[Skiboot] [PATCH v2 12/12] witherspoon: enable secvar for witherspoon platform
Stefan Berger
stefanb at linux.ibm.com
Thu Jan 23 07:28:34 AEDT 2020
On 1/19/20 9:37 PM, Eric Richter wrote:
> Secure variable support needs to be enabled for each platform, and each
> platform needs to select which storage and backend drivers to use (or
> alternatively implement their own). This patch adds secure variable
> support to the witherspoon platform.
>
> NOTE: This patch includes commented out code to enable "Fake NV" mode,
> intended for review purposes only. To review or test secure variables
> on a non-witherspoon platform, replace this patch with a similar
> one for your given platform with the Fake NV lines uncommented.
>
> Signed-off-by: Eric Richter <erichte at linux.ibm.com>
> ---
> platforms/astbmc/witherspoon.c | 13 +++++++++++++
> 1 file changed, 13 insertions(+)
>
> diff --git a/platforms/astbmc/witherspoon.c b/platforms/astbmc/witherspoon.c
> index c576a176..cbaa9b97 100644
> --- a/platforms/astbmc/witherspoon.c
> +++ b/platforms/astbmc/witherspoon.c
> @@ -17,6 +17,9 @@
> #include <npu2.h>
> #include <occ.h>
> #include <i2c.h>
> +#include <secvar.h>
> +#include "libstb/secvar/secvar_tpmnv.h"
> +#include "libstb/secvar/storage/secboot_tpm.h"
>
> #include "astbmc.h"
> #include "ast.h"
> @@ -506,6 +509,15 @@ static void witherspoon_finalise_dt(bool is_reboot)
> }
> }
>
> +static int witherspoon_secvar_init(void)
> +{
> + // REMOVE THESE TO USE ACTUAL TPM
> +// tpm_fake_nv = 1;
> +// tpm_fake_nv_offset = sizeof(struct secboot);
> +
> + return secvar_main(secboot_tpm_driver, edk2_compatible_v1);
looks like whitespace error here ; use tabs
> +}
> +
> /* The only difference between these is the PCI slot handling */
>
> DECLARE_PLATFORM(witherspoon) = {
> @@ -527,4 +539,5 @@ DECLARE_PLATFORM(witherspoon) = {
> .ocapi = &witherspoon_ocapi,
> .npu2_device_detect = witherspoon_npu2_device_detect,
> .op_display = op_display_lpc,
> + .secvar_init = witherspoon_secvar_init,
> };
More information about the Skiboot
mailing list