sed: add '--read-only' to lock/unlock commands

This change allows a user to specify that a drive is to be locked
read-only rather than just read-write. Also a drive that is locked
read-write can be "unlocked" to locked read-only.

The flag '--read-only' is used so the locking type can be specified.

Signed-off-by: Greg Joyce <gjoyce@linux.ibm.com>

diff --git a/plugins/sed/sed.c b/plugins/sed/sed.c
index 9e48d83286a22c861024c37737d554e197b93a90..a616cf2270263c9523ee80edd2c4733d3418bb31 100644 (file)
--- a/plugins/sed/sed.c
+++ b/plugins/sed/sed.c
@@ -42,6 +42,13 @@ OPT_ARGS(revert_opts) = {
        OPT_END()
 };
 
+OPT_ARGS(lock_opts) = {
+       OPT_FLAG("read-only", 'r', &sedopal_lock_ro,
+                "Set locking range to read-only"),
+       OPT_FLAG("ask-key", 'k', &sedopal_ask_key,
+                       "prompt for SED authentication key"),
+       OPT_END()
+};
 
 /*
  * Open the NVMe device specified on the command line. It must be the
@@ -130,7 +137,7 @@ static int sed_opal_lock(int argc, char **argv, struct command *cmd,
        const char *desc = "Lock a SED device";
        struct nvme_dev *dev;
 
-       err = sed_opal_open_device(&dev, argc, argv, desc, key_opts);
+       err = sed_opal_open_device(&dev, argc, argv, desc, lock_opts);
        if (err)
                return err;
 
@@ -150,7 +157,7 @@ static int sed_opal_unlock(int argc, char **argv, struct command *cmd,
        const char *desc = "Unlock a SED device";
        struct nvme_dev *dev;
 
-       err = sed_opal_open_device(&dev, argc, argv, desc, key_opts);
+       err = sed_opal_open_device(&dev, argc, argv, desc, lock_opts);
        if (err)
                return err;
 

diff --git a/plugins/sed/sedopal_cmd.c b/plugins/sed/sedopal_cmd.c
index 46d2592d56989451acf55cd9a57f10a57926b832..32ee1d907464b4519b9b88ba7c42ca130aa72034 100644 (file)
--- a/plugins/sed/sedopal_cmd.c
+++ b/plugins/sed/sedopal_cmd.c
@@ -248,8 +248,12 @@ int sedopal_cmd_initialize(int fd)
  */
 int sedopal_cmd_lock(int fd)
 {
+       int lock_state = OPAL_LK;
 
-       return sedopal_lock_unlock(fd, OPAL_LK);
+       if (sedopal_lock_ro)
+               lock_state = OPAL_RO;
+
+       return sedopal_lock_unlock(fd, lock_state);
 }
 
 /*
@@ -258,8 +262,12 @@ int sedopal_cmd_lock(int fd)
 int sedopal_cmd_unlock(int fd)
 {
        int rc;
+       int lock_state = OPAL_RW;
+
+       if (sedopal_lock_ro)
+               lock_state = OPAL_RO;
 
-       rc = sedopal_lock_unlock(fd, OPAL_RW);
+       rc = sedopal_lock_unlock(fd, lock_state);
 
        /*
         * If the unlock was successful, force a re-read of the