From: Andrew Donnellan <ajd@linux.ibm.com>
To: linuxppc-dev@lists.ozlabs.org, linux-integrity@vger.kernel.org
Cc: sudhakar@linux.ibm.com, erichte@linux.ibm.com,
gregkh@linuxfoundation.org, nayna@linux.ibm.com,
npiggin@gmail.com, linux-kernel@vger.kernel.org,
zohar@linux.ibm.com, gjoyce@linux.ibm.com, ruscur@russell.cc,
joel@jms.id.au, bgray@linux.ibm.com, brking@linux.ibm.com,
gcwilson@linux.ibm.com, stefanb@linux.ibm.com
Subject: [PATCH v5 08/25] powerpc/secvar: Handle max object size in the consumer
Date: Tue, 31 Jan 2023 17:39:11 +1100 [thread overview]
Message-ID: <20230131063928.388035-9-ajd@linux.ibm.com> (raw)
In-Reply-To: <20230131063928.388035-1-ajd@linux.ibm.com>
From: Russell Currey <ruscur@russell.cc>
Currently the max object size is handled in the core secvar code with an
entirely OPAL-specific implementation, so create a new max_size() op and
move the existing implementation into the powernv platform. Should be
no functional change.
Signed-off-by: Russell Currey <ruscur@russell.cc>
Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com>
---
v3: Change uint64_t type to u64 (mpe)
v4: Return immediately if node is NULL (gjoyce)
---
arch/powerpc/include/asm/secvar.h | 1 +
arch/powerpc/kernel/secvar-sysfs.c | 17 +++------------
arch/powerpc/platforms/powernv/opal-secvar.c | 22 ++++++++++++++++++++
3 files changed, 26 insertions(+), 14 deletions(-)
diff --git a/arch/powerpc/include/asm/secvar.h b/arch/powerpc/include/asm/secvar.h
index 1a2c696a48ad..bf396215903d 100644
--- a/arch/powerpc/include/asm/secvar.h
+++ b/arch/powerpc/include/asm/secvar.h
@@ -18,6 +18,7 @@ struct secvar_operations {
int (*get_next)(const char *key, u64 *key_len, u64 keybufsize);
int (*set)(const char *key, u64 key_len, u8 *data, u64 data_size);
ssize_t (*format)(char *buf, size_t bufsize);
+ int (*max_size)(u64 *max_size);
};
#ifdef CONFIG_PPC_SECURE_BOOT
diff --git a/arch/powerpc/kernel/secvar-sysfs.c b/arch/powerpc/kernel/secvar-sysfs.c
index e4661559c855..0966806f28c7 100644
--- a/arch/powerpc/kernel/secvar-sysfs.c
+++ b/arch/powerpc/kernel/secvar-sysfs.c
@@ -132,27 +132,16 @@ static struct kobj_type secvar_ktype = {
static int update_kobj_size(void)
{
- struct device_node *node;
u64 varsize;
- int rc = 0;
+ int rc = secvar_ops->max_size(&varsize);
- node = of_find_compatible_node(NULL, NULL, "ibm,secvar-backend");
- if (!of_device_is_available(node)) {
- rc = -ENODEV;
- goto out;
- }
-
- rc = of_property_read_u64(node, "max-var-size", &varsize);
if (rc)
- goto out;
+ return rc;
data_attr.size = varsize;
update_attr.size = varsize;
-out:
- of_node_put(node);
-
- return rc;
+ return 0;
}
static int secvar_sysfs_load(void)
diff --git a/arch/powerpc/platforms/powernv/opal-secvar.c b/arch/powerpc/platforms/powernv/opal-secvar.c
index e33bb703ecbc..a8436bf35e2f 100644
--- a/arch/powerpc/platforms/powernv/opal-secvar.c
+++ b/arch/powerpc/platforms/powernv/opal-secvar.c
@@ -122,11 +122,33 @@ static ssize_t opal_secvar_format(char *buf, size_t bufsize)
return rc;
}
+static int opal_secvar_max_size(u64 *max_size)
+{
+ int rc;
+ struct device_node *node;
+
+ node = of_find_compatible_node(NULL, NULL, "ibm,secvar-backend");
+ if (!node)
+ return -ENODEV;
+
+ if (!of_device_is_available(node)) {
+ rc = -ENODEV;
+ goto out;
+ }
+
+ rc = of_property_read_u64(node, "max-var-size", max_size);
+
+out:
+ of_node_put(node);
+ return rc;
+}
+
static const struct secvar_operations opal_secvar_ops = {
.get = opal_get_variable,
.get_next = opal_get_next_variable,
.set = opal_set_variable,
.format = opal_secvar_format,
+ .max_size = opal_secvar_max_size,
};
static int opal_secvar_probe(struct platform_device *pdev)
--
2.39.1
next prev parent reply other threads:[~2023-01-31 7:01 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-31 6:39 [PATCH v5 00/25] pSeries dynamic secure boot secvar interface + platform keyring loading Andrew Donnellan
2023-01-31 6:39 ` [PATCH v5 01/25] powerpc/pseries: Fix handling of PLPKS object flushing timeout Andrew Donnellan
