| Message ID | 20230131063928.388035-11-ajd@linux.ibm.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp2592932wrn;
Mon, 30 Jan 2023 22:41:27 -0800 (PST)
X-Google-Smtp-Source:
AK7set9UNF79CqAd2p6rb8/Us49pBS5UT98r6L5IAakBgN2KkJhIhPQyeqGVTglFxhsu/YssDEr+
X-Received: by 2002:a17:902:f54d:b0:196:843c:cfb4 with SMTP id
h13-20020a170902f54d00b00196843ccfb4mr8060562plf.50.1675147287285;
Mon, 30 Jan 2023 22:41:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1675147287; cv=none;
d=google.com; s=arc-20160816;
b=pBI8U7swqoxfz5I1Y/xkR/NtLI2I/F5afMwefxCmZyQzbzIbhsbh4rSuS3wKCQtaab
pg5Mlz0R2gxvGNQMV3YvEuO0onygd87cnK96KdlMyTPl0dGOrYLOZ1hK+QDZx/19XzSv
IHqh8Cc82FP6Qf/p7YGyAbP9nw8g0Qr/RHcUwblT+dFN7fCsus2FOK8EBS2SGGoQpULj
gblAhyNijs9D+NNzJPmqBEOhGBACNnfwoityCYJZLWGlmjwBH2lk2XwUaRty1GU2rzEb
IB3tXLInfUank3gxTsdtjCCx4SZeMl6MhopBk0YR5CrOlJx/9m39Rj9MfA16Zlxy+tPC
61Bg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:references:in-reply-to:message-id:date:subject:cc:to:from
:dkim-signature;
bh=4oWH3qpstXeHr4acsnSVSUeHlbaqgZ1m/OrhmxK/Oo4=;
b=zp3ePO0fjGYFzgRVCcTKjjgW2k3GSQ09VkPgG1TZH03OHVU8SLV3dIjExtQTl6fDro
3QRGTV9JwRrHADlaCXt7aO9ngvkiLSZ3h5fd6F5/zMItp06Uqzln+YQx/QLoAqJ82WWG
v55bND7vij3zRKaVjof6ocEfpjqPWTaEy1XYpv0rsPmTV6fSArsZHbWV+xXOQH4QvTQU
CDL1cQUS8Okbi0S71Wd2HVIT7AjQVypX8YRZpIVx2wrRoPHr8ZVun3hOnQ9suei/PBEM
IiV4wsAy1ADKVUSjQkyFZGtGV0itz/krpC45k0uZer9cd+096WMPlbjgYFHDYMHNSYU1
REmw==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@ibm.com header.s=pp1 header.b=VbdhO3w0;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
v15-20020a63bf0f000000b004b2317cd02fsi15167243pgf.582.2023.01.30.22.41.14;
Mon, 30 Jan 2023 22:41:27 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@ibm.com header.s=pp1 header.b=VbdhO3w0;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S230461AbjAaGkh (ORCPT <rfc822;maxin.john@gmail.com> + 99 others);
Tue, 31 Jan 2023 01:40:37 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35802 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S230215AbjAaGkZ (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 31 Jan 2023 01:40:25 -0500
Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com
[148.163.156.1])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B20153D926;
Mon, 30 Jan 2023 22:40:23 -0800 (PST)
Received: from pps.filterd (m0098404.ppops.net [127.0.0.1])
by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id
30V6EWoP004518;
Tue, 31 Jan 2023 06:40:15 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com;
h=from : to : cc : subject
: date : message-id : in-reply-to : references : mime-version :
content-transfer-encoding; s=pp1;
bh=4oWH3qpstXeHr4acsnSVSUeHlbaqgZ1m/OrhmxK/Oo4=;
b=VbdhO3w02fHG82RvcBXjkqVCbCPNRIFpZD21lw9Ls1fe6V0LGu4fN5zhkF1pz5deEErb
aKrv4/C6gzMBoSnbTCAkb44tNHkXRVaiC93PLkrf9mylvgpotavupCvPrLFB5eAAURu7
ZDAs0vHyvQQRylFlofuZJKw1VywzL6GooYxiynJ1fQRDCZvYlf366AHtSlnEXNBPa2E7
33YHYwSEloFM5+j3Ybr6L6lzUkQvL2kpOYldimKvJ2FcZMJq2r0XaYjzWdQ5BLZVh/Qn
+jHCx4oVL3Eek5Tvj3u/ML6mG0CDJWnObbOdpRkFjvzwDeMGvOZxsvnzMj5kARJhKrWI Ew==
Received: from pps.reinject (localhost [127.0.0.1])
by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3newhm0frj-1
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256
