block: sed-opal: Change the check condition for regular session validity

This patch changes the check condition for the validity/authentication
of the session.

1. The Host Session Number(HSN) in the response should match the HSN for
   the session.
2. The TPER Session Number(TSN) can never be less than 4096 for a regular
   session.

Reference:
Section 3.2.2.1   of https://trustedcomputinggroup.org/wp-content/uploads/TCG_Storage_Opal_SSC_Application_Note_1-00_1-00-Final.pdf
Section 3.3.7.1.1 of https://trustedcomputinggroup.org/wp-content/uploads/TCG_Storage_Architecture_Core_Spec_v2.01_r1.00.pdf

Co-developed-by: Andrzej Jakowski <andrzej.jakowski@linux.intel.com>
Signed-off-by: Andrzej Jakowski <andrzej.jakowski@linux.intel.com>
Signed-off-by: Revanth Rajashekar <revanth.rajashekar@intel.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

diff --git a/block/opal_proto.h b/block/opal_proto.h
index 325cbba2465fd13096b5f000709c8c588cdcc6e5..b486b3ec7dc41e95a203524400b06a1a5f5f610c 100644 (file)
--- a/block/opal_proto.h
+++ b/block/opal_proto.h
@@ -36,6 +36,7 @@ enum opal_response_token {
 
 #define DTAERROR_NO_METHOD_STATUS 0x89
 #define GENERIC_HOST_SESSION_NUM 0x41
+#define FIRST_TPER_SESSION_NUM 4096
 
 #define TPER_SYNC_SUPPORTED 0x01
 #define MBR_ENABLED_MASK 0x10

diff --git a/block/sed-opal.c b/block/sed-opal.c
index 880cc57a5f6bd34ed26bc25df6ac091316bc117c..daafadbb88cae7d256d4bab708ec3ac4900ac821 100644 (file)
--- a/block/sed-opal.c
+++ b/block/sed-opal.c
@@ -1056,7 +1056,7 @@ static int start_opal_session_cont(struct opal_dev *dev)
        hsn = response_get_u64(&dev->parsed, 4);
        tsn = response_get_u64(&dev->parsed, 5);
 
-       if (hsn == 0 && tsn == 0) {
+       if (hsn != GENERIC_HOST_SESSION_NUM || tsn < FIRST_TPER_SESSION_NUM) {
                pr_debug("Couldn't authenticate session\n");
                return -EPERM;
        }