st skipped on line 266: /dev/papr-vpd not present
Signed-off-by: R Nageswara Sastry
---
tools/testing/selftests/powerpc/papr_vpd/papr_vpd.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/testing/selftests/powerpc/papr_vpd/papr_vpd.c
b/tools/testing/selftests/powerp
On 15/08/23 4:57 pm, Nayna Jain wrote:
Update Kconfig to enable machine keyring and limit to CA certificates
on PowerVM. Only key signing CA keys are allowed.
Signed-off-by: Nayna Jain
Reviewed-and-tested-by: Mimi Zohar
Reviewed-by: Jarkko Sakkinen
Tested with trustedcadb, moduledb scena
On 15/08/23 4:57 pm, Nayna Jain wrote:
On secure boot enabled PowerVM LPAR, third party code signing keys are
needed during early boot to verify signed third party modules. These
third party keys are stored in moduledb object in the Platform
KeyStore (PKS).
Load third party code signing keys
On 15/08/23 4:57 pm, Nayna Jain wrote:
trust_moklist() is specific to UEFI enabled systems. Other platforms
rely only on the Kconfig.
Define a generic wrapper named imputed_trust_enabled().
Signed-off-by: Nayna Jain
Reviewed-off-by: Mimi Zohar
Tested with trustedcadb, moduledb scenarios
On 15/08/23 4:57 pm, Nayna Jain wrote:
trust_mok variable is accessed within a single function locally.
Change trust_mok from global to local static variable.
Signed-off-by: Nayna Jain
Reviewed-and-tested-by: Mimi Zohar
Reviewed-by: Jarkko Sakkinen
Tested with trustedcadb, moduledb sce
On 15/08/23 4:57 pm, Nayna Jain wrote:
On non-UEFI platforms, handle restrict_link_by_ca failures differently.
Certificates which do not satisfy CA restrictions on non-UEFI platforms
are ignored.
Signed-off-by: Nayna Jain
Reviewed-and-tested-by: Mimi Zohar
Acked-by: Jarkko Sakkinen
Tes
On 15/08/23 4:57 pm, Nayna Jain wrote:
Keys that derive their trust from an entity such as a security officer,
administrator, system owner, or machine owner are said to have "imputed
trust". CA keys with imputed trust can be loaded onto the machine keyring.
The mechanism for loading these keys
On 08/06/23 5:34 pm, Nayna Jain wrote:
On PowerVM guest, variable data is prefixed with 8 bytes of timestamp.
Extract ESL by stripping off the timestamp before passing to ESL parser.
Fixes: 4b3e71e9a34c ("integrity/powerpc: Support loading keys from PLPKS")
Cc: sta...@vger.kenrnel.org # v6.3
On 17/05/23 1:19 pm, Michael Ellerman wrote:
Nageswara reported that /proc/self/status was showing "vulnerable" for
the Speculation_Store_Bypass feature on Power10, eg:
$ grep Speculation_Store_Bypass: /proc/self/status
Speculation_Store_Bypass: vulnerable
But at the same time th
On 22/03/23 9:23 am, Russell Currey wrote:
fail_iommu_setup() registers the fail_iommu_bus_notifier struct to both
PCI and VIO buses. struct notifier_block is a linked list node, so this
causes any notifiers later registered to either bus type to also be
registered to the other since they sha
On 05/09/22 10:24 am, Athira Rajeev wrote:
The cpu mask init code in "record__mmap_cpu_mask_init"
function access "bits" array part of "struct mmap_cpu_mask".
The size of this array is the value from cpu__max_cpu().cpu.
This array is used to contain the cpumask value for each
cpu. While settin
On 05/09/22 10:24 am, Athira Rajeev wrote:
The affinity code in "affinity_set" function access array
named "sched_cpus". The size for this array is allocated in
affinity_setup function which is nothing but value from
get_cpu_set_size. This is used to contain the cpumask value
for each cpu. Whi
12 matches
Mail list logo