that have the BLIST_IGN_MEDIA_CHANGE flag
set, a MEDIUM MAY HAVE CHANGED unit attention is established after
resuming from runtime suspend. Send a REQUEST SENSE to consume the UA.
The "downside" is that for these devices we now rely on users to not
change the medium (SD card) *during* a runtime suspend/resume cycle,
i.e. when not unmounting.
To enable runtime PM for an SD cardreader (device number 0:0:0:0), do:
echo 0 > /sys/module/block/parameters/events_dfl_poll_msecs
echo 1000 > /sys/bus/scsi/devices/0:0:0:0/power/autosuspend_delay_ms
echo auto > /sys/bus/scsi/devices/0:0:0:0/power/control
[mkp: use scsi_device flag instead of poking at BLIST]
Link: https://lore.kernel.org/r/20210704075403.147114-3-martin.kepplinger@puri.sm
Reviewed-by: Bart Van Assche <bvanassche@acm.org>
Signed-off-by: Martin Kepplinger <martin.kepplinger@puri.sm>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
The function used to dump sectors containing protection information errors
was useful during initial development over a decade ago. However,
dump_sector() substantially slows down the system during testing due to
writing an entire sector's worth of data to syslog on every error.
We now log plenty of information about the nature of detected protection
information errors throughout the stack. Dumping the entire contents of an
offending sector is no longer needed.
Link: https://lore.kernel.org/r/20210609033929.3815-9-martin.petersen@oracle.com
Reviewed-by: Bart Van Assche <bvanassche@acm.org>
Reviewed-by: Douglas Gilbert <dgilbert@interlog.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Message-Id: <20210609033929.3815-9-martin.petersen@oracle.com>
Add support for ZTE RM241-18i 2G device ID:
VID_9005, DID_028F, SVID_1CF2 and SDID_5445
Add support for ZTE RM242-18i 4G device ID:
VID_9005, DID_028F, SVID_1CF2 and SDID_5446
Add support for ZTE RM243-18i device ID:
VID_9005, DID_028F, SVID_1CF2 and SDID_5447
Add support for ZTE SDPSA/B-18i 4G device ID:
VID_9005, DID_028F, SVID_1CF2 and SDID_0B27
Add support for ZTE SDPSA/B_I-18i device ID:
VID_9005, DID_028F, SVID_1CF2 and SDID_0B29
Add support for ZTE SDPSA/B_L-18i 2G device ID:
VID_9005, DID_028F, SVID_1CF2 and SDID_0B45
Link: https://lore.kernel.org/r/20210714182847.50360-8-don.brace@microchip.com
Reviewed-by: Kevin Barnett <kevin.barnett@microchip.com>
Reviewed-by: Mike McGowen <mike.mcgowen@microchip.com>
Reviewed-by: Scott Benesh <scott.benesh@microchip.com>
Reviewed-by: Scott Teel <scott.teel@microchip.com>
Signed-off-by: Balsundar P <balsundar.p@microchip.com>
Signed-off-by: Don Brace <don.brace@microchip.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
When a node moves to NPR state due to a device recovery event, the
nlp_fc4_types in the node are cleared. An ADISC received for a node in the
NPR state triggers an ADISC. Without fc4 types being known, the calls to
register with the transport are no-op'd, thus no additional references are
placed on the node by transport re-registrations. A subsequent RSCN could
trigger another unregister request, which will decrement the reference
counts, leading to the ref count hitting zero and the node being freed
while futher discovery on the node is being attempted by the RSCN event
handling.
Fix by skipping the trigger of an ADISC when in NPR state. The normal ADISC
process will kick off in the regular discovery path after receiving a
response from name server.
Link: https://lore.kernel.org/r/20210707184351.67872-19-jsmart2021@gmail.com
Co-developed-by: Justin Tee <justin.tee@broadcom.com>
Signed-off-by: Justin Tee <justin.tee@broadcom.com>
Signed-off-by: James Smart <jsmart2021@gmail.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
During RSCN storms, some instances of LIP on SLI-3 adapters lead to a
situation where FLOGIs keep failing with firmware indicating an illegal
command error code. This situation was preceded by an ADISC completion
that was processed while the link was down. This path on SLI-3 performs a
CLEAR_LA and attempts to activate a VPI with REG_VPI. Later, as the FLOGI
completes, it's no longer in sync with the VPI state. In SLI-3 it is
illegal to have an active VPI during FLOGI.
Resolve by circumventing the SLI-3 path that performs the CLEAR_LA and
REG_VPI. The path will be taken after the FLOGI after the next Link Up.
Link: https://lore.kernel.org/r/20210707184351.67872-18-jsmart2021@gmail.com
Co-developed-by: Justin Tee <justin.tee@broadcom.com>
Signed-off-by: Justin Tee <justin.tee@broadcom.com>
Signed-off-by: James Smart <jsmart2021@gmail.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
In the PLOGI and ADISC completion handling, the device removal event could
be skipped during some link errors. This could leave a stale node in UNUSED
state. Driver unload would hang for a long time waiting for this node to
be freed.
Resolve by taking the following steps:
- Always post ADISC completion events to discovery state machine upon
ADISC completion.
- In case of a completion error for PLOGI/ADISC, ensure that init refcount
is dropped if not registered with transport.
Link: https://lore.kernel.org/r/20210707184351.67872-17-jsmart2021@gmail.com
Co-developed-by: Justin Tee <justin.tee@broadcom.com>
Signed-off-by: Justin Tee <justin.tee@broadcom.com>
Signed-off-by: James Smart <jsmart2021@gmail.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
