On 4/30/25 5:03 AM, Srish Srinivasan wrote:
On a PLPKS enabled PowerVM LPAR, the secvar format property for static
key management is misrepresented as "ibm,plpks-sb-unknown", creating
reason for confusion.
Static key management mode uses fixed, built-in keys. Dynamic key
management mode allows
On 4/30/25 5:03 AM, Srish Srinivasan wrote:
The PLPKS enabled PowerVM LPAR sysfs exposes all of the secure boot
secvars irrespective of the key management mode.
The PowerVM LPAR supports static and dynamic key management for secure
boot. The key management option can be updated in the manageme
On 4/30/25 5:03 AM, Srish Srinivasan wrote:
On PLPKS enabled PowerVM LPAR, there is no provision to load signed
third-party kernel modules when the key management mode is static. This
is because keys from secure boot secvars are only loaded when the key
management mode is dynamic.
Allow loadin
The kmalloc failure message is just noise. Remove it and
replace -EFAULT with -ENOMEM as standard for out of memory
allocation error returns.
Signed-off-by: Colin Ian King
---
V1: remove trailing space after \n
V2: remove entire message, originally just removed a trailing space
V3: replace -EFAU
On PLPKS enabled PowerVM LPAR, there is no provision to load signed
third-party kernel modules when the key management mode is static. This
is because keys from secure boot secvars are only loaded when the key
management mode is dynamic.
Allow loading of the trustedcadb and moduledb keys even in t
On a PLPKS enabled PowerVM LPAR, the secvar format property for static
key management is misrepresented as "ibm,plpks-sb-unknown", creating
reason for confusion.
Static key management mode uses fixed, built-in keys. Dynamic key
management mode allows keys to be updated in production to handle
secu
The PLPKS enabled PowerVM LPAR sysfs exposes all of the secure boot
secvars irrespective of the key management mode.
The PowerVM LPAR supports static and dynamic key management for secure
boot. The key management option can be updated in the management
console. Only in the dynamic key mode can the
The PLPKS enabled Power LPAR sysfs exposes all of the secure boot secure
variables irrespective of the key management mode. There is support for
both static and dynamic key management and the key management mode can
be updated using the management console. The user can modify the secure
boot secvar
On 4/30/25 10:32 AM, Jarkko Sakkinen wrote:
On Tue, Apr 29, 2025 at 05:15:17PM -0500, Stuart Yoder wrote:
Fix the comment for the 'start' function, which was a cut/paste
mistake for a different function.
Signed-off-by: Stuart Yoder
---
drivers/char/tpm/tpm_crb_ffa.c | 3 ++-
1 file chang
On Wed, Apr 30, 2025 at 09:34:35AM +0100, Colin Ian King wrote:
> The kmalloc failure message is just noise. Remove it and
> replace -EFAULT with -ENOMEM as standard for out of memory
> allocation error returns.
>
> Signed-off-by: Colin Ian King
> ---
> V1: remove trailing space after \n
> V2: re
On Tue, Apr 29, 2025 at 05:15:17PM -0500, Stuart Yoder wrote:
> Fix the comment for the 'start' function, which was a cut/paste
> mistake for a different function.
>
> Signed-off-by: Stuart Yoder
> ---
> drivers/char/tpm/tpm_crb_ffa.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
On Mon, Apr 14, 2025 at 04:56:50PM +0200, Stefano Garzarella wrote:
> From: Stefano Garzarella
>
> In preparation for the next commit, add a new `buf_size` parameter to
> the `.send` callback in `tpm_class_ops` which contains the entire buffer
> size. In this patch it is pretty much ignored by al
On Mon, Apr 14, 2025 at 04:56:51PM +0200, Stefano Garzarella wrote:
> From: Stefano Garzarella
>
> Some devices do not support interrupts and provide a single synchronous
> operation to send the command and receive the response on the same buffer.
>
> Currently, these types of drivers must use a
On Mon, Apr 14, 2025 at 04:56:52PM +0200, Stefano Garzarella wrote:
> From: Stefano Garzarella
>
> This driver does not support interrupts, and receiving the response is
> synchronous with sending the command.
>
> So we can set TPM_CHIP_FLAG_SYNC to support synchronous send() and
"Enable synchr
-Fix the comment describing the 'start' function, which was a cut/paste
mistake for a different function.
-The comment for DIRECT_REQ and DIRECT_RESP only mentioned AArch32
and listed 32-bit function IDs. Update to include 64-bit.
Signed-off-by: Stuart Yoder
---
v2:
-squashed the two commen
On Mon, Apr 14, 2025 at 04:56:53PM +0200, Stefano Garzarella wrote:
> From: Stefano Garzarella
>
> This driver does not support interrupts, and receiving the response is
> synchronous with sending the command.
>
> So we can set TPM_CHIP_FLAG_SYNC to support synchronous send() and
> return respon
On Tue, Apr 15, 2025 at 07:50:13PM +0100, Yeoreum Yun wrote:
> Instead of pr_xxx() macro, use dev_xxx() to print log.
> This patch changes some error log level to warn log level when
> the tpm_crb_ffa secure partition doesn't support properly but
> system can run without it.
> (i.e) unsupport of di
On Tue, Apr 15, 2025 at 07:50:12PM +0100, Yeoreum Yun wrote:
> For secure partition with multi service, tpm_ffa_crb can access tpm
> service with direct message request v2 interface according to chapter 3.3,
> TPM Service Command Response Buffer Interface Over FF-A specificationi v1.0
> BET.
>
>
On Wed, Apr 30, 2025 at 10:47:23AM -0500, Stuart Yoder wrote:
> -Fix the comment describing the 'start' function, which was a cut/paste
> mistake for a different function.
>
> -The comment for DIRECT_REQ and DIRECT_RESP only mentioned AArch32
> and listed 32-bit function IDs. Update to include
On Wed, Apr 30, 2025 at 10:47:23AM -0500, Stuart Yoder wrote:
> -Fix the comment describing the 'start' function, which was a cut/paste
> mistake for a different function.
>
> -The comment for DIRECT_REQ and DIRECT_RESP only mentioned AArch32
> and listed 32-bit function IDs. Update to include
NAK, sent the wrong patch! Doh.
On 30/04/2025 09:00, Colin Ian King wrote:
The kmalloc failure message is just noise. Remove it and
replace -EFAULT with -ENOMEM as standard for out of memory
allocation error returns.
Signed-off-by: Colin Ian King
---
V1: remove trailing space after \n
V2: rem
The kmalloc failure message is just noise. Remove it and
replace -EFAULT with -ENOMEM as standard for out of memory
allocation error returns.
Signed-off-by: Colin Ian King
---
V1: remove trailing space after \n
V2: remove entire message, originally just removed a trailing space
V3: replace -EFAUL
On Wed, Apr 30, 2025 at 09:34:35AM +0100, Colin Ian King wrote:
> The kmalloc failure message is just noise. Remove it and
> replace -EFAULT with -ENOMEM as standard for out of memory
> allocation error returns.
>
> Signed-off-by: Colin Ian King
> ---
> V1: remove trailing space after \n
> V2: re
23 matches
Mail list logo
