• Dan Williams's avatar
    libnvdimm/dimm: Fix security capability detection for non-Intel NVDIMMs · 1cb95e07
    Dan Williams authored
    Kees reports a crash with the following signature...
     RIP: 0010:nvdimm_visible+0x79/0x80
     Call Trace:
    ...when starting a QEMU environment with "label-less" DIMM. Without
    labels QEMU does not publish any DSM methods. Without defined methods
    the NVDIMM_FAMILY type is not established and the nfit driver will skip
    registering security operations.
    In that case the security state should be initialized to a negative
    value in __nvdimm_create() and nvdimm_visible() should skip
    interrogating the specific ops. However, since 'enum
    nvdimm_security_state' was only defined to contain positive values the
    "if (nvdimm->sec.state < 0)" check always fails.
    Define a negative error state to allow negative state values to be
    handled as expected.
    Fixes: f2989396
     ("acpi/nfit, libnvdimm: Introduce nvdimm_security_ops")
    Reviewed-by: default avatarDave Jiang <dave.jiang@intel.com>
    Reported-by: default avatarKees Cook <keescook@chromium.org>
    Tested-by: default avatarKees Cook <keescook@chromium.org>
    Signed-off-by: default avatarDan Williams <dan.j.williams@intel.com>