[PATCH v7 2/4] powerpc: expose secure variables to userspace via sysfs

Greg Kroah-Hartman gregkh at linuxfoundation.org
Thu Nov 7 18:40:28 AEDT 2019


On Wed, Nov 06, 2019 at 10:22:03PM -0600, Eric Richter wrote:
> From: Nayna Jain <nayna at linux.ibm.com>
> 
> PowerNV secure variables, which store the keys used for OS kernel
> verification, are managed by the firmware. These secure variables need to
> be accessed by the userspace for addition/deletion of the certificates.
> 
> This patch adds the sysfs interface to expose secure variables for PowerNV
> secureboot. The users shall use this interface for manipulating
> the keys stored in the secure variables.
> 
> Signed-off-by: Nayna Jain <nayna at linux.ibm.com>
> Reviewed-by: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
> Signed-off-by: Eric Richter <erichte at linux.ibm.com>
> ---
>  Documentation/ABI/testing/sysfs-secvar |  46 +++++
>  arch/powerpc/Kconfig                   |  11 ++
>  arch/powerpc/kernel/Makefile           |   1 +
>  arch/powerpc/kernel/secvar-sysfs.c     | 247 +++++++++++++++++++++++++
>  4 files changed, 305 insertions(+)
>  create mode 100644 Documentation/ABI/testing/sysfs-secvar
>  create mode 100644 arch/powerpc/kernel/secvar-sysfs.c
> 
> diff --git a/Documentation/ABI/testing/sysfs-secvar b/Documentation/ABI/testing/sysfs-secvar
> new file mode 100644
> index 000000000000..911b89cc6957
> --- /dev/null
> +++ b/Documentation/ABI/testing/sysfs-secvar
> @@ -0,0 +1,46 @@
> +What:		/sys/firmware/secvar
> +Date:		August 2019
> +Contact:	Nayna Jain <nayna at linux.ibm.com>
> +Description:	This directory is created if the POWER firmware supports OS
> +		secureboot, thereby secure variables. It exposes interface
> +		for reading/writing the secure variables
> +
> +What:		/sys/firmware/secvar/vars
> +Date:		August 2019
> +Contact:	Nayna Jain <nayna at linux.ibm.com>
> +Description:	This directory lists all the secure variables that are supported
> +		by the firmware.
> +
> +What:		/sys/firmware/secvar/backend
> +Date:		August 2019
> +Contact:	Nayna Jain <nayna at linux.ibm.com>
> +Description:	A string indicating which backend is in use by the firmware.
> +		This determines the format of the variable and the accepted
> +		format of variable updates.
> +
> +What:		/sys/firmware/secvar/vars/<variable name>
> +Date:		August 2019
> +Contact:	Nayna Jain <nayna at linux.ibm.com>
> +Description:	Each secure variable is represented as a directory named as
> +		<variable_name>. The variable name is unique and is in ASCII
> +		representation. The data and size can be determined by reading
> +		their respective attribute files.
> +
> +What:		/sys/firmware/secvar/vars/<variable_name>/size
> +Date:		August 2019
> +Contact:	Nayna Jain <nayna at linux.ibm.com>
> +Description:	An integer representation of the size of the content of the
> +		variable. In other words, it represents the size of the data.
> +
> +What:		/sys/firmware/secvar/vars/<variable_name>/data
> +Date:		August 2019
> +Contact:	Nayna Jain h<nayna at linux.ibm.com>
> +Description:	A read-only file containing the value of the variable. The size
> +		of the file represents the maximum size of the variable data.
> +
> +What:		/sys/firmware/secvar/vars/<variable_name>/update
> +Date:		August 2019
> +Contact:	Nayna Jain <nayna at linux.ibm.com>
> +Description:	A write-only file that is used to submit the new value for the
> +		variable. The size of the file represents the maximum size of
> +		the variable data that can be written.
> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
> index c795039bdc73..cabc091f3fe1 100644
> --- a/arch/powerpc/Kconfig
> +++ b/arch/powerpc/Kconfig
> @@ -945,6 +945,17 @@ config PPC_SECURE_BOOT
>  	  to enable OS secure boot on systems that have firmware support for
>  	  it. If in doubt say N.
>  
> +config PPC_SECVAR_SYSFS
> +	bool "Enable sysfs interface for POWER secure variables"
> +	default y
> +	depends on PPC_SECURE_BOOT
> +	depends on SYSFS
> +	help
> +	  POWER secure variables are managed and controlled by firmware.
> +	  These variables are exposed to userspace via sysfs to enable
> +	  read/write operations on these variables. Say Y if you have
> +	  secure boot enabled and want to expose variables to userspace.
> +
>  endmenu
>  
>  config ISA_DMA_API
> diff --git a/arch/powerpc/kernel/Makefile b/arch/powerpc/kernel/Makefile
> index 3cf26427334f..b216e9f316ee 100644
> --- a/arch/powerpc/kernel/Makefile
> +++ b/arch/powerpc/kernel/Makefile
> @@ -162,6 +162,7 @@ obj-y				+= ucall.o
>  endif
>  
>  obj-$(CONFIG_PPC_SECURE_BOOT)	+= secure_boot.o ima_arch.o secvar-ops.o
> +obj-$(CONFIG_PPC_SECVAR_SYSFS)	+= secvar-sysfs.o
>  
>  # Disable GCOV, KCOV & sanitizers in odd or sensitive code
>  GCOV_PROFILE_prom_init.o := n
> diff --git a/arch/powerpc/kernel/secvar-sysfs.c b/arch/powerpc/kernel/secvar-sysfs.c
> new file mode 100644
> index 000000000000..a3ba58ee4285
> --- /dev/null
> +++ b/arch/powerpc/kernel/secvar-sysfs.c
> @@ -0,0 +1,247 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +/*
> + * Copyright (C) 2019 IBM Corporation <nayna at linux.ibm.com>
> + *
> + * This code exposes secure variables to user via sysfs
> + */
> +
> +#define pr_fmt(fmt) "secvar-sysfs: "fmt
> +
> +#include <linux/slab.h>
> +#include <linux/compat.h>
> +#include <linux/string.h>
> +#include <linux/of.h>
> +#include <asm/secvar.h>
> +
> +#define NAME_MAX_SIZE	   1024
> +
> +static struct kobject *secvar_kobj;
> +static struct kset *secvar_kset;
> +
> +static ssize_t backend_show(struct kobject *kobj, struct kobj_attribute *attr,
> +			    char *buf)
> +{
> +	ssize_t ret = 0;
> +	struct device_node *node;
> +	const char *compatible;
> +
> +	node = of_find_node_by_name(NULL, "secvar");
> +	if (!of_device_is_available(node))
> +		return -ENODEV;
> +
> +	ret = of_property_read_string(node, "compatible", &compatible);
> +	if (ret)
> +		return ret;
> +
> +	ret = sprintf(buf, "%s\n", compatible);
> +
> +	of_node_put(node);
> +
> +	return ret;
> +}
> +
> +
> +static ssize_t size_show(struct kobject *kobj, struct kobj_attribute *attr,
> +			 char *buf)
> +{
> +	uint64_t dsize;
> +	int rc;
> +
> +	rc = secvar_ops->get(kobj->name, strlen(kobj->name) + 1, NULL, &dsize);
> +	if (rc) {
> +		pr_err("Error retrieving variable size %d\n", rc);

For this, and the other errors in the show/store functions, you might
want to print the kobject name as well, so that userspace has a hint as
to what variable is the one having problems.

thanks,

greg k-h


More information about the Linuxppc-dev mailing list