block: sed-opal: keyring support for SED keys

Extend the SED block driver so it can alternatively obtain a key from a sed-opal kernel keyring. The SED ioctls will indicate the source of the key, either directly in the ioctl data or from the keyring. This allows the use of SED commands in scripts such as udev scripts so that drives may be automatically unlocked as they become available. Signed-off-by: Greg Joyce <[email protected]> Reviewed-by: Jonathan Derrick <[email protected]> Acked-by: Jarkko Sakkinen <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Jens Axboe <[email protected]>
author: Greg Joyce <[email protected]> 2023-07-21 16:15:34 -0500
committer: Jens Axboe <[email protected]> 2023-08-22 11:10:26 -0600
commit: 3bfeb61256643281ac4be5b8a57e9d9da3db4335 (patch)
tree: 71ffd9e63c62a0b114a72cd258e107db66473c7b /include/linux
parent: 5c82efc1aee8eb0919aa67a0d2559de5a326bd7c (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/include/linux/sed-opal.h b/include/linux/sed-opal.h
index 2f189546e133..2ac50822554e 100644
--- a/include/linux/sed-opal.h
+++ b/include/linux/sed-opal.h
@@ -25,6 +25,9 @@ bool opal_unlock_from_suspend(struct opal_dev *dev);
 struct opal_dev *init_opal_dev(void *data, sec_send_recv *send_recv);
 int sed_ioctl(struct opal_dev *dev, unsigned int cmd, void __user *ioctl_ptr);
 
+#define	OPAL_AUTH_KEY           "opal-boot-pin"
+#define	OPAL_AUTH_KEY_PREV      "opal-boot-pin-prev"
+
 static inline bool is_sed_ioctl(unsigned int cmd)
 {
 	switch (cmd) {
author	Greg Joyce <[email protected]>	2023-07-21 16:15:34 -0500
committer	Jens Axboe <[email protected]>	2023-08-22 11:10:26 -0600
commit	3bfeb61256643281ac4be5b8a57e9d9da3db4335 (patch)
tree	71ffd9e63c62a0b114a72cd258e107db66473c7b /include/linux
parent	5c82efc1aee8eb0919aa67a0d2559de5a326bd7c (diff)