From: Greg Joyce Date: Fri, 31 Jan 2025 20:26:05 +0000 (-0600) Subject: sed: add '--read-only' to lock/unlock commands X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=eea49135f31cf2bf6ee453fdbda023e27a213d55;p=users%2Fsagi%2Fnvme-cli.git sed: add '--read-only' to lock/unlock commands This change allows a user to specify that a drive is to be locked read-only rather than just read-write. Also a drive that is locked read-write can be "unlocked" to locked read-only. The flag '--read-only' is used so the locking type can be specified. Signed-off-by: Greg Joyce --- diff --git a/plugins/sed/sed.c b/plugins/sed/sed.c index 9e48d832..a616cf22 100644 --- a/plugins/sed/sed.c +++ b/plugins/sed/sed.c @@ -42,6 +42,13 @@ OPT_ARGS(revert_opts) = { OPT_END() }; +OPT_ARGS(lock_opts) = { + OPT_FLAG("read-only", 'r', &sedopal_lock_ro, + "Set locking range to read-only"), + OPT_FLAG("ask-key", 'k', &sedopal_ask_key, + "prompt for SED authentication key"), + OPT_END() +}; /* * Open the NVMe device specified on the command line. It must be the @@ -130,7 +137,7 @@ static int sed_opal_lock(int argc, char **argv, struct command *cmd, const char *desc = "Lock a SED device"; struct nvme_dev *dev; - err = sed_opal_open_device(&dev, argc, argv, desc, key_opts); + err = sed_opal_open_device(&dev, argc, argv, desc, lock_opts); if (err) return err; @@ -150,7 +157,7 @@ static int sed_opal_unlock(int argc, char **argv, struct command *cmd, const char *desc = "Unlock a SED device"; struct nvme_dev *dev; - err = sed_opal_open_device(&dev, argc, argv, desc, key_opts); + err = sed_opal_open_device(&dev, argc, argv, desc, lock_opts); if (err) return err; diff --git a/plugins/sed/sedopal_cmd.c b/plugins/sed/sedopal_cmd.c index 46d2592d..32ee1d90 100644 --- a/plugins/sed/sedopal_cmd.c +++ b/plugins/sed/sedopal_cmd.c @@ -248,8 +248,12 @@ int sedopal_cmd_initialize(int fd) */ int sedopal_cmd_lock(int fd) { + int lock_state = OPAL_LK; - return sedopal_lock_unlock(fd, OPAL_LK); + if (sedopal_lock_ro) + lock_state = OPAL_RO; + + return sedopal_lock_unlock(fd, lock_state); } /* @@ -258,8 +262,12 @@ int sedopal_cmd_lock(int fd) int sedopal_cmd_unlock(int fd) { int rc; + int lock_state = OPAL_RW; + + if (sedopal_lock_ro) + lock_state = OPAL_RO; - rc = sedopal_lock_unlock(fd, OPAL_RW); + rc = sedopal_lock_unlock(fd, lock_state); /* * If the unlock was successful, force a re-read of the