[Skiboot] [PATCH v6a 0/4] Initial secure variable drivers addendum
Eric Richter
erichte at linux.ibm.com
Tue Sep 29 08:06:05 AEST 2020
This is a small set of patches meant to be applied on top of the
previous set, "Add initial secure variable storage and backend
drivers"[1]. This set contains some fixes and adjustments as found from
continued testing.
These patches can be either applied on top of the v6 set, or can be
merged into their respective patches. These patches were sent standalone
to avoid excess mail clutter.
Changes include:
- chunking tss nv reads/writes to allow for larger indices
- increase the NV vars index size, to allow for larger PK certs.
- improvements to the edk2 driver unit test case
- improvements to logging in the edk2 driver
- edk2 driver bug fixes
- fix memory leak in validate_esl_list()
- fixed resetting global setup_mode variable after processing failure
- fixes regarding hardware key hash handling
[1] https://lists.ozlabs.org/pipermail/skiboot/2020-September/017242.html
Eric Richter (2):
tssskiboot.c: chunk reads/writes in 1024-sized buffers to support
larger nv indices
secboot_tpm.c: increase tpmnv vars index size
Nayna Jain (2):
secvar/backend: Bugfixes in edk2 driver
secvar/backend: improve edk2 driver unit testcases
libstb/secvar/backend/edk2-compat-process.c | 24 +-
libstb/secvar/backend/edk2-compat-reset.c | 7 +-
libstb/secvar/backend/edk2-compat.c | 20 +-
libstb/secvar/storage/fakenv_ops.c | 2 +-
libstb/secvar/storage/gen_tpmnv_public_name.c | 2 +-
libstb/secvar/storage/secboot_tpm.c | 8 +-
libstb/secvar/test/data/dbxcert.h | 161 +++++++++++
libstb/secvar/test/secvar-test-edk2-compat.c | 263 +++++++++++++++---
libstb/tss2/tssskiboot.c | 82 ++++--
9 files changed, 484 insertions(+), 85 deletions(-)
create mode 100644 libstb/secvar/test/data/dbxcert.h
--
2.21.1
More information about the Skiboot
mailing list