[PATCH v9 0/4] powerpc: expose secure variables to the kernel and userspace

Michael Ellerman mpe at ellerman.id.au
Tue Nov 12 12:21:00 AEDT 2019


Lakshmi Ramasubramanian <nramas at linux.microsoft.com> writes:
> On 11/10/19 7:10 PM, Nayna Jain wrote:
>
> Hi Nayna,
>
>> In order to verify the OS kernel on PowerNV systems, secure boot requires
>> X.509 certificates trusted by the platform. These are stored in secure
>> variables controlled by OPAL, called OPAL secure variables. In order to
>> enable users to manage the keys, the secure variables need to be exposed
>> to userspace.
> Are you planning to split the patches in this patch set into smaller 
> chunks so that it is easier to code review and also perhaps make it 
> easier when merging the changes?

I don't think splitting them would add any value. They're already split
into the firmware specific bits (patch 1), and the sysfs parts (patch
2), which is sufficient for me.

cheers


More information about the Linuxppc-dev mailing list