From: Nayna Jain
The Platform Keystore provides a signed update interface which can be used
to create, replace or append to certain variables in the PKS in a secure
fashion, with the hypervisor requiring that the update be signed using the
Platform Key.
Implement an interface to the H_PKS_SIGNED
On Tue, 2022-12-20 at 18:16 +1100, Andrew Donnellan wrote:
> From: Nayna Jain
>
> The Platform Keystore provides a signed update interface which can be
> used
> to create, replace or append to certain variables in the PKS in a
> secure
> fashion, with the hypervisor requiring that the update be s
On Wed, 2023-01-04 at 15:04 +1100, Russell Currey wrote:
> > + if (!rc) {
> > + rc = plpks_confirm_object_flushed(label, auth);
> > + rc = pseries_status_to_err(rc);
>
> Doesn't plpks_confirm_object_flushed() already return a Linux-
> friendly
> error code? If I'
Andrew Donnellan writes:
> From: Nayna Jain
>
> The Platform Keystore provides a signed update interface which can be used
> to create, replace or append to certain variables in the PKS in a secure
> fashion, with the hypervisor requiring that the update be signed using the
> Platform Key.
>
> Im
On Fri, 2023-01-06 at 21:54 +1100, Michael Ellerman wrote:
> > +int plpks_signed_update_var(struct plpks_var var, u64 flags)
> > +{
>
> I don't see a reason why var is passed by value here? A pointer would
> be
> more typical.
Will change.
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.