lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 5 Feb 2019 00:06:54 +0100 (CET)
From:   David Kozub <zub@...ux.fjfi.cvut.cz>
To:     Christoph Hellwig <hch@...radead.org>
cc:     Jens Axboe <axboe@...nel.dk>,
        Jonathan Derrick <jonathan.derrick@...el.com>,
        Scott Bauer <sbauer@...donthack.me>,
        linux-block@...r.kernel.org, linux-kernel@...r.kernel.org,
        Jonas Rabenstein <jonas.rabenstein@...dium.uni-erlangen.de>
Subject: Re: [PATCH v4 00/16] block: sed-opal: support shadow MBR done flag
 and write

On Mon, 4 Feb 2019, Christoph Hellwig wrote:

> On Fri, Feb 01, 2019 at 09:50:07PM +0100, David Kozub wrote:
>> This patch series extends SED OPAL support: it adds IOCTL for setting the shadow
>> MBR done flag which can be useful for unlocking an OPAL disk on boot and it adds
>> IOCTL for writing to the shadow MBR. Also included are some minor fixes and
>> improvements.
>
> Actually most of it is really useful cleanups and small fixes for the
> existing OPAL code.  Any chance you could resend just those bits as
> a first series ASAP?  I'll try to spend some time to to review the
> actual feature additions in the meantime.

OK, I'll try to separate these into two sets.

This will unfortunately trigger some changes (conflict resolving - e.g. if 
I move the last two patches in the current series forward, in front of the 
patches with new functionality). What is the proper procedure w.r.t. 
Reviewed-by tags which were already given? Common sense would make me keep 
them for trivial changes and remove them if the patch should be 
re-reviewed. Is that correct?

>> There is a fork of sed-opal-temp that can use these new IOCTLs.[2] I tested
>> these on Samsung 840 EVO and 850 EVO drives, on x86-64 and arm64 systems.
>
> Which brings up another question:  how do we get a properly maintained
> version of the sed-opal tool up ASAP?  It's been a bit bitrotting
> unfortunately, and the documentation and error handling hasn't been all
> that great to start with.  Are we going to find a good home for it?
> Util-linux for example?

FWIW I also hacked together a tool to cover my usecase: 
https://gitlab.com/zub2/opalctl

The selling point is that it can handle passwords the same way that 
sedutil (https://github.com/Drive-Trust-Alliance/sedutil) does.

Best regards,
David

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