Skip to content

Add patina_nvme crate#11

Open
kat-perez wants to merge 1 commit into
OpenDevicePartnership:mainfrom
kat-perez:kat-perez/patina-nvme
Open

Add patina_nvme crate#11
kat-perez wants to merge 1 commit into
OpenDevicePartnership:mainfrom
kat-perez:kat-perez/patina-nvme

Conversation

@kat-perez
Copy link
Copy Markdown
Contributor

@kat-perez kat-perez commented May 12, 2026

Description

Adds a new patina_nvme crate that exposes thin wrappers over EFI_NVM_EXPRESS_PASS_THRU_PROTOCOL admin commands. Initial surface area is a single helper, lock_partition_write, which write-protects the NVMe boot partitions until the next power cycle via Set Features (FID 0x11, BPWPS).

This supersedes the placement explored in patina#1488, where the same helper lived inside patina_boot::partition. Reviewer feedback there (os-d, makubacki) made the case that patina_boot should not implement storage-protocol abstractions; this PR is the relocation.

The crate stays narrow on purpose:

  • lib.rs — public lock_partition_write helper plus the unsafe inner Set Features dispatch.
  • pass_thru.rs — minimal FFI bindings for EFI_NVM_EXPRESS_PASS_THRU_PROTOCOL (Protocol struct, command/completion shapes, opcode/FID/flag constants).

Like patina_boot from #9, patina_nvme pulls patina directly from the feature/patina-boot git branch until a patina release ships the required APIs (DevicePathBuf, etc.).

  • Impacts functionality?
  • Impacts security?
  • Breaking change?
  • Includes tests?
  • Includes documentation?

How This Was Tested

cargo test --lib -p patina_nvme — all 6 unit tests pass:

test tests::test_lock_partition_write_locate_failure ... ok
test tests::test_lock_partition_write_handle_protocol_failure ... ok
test tests::test_lock_partition_write_set_features_payload ... ok
test tests::test_lock_partition_write_inner_issues_correct_set_features_command ... ok
test tests::test_lock_partition_write_inner_passthru_failure_propagates ... ok
test tests::test_lock_partition_write_inner_nonzero_completion_status_rejected ... ok

The unsafe FFI dispatch path is exercised via mock pass_thru function pointers that capture the constructed command and verify opcode/flags/CDW10/CDW11/queue type match the NVMe spec.

Integration Instructions

Consumers depend on patina_nvme = "0.1" from this repo. Until a patina release containing the new APIs is published, consumers needing to build against this crate will also need to redirect patina to the feature/patina-boot branch (matching the existing pattern in patina_boot/Cargo.toml).

Closes #61 (tracked on the SRE board) once patina#1488 is closed in favor of this PR.

@github-actions github-actions Bot added impact:testing Affects testing type:documentation Improvements or additions to documentation labels May 12, 2026
@kat-perez kat-perez mentioned this pull request May 12, 2026
Closed
5 tasks
@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented May 12, 2026

Codecov Report

❌ Patch coverage is 98.70130% with 2 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
patina_nvme/src/lib.rs 98.53% 2 Missing ⚠️

📢 Thoughts on this report? Let us know!

@kat-perez kat-perez mentioned this pull request May 12, 2026
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

impact:testing Affects testing type:documentation Improvements or additions to documentation

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kat-perez @codecov-commenter