verify=NOT);
Tue, 31 Jan 2023 06:40:15 +0000
Received: from m0098404.ppops.net (m0098404.ppops.net [127.0.0.1])
by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 30V6eE2d019555;
Tue, 31 Jan 2023 06:40:14 GMT
Received: from ppma05fra.de.ibm.com (6c.4a.5195.ip4.static.sl-reverse.com
[149.81.74.108])
by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3newhm0fqj-1
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256
verify=NOT);
Tue, 31 Jan 2023 06:40:14 +0000
Received: from pps.filterd (ppma05fra.de.ibm.com [127.0.0.1])
by ppma05fra.de.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id
30ULAuqm009758;
Tue, 31 Jan 2023 06:40:12 GMT
Received: from smtprelay03.fra02v.mail.ibm.com ([9.218.2.224])
by ppma05fra.de.ibm.com (PPS) with ESMTPS id 3ncvt7j7gm-1
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256
verify=NOT);
Tue, 31 Jan 2023 06:40:12 +0000
Received: from smtpav01.fra02v.mail.ibm.com (smtpav01.fra02v.mail.ibm.com
[10.20.54.100])
by smtprelay03.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with
ESMTP id 30V6e9ci26476822
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256
verify=OK);
Tue, 31 Jan 2023 06:40:09 GMT
Received: from smtpav01.fra02v.mail.ibm.com (unknown [127.0.0.1])
by IMSVA (Postfix) with ESMTP id 5E0F720040;
Tue, 31 Jan 2023 06:40:09 +0000 (GMT)
Received: from smtpav01.fra02v.mail.ibm.com (unknown [127.0.0.1])
by IMSVA (Postfix) with ESMTP id 6042120043;
Tue, 31 Jan 2023 06:40:08 +0000 (GMT)
Received: from ozlabs.au.ibm.com (unknown [9.192.253.14])
by smtpav01.fra02v.mail.ibm.com (Postfix) with ESMTP;
Tue, 31 Jan 2023 06:40:08 +0000 (GMT)
Received: from jarvis-ozlabs-ibm-com.au.ibm.com (unknown [9.192.255.228])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ozlabs.au.ibm.com (Postfix) with ESMTPSA id 7D026606E7;
Tue, 31 Jan 2023 17:40:04 +1100 (AEDT)
From: Andrew Donnellan <ajd@linux.ibm.com>
To: linuxppc-dev@lists.ozlabs.org, linux-integrity@vger.kernel.org
Cc: ruscur@russell.cc, bgray@linux.ibm.com, nayna@linux.ibm.com,
gcwilson@linux.ibm.com, gjoyce@linux.ibm.com, brking@linux.ibm.com,
stefanb@linux.ibm.com, sudhakar@linux.ibm.com,
erichte@linux.ibm.com, gregkh@linuxfoundation.org,
linux-kernel@vger.kernel.org, zohar@linux.ibm.com, joel@jms.id.au,
npiggin@gmail.com
Subject: [PATCH v5 10/25] powerpc/secvar: Extend sysfs to include config vars
Date: Tue, 31 Jan 2023 17:39:13 +1100
Message-Id: <20230131063928.388035-11-ajd@linux.ibm.com>
X-Mailer: git-send-email 2.39.1
In-Reply-To: <20230131063928.388035-1-ajd@linux.ibm.com>
References: <20230131063928.388035-1-ajd@linux.ibm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-TM-AS-GCONF: 00
X-Proofpoint-ORIG-GUID: ILZRmJR5aEbgic7mJ0Vugi7o9xu_KbvC
X-Proofpoint-GUID: AAgWl_93T7sh_q0ZeQLHAOqkrIpX23Yy
X-Proofpoint-Virus-Version: vendor=baseguard
engine=ICAP:2.0.219,Aquarius:18.0.930,Hydra:6.0.562,FMLib:17.11.122.1
definitions=2023-01-31_02,2023-01-30_01,2022-06-22_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0
clxscore=1015 impostorscore=0
suspectscore=0 mlxlogscore=999 lowpriorityscore=0 adultscore=0 spamscore=0
priorityscore=1501 mlxscore=0 bulkscore=0 malwarescore=0 phishscore=0
classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000
definitions=main-2301310059
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1756519241949433791?=
X-GMAIL-MSGID: =?utf-8?q?1756519241949433791?=
|
| Series |
pSeries dynamic secure boot secvar interface + platform keyring loading
|
|
Commit Message
Andrew Donnellan
Jan. 31, 2023, 6:39 a.m. UTC
From: Russell Currey <ruscur@russell.cc> The forthcoming pseries consumer of the secvar API wants to expose a number of config variables. Allowing secvar implementations to provide their own sysfs attributes makes it easy for consumers to expose what they need to. This is not being used by the OPAL secvar implementation at present, and the config directory will not be created if no attributes are set. Signed-off-by: Russell Currey <ruscur@russell.cc> Co-developed-by: Andrew Donnellan <ajd@linux.ibm.com> Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com> --- v3: Remove unnecessary "secvar:" prefix from error messages (ajd) Merge config attributes into secvar_operations (mpe) --- arch/powerpc/include/asm/secvar.h | 2 ++ arch/powerpc/kernel/secvar-sysfs.c | 33 +++++++++++++++++++++++++----- 2 files changed, 30 insertions(+), 5 deletions(-)
Comments
On 1/31/23 01:39, Andrew Donnellan wrote: > From: Russell Currey <ruscur@russell.cc> > > The forthcoming pseries consumer of the secvar API wants to expose a > number of config variables. Allowing secvar implementations to provide > their own sysfs attributes makes it easy for consumers to expose what > they need to. > > This is not being used by the OPAL secvar implementation at present, and > the config directory will not be created if no attributes are set. > > Signed-off-by: Russell Currey <ruscur@russell.cc> > Co-developed-by: Andrew Donnellan <ajd@linux.ibm.com> > Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> > > --- > > v3: Remove unnecessary "secvar:" prefix from error messages (ajd) > > Merge config attributes into secvar_operations (mpe) > --- > arch/powerpc/include/asm/secvar.h | 2 ++ > arch/powerpc/kernel/secvar-sysfs.c | 33 +++++++++++++++++++++++++----- > 2 files changed, 30 insertions(+), 5 deletions(-) > > diff --git a/arch/powerpc/include/asm/secvar.h b/arch/powerpc/include/asm/secvar.h > index bf396215903d..011a53a8076c 100644 > --- a/arch/powerpc/include/asm/secvar.h > +++ b/arch/powerpc/include/asm/secvar.h > @@ -10,6 +10,7 @@ > > #include <linux/types.h> > #include <linux/errno.h> > +#include <linux/sysfs.h> > > extern const struct secvar_operations *secvar_ops; > > @@ -19,6 +20,7 @@ struct secvar_operations { > int (*set)(const char *key, u64 key_len, u8 *data, u64 data_size); > ssize_t (*format)(char *buf, size_t bufsize); > int (*max_size)(u64 *max_size); > + const struct attribute **config_attrs; > }; > > #ifdef CONFIG_PPC_SECURE_BOOT > diff --git a/arch/powerpc/kernel/secvar-sysfs.c b/arch/powerpc/kernel/secvar-sysfs.c > index 8f3deff94009..7df32be86507 100644 > --- a/arch/powerpc/kernel/secvar-sysfs.c > +++ b/arch/powerpc/kernel/secvar-sysfs.c > @@ -144,6 +144,19 @@ static int update_kobj_size(void) > return 0; > } > > +static int secvar_sysfs_config(struct kobject *kobj) > +{ > + struct attribute_group config_group = { > + .name = "config", > + .attrs = (struct attribute **)secvar_ops->config_attrs, > + }; > + > + if (secvar_ops->config_attrs) > + return sysfs_create_group(kobj, &config_group); > + > + return 0; > +} > + > static int secvar_sysfs_load(void) > { > struct kobject *kobj; > @@ -208,26 +221,36 @@ static int secvar_sysfs_init(void) > > rc = sysfs_create_file(secvar_kobj, &format_attr.attr); > if (rc) { > - kobject_put(secvar_kobj); > - return -ENOMEM; > + pr_err("Failed to create format object\n"); > + rc = -ENOMEM; > + goto err; > } > > secvar_kset = kset_create_and_add("vars", NULL, secvar_kobj); > if (!secvar_kset) { > pr_err("sysfs kobject registration failed\n"); > - kobject_put(secvar_kobj); > - return -ENOMEM; > + rc = -ENOMEM; > + goto err; > } > > rc = update_kobj_size(); > if (rc) { > pr_err("Cannot read the size of the attribute\n"); > - return rc; > + goto err; > + } > + > + rc = secvar_sysfs_config(secvar_kobj); > + if (rc) { > + pr_err("Failed to create config directory\n"); > + goto err; > } > > secvar_sysfs_load(); > > return 0; > +err: > + kobject_put(secvar_kobj); > + return rc; > } > > late_initcall(secvar_sysfs_init);
diff --git a/arch/powerpc/include/asm/secvar.h b/arch/powerpc/include/asm/secvar.h index bf396215903d..011a53a8076c 100644 --- a/arch/powerpc/include/asm/secvar.h +++ b/arch/powerpc/include/asm/secvar.h @@ -10,6 +10,7 @@ #include <linux/types.h> #include <linux/errno.h> +#include <linux/sysfs.h> extern const struct secvar_operations *secvar_ops; @@ -19,6 +20,7 @@ struct secvar_operations { int (*set)(const char *key, u64 key_len, u8 *data, u64 data_size); ssize_t (*format)(char *buf, size_t bufsize); int (*max_size)(u64 *max_size); + const struct attribute **config_attrs; }; #ifdef CONFIG_PPC_SECURE_BOOT diff --git a/arch/powerpc/kernel/secvar-sysfs.c b/arch/powerpc/kernel/secvar-sysfs.c index 8f3deff94009..7df32be86507 100644 --- a/arch/powerpc/kernel/secvar-sysfs.c +++ b/arch/powerpc/kernel/secvar-sysfs.c @@ -144,6 +144,19 @@ static int update_kobj_size(void) return 0; } +static int secvar_sysfs_config(struct kobject *kobj) +{ + struct attribute_group config_group = { + .name = "config", + .attrs = (struct attribute **)secvar_ops->config_attrs, + }; + + if (secvar_ops->config_attrs) + return sysfs_create_group(kobj, &config_group); + + return 0; +} + static int secvar_sysfs_load(void) { struct kobject *kobj; @@ -208,26 +221,36 @@ static int secvar_sysfs_init(void) rc = sysfs_create_file(secvar_kobj, &format_attr.attr); if (rc) { - kobject_put(secvar_kobj); - return -ENOMEM; + pr_err("Failed to create format object\n"); + rc = -ENOMEM; + goto err; } secvar_kset = kset_create_and_add("vars", NULL, secvar_kobj); if (!secvar_kset) { pr_err("sysfs kobject registration failed\n"); - kobject_put(secvar_kobj); - return -ENOMEM; + rc = -ENOMEM; + goto err; } rc = update_kobj_size(); if (rc) { pr_err("Cannot read the size of the attribute\n"); - return rc; + goto err; + } + + rc = secvar_sysfs_config(secvar_kobj); + if (rc) { + pr_err("Failed to create config directory\n"); + goto err; } secvar_sysfs_load(); return 0; +err: + kobject_put(secvar_kobj); + return rc; } late_initcall(secvar_sysfs_init);