9155e2341a
The X.509 certificates trusted by the platform and required to secure boot the OS kernel are wrapped in secure variables, which are controlled by OPAL. This patch adds firmware/kernel interface to read and write OPAL secure variables based on the unique key. This support can be enabled using CONFIG_OPAL_SECVAR. Signed-off-by: Claudio Carvalho <cclaudio@linux.ibm.com> Signed-off-by: Nayna Jain <nayna@linux.ibm.com> Signed-off-by: Eric Richter <erichte@linux.ibm.com> [mpe: Make secvar_ops __ro_after_init, only build opal-secvar.c if PPC_SECURE_BOOT=y] Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/1573441836-3632-2-git-send-email-nayna@linux.ibm.com
18 lines
364 B
C
18 lines
364 B
C
// SPDX-License-Identifier: GPL-2.0
|
|
/*
|
|
* Copyright (C) 2019 IBM Corporation
|
|
* Author: Nayna Jain
|
|
*
|
|
* This file initializes secvar operations for PowerPC Secureboot
|
|
*/
|
|
|
|
#include <linux/cache.h>
|
|
#include <asm/secvar.h>
|
|
|
|
const struct secvar_operations *secvar_ops __ro_after_init;
|
|
|
|
void set_secvar_ops(const struct secvar_operations *ops)
|
|
{
|
|
secvar_ops = ops;
|
|
}
|