review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Nayna Jain <nayna@linux.ibm.com>
	Fri, 10 Feb 2023 08:03:52 +0000 (19:03 +1100)
committer	Michael Ellerman <mpe@ellerman.id.au>
	Sun, 12 Feb 2023 11:12:38 +0000 (22:12 +1100)
commit	899d9b8fee66da820eadc60b2a70090eb83db761
tree	f3ef8f030c7b4b3d254c0f703360a91f55b1fa63	tree \| snapshot
parent	119da30d037dced29118fb90afe683ff50313386	commit \| diff

powerpc/pseries: Implement signed update for PLPKS objects

The Platform Keystore provides a signed update interface which can be used
to create, replace or append to certain variables in the PKS in a secure
fashion, with the hypervisor requiring that the update be signed using the
Platform Key.

Implement an interface to the H_PKS_SIGNED_UPDATE hcall in the plpks
driver to allow signed updates to PKS objects.

(The plpks driver doesn't need to do any cryptography or otherwise handle
the actual signed variable contents - that will be handled by userspace
tooling.)

Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
[ajd: split patch, add timeout handling and misc cleanups]
Co-developed-by: Andrew Donnellan <ajd@linux.ibm.com>
Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com>
Signed-off-by: Russell Currey <ruscur@russell.cc>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20230210080401.345462-18-ajd@linux.ibm.com

arch/powerpc/include/asm/hvcall.h		diff \| blob \| history
arch/powerpc/include/asm/plpks.h		diff \| blob \| history
arch/powerpc/platforms/pseries/plpks.c		diff \| blob \| history