Re: [PATCH v2 1/4] powerpc/powernv: Add OPAL API interface to access secure variable

[PATCH v2 0/4] powerpc: expose secure variables to the kernel and userspace · Nayna Jain <nayna@linux.ibm.com> · 2019-08-21
[PATCH v2 1/4] powerpc/powernv: Add OPAL API interface to access secure variable · Nayna Jain <nayna@linux.ibm.com> · 2019-08-21
Re: [PATCH v2 1/4] powerpc/powernv: Add OPAL API interface to access secure variable · Oliver O'Halloran <oohall@gmail.com> · 2019-08-22
Re: [PATCH v2 1/4] powerpc/powernv: Add OPAL API interface to access secure variable · "Oliver O'Halloran" <oohall@gmail.com> · 2019-08-22
[PATCH v2 2/4] powerpc: expose secure variables to userspace via sysfs · Nayna Jain <nayna@linux.ibm.com> · 2019-08-21
Re: [PATCH v2 2/4] powerpc: expose secure variables to userspace via sysfs · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2019-08-21
Re: [PATCH v2 2/4] powerpc: expose secure variables to userspace via sysfs · Nayna <hidden> · 2019-08-26
Re: [PATCH v2 2/4] powerpc: expose secure variables to userspace via sysfs · Oliver O'Halloran <oohall@gmail.com> · 2019-08-22
Re: [PATCH v2 2/4] powerpc: expose secure variables to userspace via sysfs · Nayna <hidden> · 2019-08-26
[PATCH v2 3/4] x86/efi: move common keyring handler functions to new file · Nayna Jain <nayna@linux.ibm.com> · 2019-08-21
Re: [PATCH v2 3/4] x86/efi: move common keyring handler functions to new file · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2019-08-21
[PATCH v2 4/4] powerpc: load firmware trusted keys into kernel keyring · Nayna Jain <nayna@linux.ibm.com> · 2019-08-21
Re: [PATCH v2 4/4] powerpc: load firmware trusted keys into kernel keyring · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2019-08-21

From: "Oliver O'Halloran" <oohall@gmail.com>
Date: 2019-08-22 05:41:31
Also in: linux-efi, linux-integrity, lkml

On Thu, Aug 22, 2019 at 3:02 PM Oliver O'Halloran [off-list ref] wrote:

On Wed, 2019-08-21 at 11:08 -0400, Nayna Jain wrote:

quoted

diff --git a/arch/powerpc/platforms/powernv/opal.c b/arch/powerpc/platforms/powernv/opal.c
index aba443be7daa..ffe6f1cf0830 100644
--- a/arch/powerpc/platforms/powernv/opal.c
+++ b/arch/powerpc/platforms/powernv/opal.c

@@ -32,6 +32,8 @@
 #include <asm/mce.h>
 #include <asm/imc-pmu.h>
 #include <asm/bug.h>
+#include <asm/secvar.h>
+#include <asm/secboot.h>

 #include "powernv.h"

@@ -988,6 +990,9 @@ static int __init opal_init(void)
      /* Initialise OPAL Power control interface */
      opal_power_control_init();

+     if (is_powerpc_secvar_supported())
+             secvar_init();
+

The usual pattern here is to have the init function check for support
internally.

Also, is_powerpc_secvar_supported() doesn't appear to be defined
anywhere. Is that supposed to be is_opal_secvar_supported()? Or is this
series supposed to be applied on top of another series?

To answer my own question, yes it depends on the series at [1] which
adds IMA support. Turns out actually reading the cover letter helps,
who knew.

That said, I'm still not entirely sure about this. The implementation
of is_powerpc_secvar_supported() in [2] parses the DT and seems to
assume the DT bindings that OPAL produces. Are those common with the
DT bindings produced by OF when running on pseries?

[1] http://patchwork.ozlabs.org/project/linuxppc-dev/list/?series=125961
[2] http://patchwork.ozlabs.org/patch/1149257/

quoted

      return 0;
 }
 machine_subsys_initcall(powernv, opal_init);

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help