Re: [PATCH v2 2/4] char: rpmb: provide a user space interface

From: Harald Mommer
Date: Thu Jun 16 2022 - 11:09:20 EST

Next message: Rob Herring: "Re: [RFC PATCH 1/2] dt-bindings: arm: mediatek: Add new bindings of MediaTek frequency hopping"
Previous message: Kefeng Wang: "[PATCH] arm64: defconfig: Enable memory hotplug and hotremove config"
Next in thread: Arnd Bergmann: "Re: [PATCH v2 2/4] char: rpmb: provide a user space interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

On 05.04.22 11:37, Alex Bennée wrote:

The user space API is achieved via a number of synchronous IOCTLs.

* RPMB_IOC_VER_CMD - simple versioning API
* RPMB_IOC_CAP_CMD - query of underlying capabilities
* RPMB_IOC_PKEY_CMD - one time programming of access key
* RPMB_IOC_COUNTER_CMD - query the write counter
* RPMB_IOC_WBLOCKS_CMD - write blocks to device
* RPMB_IOC_RBLOCKS_CMD - read blocks from device

The operations which require authenticated frames or will respond with
MAC hashes of nonce filled frames that userspace will need to verify
share a common command frame format. The other operations can be
considered generic and allow for common handling.

[AJB: here the are key difference is the avoiding a single ioctl where
all the frame data is put together by user space. User space is still
the only place where certain operations can be verified due to the
need of a secret key]

I have less problems to understand this reworked ioctl() interface as I had with the older one. Nice.

diff --git a/drivers/rpmb/cdev.c b/drivers/rpmb/cdev.c
...
+static long rpmb_ioctl_cap_cmd(struct rpmb_dev *rdev,
+ struct rpmb_ioc_cap_cmd __user *ptr)
+{
+ struct rpmb_ioc_cap_cmd cap;
+
+ cap.target = rdev->target;
+ cap.block_size = rdev->ops->block_size;
+ cap.wr_cnt_max = rdev->ops->wr_cnt_max;
+ cap.rd_cnt_max = rdev->ops->rd_cnt_max;
+ cap.capacity = rpmb_get_capacity(rdev);
+ cap.reserved = 0;

auth_method is still part of the structure but not set. Means arbitrary data from the stack is copied to user land.

+
+ return copy_to_user(ptr, &cap, sizeof(cap)) ? -EFAULT : 0;
+}
...
+/**
+ * struct rpmb_ioc_cap_cmd - rpmb capabilities
+ *
+ * @target: rpmb target/region within RPMB partition.
+ * @capacity: storage capacity (in units of 128K)
+ * @block_size: storage data block size (in units of 256B)
+ * @wr_cnt_max: maximal number of block that can be written in a single request.
+ * @rd_cnt_max: maximal number of block that can be read in a single request.
+ * @auth_method: authentication method: currently always HMAC_SHA_256
+ * @reserved: reserved to align to 4 bytes.
+ */
+struct rpmb_ioc_cap_cmd {
+ __u16 target;
+ __u16 capacity;
+ __u16 block_size;
+ __u16 wr_cnt_max;
+ __u16 rd_cnt_max;
+ __u16 auth_method;
+ __u16 reserved;
+} __packed;
...+

--
Dipl.-Ing. Harald Mommer
Senior Software Engineer

OpenSynergy GmbH
Rotherstr. 20, 10245 Berlin

Phone: +49 (30) 60 98 540-0 <== Zentrale
Fax: +49 (30) 60 98 540-99
E-Mail: harald.mommer@xxxxxxxxxxxxxxx

www.opensynergy.com

Handelsregister: Amtsgericht Charlottenburg, HRB 108616B
Geschäftsführer/Managing Director: Regis Adjamah

Next message: Rob Herring: "Re: [RFC PATCH 1/2] dt-bindings: arm: mediatek: Add new bindings of MediaTek frequency hopping"
Previous message: Kefeng Wang: "[PATCH] arm64: defconfig: Enable memory hotplug and hotremove config"
Next in thread: Arnd Bergmann: "Re: [PATCH v2 2/4] char: rpmb: provide a user space interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]