Re: [PATCH v2 7/7] powerpc/pseries: Implement secvars for dynamic secure boot

On Fri, 2023-01-06 at 21:49 +1100, Michael Ellerman wrote: > > > diff --git a/arch/powerpc/platforms/pseries/Kconfig > > b/arch/powerpc/platforms/pseries/Kconfig > > index a3b4d99567cb..94e08c405d50 100644 > > --- a/arch/powerpc/platforms/pseries/Kconfig > > +++ b/arch/powerpc/platforms/pseries/Kc

Re: [PATCH v2 7/7] powerpc/pseries: Implement secvars for dynamic secure boot

On Fri, 2023-01-06 at 21:49 +1100, Michael Ellerman wrote: > > > +static int plpks_get_variable(const char *key, uint64_t key_len, > > + u8 *data, uint64_t *data_size) > > +{ > > +   struct plpks_var var = {0}; > > +   u16 ucs2_namelen; > > +   u8 *ucs2_name

Re: [PATCH v2 7/7] powerpc/pseries: Implement secvars for dynamic secure boot

On Mon, 2023-01-09 at 16:20 +1100, Andrew Donnellan wrote: > On Mon, 2023-01-09 at 14:34 +1100, Russell Currey wrote: > > > > > > +static int plpks_secvar_init(void) > > > > +{ > > > > +   if (!plpks_is_available()) > > > > +   return -ENODEV; > > > > + > > > > +   set_secvar_o

Re: [PATCH v2 7/7] powerpc/pseries: Implement secvars for dynamic secure boot

On Mon, 2023-01-09 at 14:34 +1100, Russell Currey wrote: > > > > +static int plpks_secvar_init(void) > > > +{ > > > +   if (!plpks_is_available()) > > > +   return -ENODEV; > > > + > > > +   set_secvar_ops(&plpks_secvar_ops); > > > +   set_secvar_config_attrs(config_attrs);

Re: [PATCH v2 7/7] powerpc/pseries: Implement secvars for dynamic secure boot

On Fri, 2023-01-06 at 17:49 +1100, Russell Currey wrote: > > > > > + */ > > > > Inconsistent comment style > > True, I'm using // for multi-line comments in other places.  I think > my > brain decided that this one was too long for that, but I'll make the > other multi-line comments similarly ol

Re: [PATCH v2 7/7] powerpc/pseries: Implement secvars for dynamic secure boot

On Fri, 2023-01-06 at 21:49 +1100, Michael Ellerman wrote: > Russell Currey writes: > > The pseries platform can support dynamic secure boot (i.e. secure > > boot > > using user-defined keys) using variables contained with the PowerVM > > LPAR > > Platform KeyStore (PLPKS).  Using the powerpc secv

Re: [PATCH v2 7/7] powerpc/pseries: Implement secvars for dynamic secure boot

On Fri, 2023-01-06 at 21:49 +1100, Michael Ellerman wrote: > > +What:  /sys/firmware/secvar/config/supported_policies > > +Date:  December 2022 > > +Contact:   Nayna Jain > > +Description:   RO file, only present if the secvar implementation > > is PLPKS. > > + > > +   

Re: [PATCH v2 7/7] powerpc/pseries: Implement secvars for dynamic secure boot

Russell Currey writes: > The pseries platform can support dynamic secure boot (i.e. secure boot > using user-defined keys) using variables contained with the PowerVM LPAR > Platform KeyStore (PLPKS). Using the powerpc secvar API, expose the > relevant variables for pseries dynamic secure boot thr

Re: [PATCH v2 7/7] powerpc/pseries: Implement secvars for dynamic secure boot

On Thu, 2023-01-05 at 19:15 +1100, Andrew Donnellan wrote: > On Fri, 2022-12-30 at 15:20 +1100, Russell Currey wrote: > > The pseries platform can support dynamic secure boot (i.e. secure > > boot > > using user-defined keys) using variables contained with the PowerVM > > LPAR > > Platform KeyStore

Re: [PATCH v2 7/7] powerpc/pseries: Implement secvars for dynamic secure boot

On Fri, 2022-12-30 at 15:20 +1100, Russell Currey wrote: > The pseries platform can support dynamic secure boot (i.e. secure > boot > using user-defined keys) using variables contained with the PowerVM > LPAR > Platform KeyStore (PLPKS).  Using the powerpc secvar API, expose the > relevant variable