[RFC PATCH 02/12] powerpc: Add support for adding an ESM blob to the zImage wrapper
Christoph Hellwig
hch at lst.de
Tue May 21 15:13:26 AEST 2019
On Tue, May 21, 2019 at 01:49:02AM -0300, Thiago Jung Bauermann wrote:
> From: Benjamin Herrenschmidt <benh at kernel.crashing.org>
>
> For secure VMs, the signing tool will create a ticket called the "ESM blob"
> for the Enter Secure Mode ultravisor call with the signatures of the kernel
> and initrd among other things.
>
> This adds support to the wrapper script for adding that blob via the "-e"
> option to the zImage.pseries.
>
> It also adds code to the zImage wrapper itself to retrieve and if necessary
> relocate the blob, and pass its address to Linux via the device-tree, to be
> later consumed by prom_init.
Where does the "BLOB" come from? How is it licensed and how can we
satisfy the GPL with it?
More information about the Linuxppc-dev
mailing list