On Tue, 2023-01-31 at 18:55 +1000, Nicholas Piggin wrote:
> > > > + var.datalen = 1;
> > > > + var.data = kzalloc(1, GFP_KERNEL);
> > >
> > > This could just point to a u8 on stack I think?
> >
> > Until we get VMAP_STACK and we'll have to switch back.
>
> AFAIKS plpks_read_var does
On Tue Jan 31, 2023 at 12:54 PM AEST, Andrew Donnellan wrote:
> On Tue, 2023-01-24 at 15:17 +1000, Nicholas Piggin wrote:
> > > +static const char * const plpks_var_names[] = {
> > > + "PK",
> > > + "KEK",
> > > + "db",
> > > + "dbx",
> > > + "grubdb",
> > > +
On Tue, 2023-01-31 at 13:54 +1100, Andrew Donnellan wrote:
> > > +{
> > > + // The max object size reported by the hypervisor is
> > > accurate for the
> > > + // object itself, but we use the first 8 bytes of data on
> > > write as the
> > > + // signed update flags, so the max
On Tue, 2023-01-24 at 15:17 +1000, Nicholas Piggin wrote:
> > +static const char * const plpks_var_names[] = {
> > + "PK",
> > + "KEK",
> > + "db",
> > + "dbx",
> > + "grubdb",
> > + "grubdbx",
> > + "sbat",
> > + "moduledb",
> > +
On Fri Jan 20, 2023 at 5:43 PM AEST, Andrew Donnellan wrote:
> From: Russell Currey
>
> The pseries platform can support dynamic secure boot (i.e. secure boot
> using user-defined keys) using variables contained with the PowerVM LPAR
> Platform KeyStore (PLPKS). Using the powerpc secvar API,
From: Russell Currey
The pseries platform can support dynamic secure boot (i.e. secure boot
using user-defined keys) using variables contained with the PowerVM LPAR
Platform KeyStore (PLPKS). Using the powerpc secvar API, expose the
relevant variables for pseries dynamic secure boot through the