| From: |
| Ondrej Kozina <okozina-AT-redhat.com> |
| To: |
| linux-block-AT-vger.kernel.org |
| Subject: |
| [PATCH 0/6] Extend Single User Mode (SUM) support in sed-opal. |
| Date: |
| Fri, 30 Jan 2026 17:25:06 +0100 |
| Message-ID: |
| <20260130162527.570255-1-okozina@redhat.com> |
| Cc: |
| Ondrej Kozina <okozina-AT-redhat.com>, gmazyland-AT-gmail.com, gjoyce-AT-ibm.com, jonathan.derrick-AT-linux.dev |
| Archive-link: |
| Article |
This patch series extends support for TCG Storage Opal SSC Single User
Mode (SUM) in the sed-opal kernel interface. SUM addresses few
shortcomins described in the chapter 2 of the OPAL2 sepecification
extension (see below). It better isolates Admin authority from User
stored data by taking the Lock/Unlock/Enable/Disable privileges from
Admin when managing Locking Ranges configured for SUM.
This permission split necessitates separate ioctl calls for operations
that previously could be performed atomically under a single authority.
The series refactors existing code and introduces new ioctls to support
this model:
- IOC_OPAL_REACTIVATE_LSP: Switch an active OPAL2 device to/from SUM
- IOC_OPAL_LR_SET_START_LEN: Set locking range boundaries only
- IOC_OPAL_ENABLE_DISABLE_LR: Set lock enable states only
- IOC_OPAL_GET_SUM_STATUS: Query SUM configuration status
References:
- TCG Storage Opal SSC Feature Set: Single User Mode specification
- cryptsetup code using the extended sed-opal interface:
https://gitlab.com/cryptsetup/cryptsetup/-/merge_requests...
Ondrej Kozina (6):
sed-opal: add IOC_OPAL_REACTIVATE_LSP.
sed-opal: refactor (split) IOC_OPAL_LR_SETUP internals.
sed-opal: add IOC_OPAL_LR_SET_START_LEN ioctl.
sed-opal: add IOC_OPAL_ENABLE_DISABLE_LR.
sed-opal: increase column attribute type size to 64 bits.
sed-opal: add IOC_OPAL_GET_SUM_STATUS ioctl.
block/opal_proto.h | 4 +
block/sed-opal.c | 367 +++++++++++++++++++++++++++++++---
include/linux/sed-opal.h | 4 +
include/uapi/linux/sed-opal.h | 25 +++
4 files changed, 371 insertions(+), 29 deletions(-)
--
2.52.0
