sed: clarifying SUM sed policy reporting#3412
Conversation
The SUM policy bit indicates if the linked SUM user is in control of the the range (and common name) of its SUM locking range. A policy of 0 indicates the SUM user is in control. A policy of 1 indicates that any admin is in control. The value is set to 1 by default when SUM is disabled. An admin will set the policy when SUM is enabled. See section 4.2.1.4 of TCG Storage Opal SSC Feature Set: Single User Mode v1.00. Signed-off-by: Brenden Bain <brenden.bain@gmail.com>
bbain
force-pushed
the
fixing-sed-policy-reporting
branch
from
2c6d2d8 to
55b7044
Compare
|
I tried to clarify this reporting from the SED plugin. SUM lets users take control of the locking regions. SUM lets the region's user unlock, secure erase and set the password for the region (i.e. but setting their own password). The admin is never able to see the data as it does not know the password for the region. The policy indicates whether or not the admin also wants to let the user configure the location of the region (i.e. its start and length) and its common name. From § 4.2.1.4 of TCG Storage Opal SSC Feature Set: Single User Mode v1.0
|
|
Looks good to me. The only thing I wondering if we should keep it backwards comparability? We could argue this will be released under new a major version update :) @gjoyce-ibm any objections? |
2 participants
The SUM policy bit indicates if the linked SUM user is in control of the the range (and common name) of its SUM locking range. A policy of 0 indicates the SUM user is in control. A policy of 1 indicates that any admin is in control. The value is set to 1 by default when SUM is disabled. An admin will set the policy when SUM is enabled. See section 4.2.1.4 of TCG Storage Opal SSC Feature Set: Single User Mode v1.00.