powerpc: expose secure variables to userspace via sysfs
authorNayna Jain <nayna@linux.ibm.com>
Mon, 11 Nov 2019 03:10:34 +0000 (21:10 -0600)
committerMichael Ellerman <mpe@ellerman.id.au>
Tue, 12 Nov 2019 13:33:22 +0000 (00:33 +1100)
commitbd5d9c743d38f67d64ea1b512a461f6b5a5f6bec
treeea45af52267b64c35dbc5d7eaf79fa108b1c82bc
parent9155e2341aa8b5df057dc1c77633b33d1a4f17d2
powerpc: expose secure variables to userspace via sysfs

PowerNV secure variables, which store the keys used for OS kernel
verification, are managed by the firmware. These secure variables need to
be accessed by the userspace for addition/deletion of the certificates.

This patch adds the sysfs interface to expose secure variables for PowerNV
secureboot. The users shall use this interface for manipulating
the keys stored in the secure variables.

Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Eric Richter <erichte@linux.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/1573441836-3632-3-git-send-email-nayna@linux.ibm.com
Documentation/ABI/testing/sysfs-secvar [new file with mode: 0644]
arch/powerpc/Kconfig
arch/powerpc/kernel/Makefile
arch/powerpc/kernel/secvar-sysfs.c [new file with mode: 0644]