2023-01-31 6:39 ` [PATCH v5 02/25] powerpc/pseries: Fix alignment of PLPKS structures and buffers Andrew Donnellan
2023-01-31 6:39 ` [PATCH v5 03/25] powerpc/secvar: Fix incorrect return in secvar_sysfs_load() Andrew Donnellan
2023-01-31 15:18 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 04/25] powerpc/secvar: Use u64 in secvar_operations Andrew Donnellan
2023-01-31 6:39 ` [PATCH v5 05/25] powerpc/secvar: Warn and error if multiple secvar ops are set Andrew Donnellan
2023-01-31 14:48 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 06/25] powerpc/secvar: Use sysfs_emit() instead of sprintf() Andrew Donnellan
2023-01-31 15:20 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 07/25] powerpc/secvar: Handle format string in the consumer Andrew Donnellan
2023-01-31 15:23 ` Stefan Berger
2023-01-31 6:39 ` Andrew Donnellan [this message]
2023-01-31 15:26 ` [PATCH v5 08/25] powerpc/secvar: Handle max object size " Stefan Berger
2023-01-31 6:39 ` [PATCH v5 09/25] powerpc/secvar: Clean up init error messages Andrew Donnellan
2023-01-31 15:45 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 10/25] powerpc/secvar: Extend sysfs to include config vars Andrew Donnellan
2023-01-31 15:49 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 11/25] powerpc/secvar: Allow backend to populate static list of variable names Andrew Donnellan
2023-01-31 15:54 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 12/25] powerpc/secvar: Warn when PAGE_SIZE is smaller than max object size Andrew Donnellan
2023-01-31 15:57 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 13/25] powerpc/secvar: Don't print error on ENOENT when reading variables Andrew Donnellan
2023-01-31 15:58 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 14/25] powerpc/pseries: Move plpks.h to include directory Andrew Donnellan
2023-01-31 15:59 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 15/25] powerpc/pseries: Move PLPKS constants to header file Andrew Donnellan
2023-01-31 16:07 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 16/25] powerpc/pseries: Expose PLPKS config values, support additional fields Andrew Donnellan
2023-01-31 16:13 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 17/25] powerpc/pseries: Implement signed update for PLPKS objects Andrew Donnellan
2023-01-31 16:30 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 18/25] powerpc/pseries: Log hcall return codes for PLPKS debug Andrew Donnellan
2023-01-31 16:31 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 19/25] powerpc/pseries: Make caller pass buffer to plpks_read_var() Andrew Donnellan
2023-01-31 16:38 ` Stefan Berger
2023-02-07 5:25 ` Andrew Donnellan
2023-01-31 6:39 ` [PATCH v5 20/25] powerpc/pseries: Turn PSERIES_PLPKS into a hidden option Andrew Donnellan
2023-01-31 16:40 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 21/25] powerpc/pseries: Add helper to get PLPKS password length Andrew Donnellan
2023-01-31 16:42 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 22/25] powerpc/pseries: Pass PLPKS password on kexec Andrew Donnellan
2023-01-31 16:52 ` Stefan Berger
2023-01-31 6:39 ` [PATCH v5 23/25] powerpc/pseries: Implement secvars for dynamic secure boot Andrew Donnellan
2023-01-31 17:11 ` Stefan Berger
2023-02-01 6:32 ` Andrew Donnellan
2023-01-31 6:39 ` [PATCH v5 24/25] integrity/powerpc: Improve error handling & reporting when loading certs Andrew Donnellan
2023-01-31 6:39 ` [PATCH v5 25/25] integrity/powerpc: Support loading keys from PLPKS Andrew Donnellan
2023-01-31 17:17 ` Stefan Berger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230131063928.388035-9-ajd@linux.ibm.com \
--to=ajd@linux.ibm.com \
--cc=bgray@linux.ibm.com \
--cc=brking@linux.ibm.com \
--cc=erichte@linux.ibm.com \
--cc=gcwilson@linux.ibm.com \
--cc=gjoyce@linux.ibm.com \
--cc=gregkh@linuxfoundation.org \
--cc=joel@jms.id.au \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=nayna@linux.ibm.com \
--cc=npiggin@gmail.com \
--cc=ruscur@russell.cc \
--cc=stefanb@linux.ibm.com \
--cc=sudhakar@linux.ibm.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).