Thank you Daniel. > On 11 Aug 2025, at 9:54 PM, Daniel Kiper <dki...@net-space.pl> wrote: > > On Tue, Jul 29, 2025 at 08:21:47PM +0530, Sudhakar Kuppusamy wrote: >> Enhancing the infrastructure to enable the Platform Keystore (PKS) feature, >> which provides access to the SB_VERSION, db, and dbx secure boot variables >> from PKS. >> >> If secure boot is enabled with dynamic key management mode, it will read >> secure boot variables such as db and dbx from PKS and extract >> EFI Signature List (ESL) from it. The ESLs would be saved in the >> Platform Keystore buffer, and the appendedsig module would read it later >> to extract the certificate's details from ESL. >> >> In the following scenarios, static key management mode will be activated: >> 1. When Secure Boot is enabled with static key management mode >> 2. When SB_VERSION is unavailable but Secure Boot is enabled >> 3. When PKS support is unavailable but Secure Boot is enabled >> >> Note:- >> >> SB_VERSION: Key Management Mode >> 1 - Enable dynamic key management mode. Read the db and dbx variables from >> PKS, >> and use them for signature verification. >> 0 - Enable static key management mode. Read keys from the GRUB ELF Note and >> use it for signature verification. >> >> Signed-off-by: Sudhakar Kuppusamy <sudha...@linux.ibm.com> > > [...] > >> diff --git a/include/grub/ieee1275/ieee1275.h >> b/include/grub/ieee1275/ieee1275.h >> index 6f7925168..365fbb22c 100644 >> --- a/include/grub/ieee1275/ieee1275.h >> +++ b/include/grub/ieee1275/ieee1275.h >> @@ -24,6 +24,9 @@ >> #include <grub/types.h> >> #include <grub/machine/ieee1275.h> >> >> +#define IEEE1275_CELL_INVALID ((grub_ieee1275_cell_t) -1) >> +#define IEEE1275_CELL_NOT_FOUND ((int) -7) > > This definition looks strange and I am almost certain it should not be > an int but a "grub_" prefixed type...
Sure. Will use it like #define IEEE1275_CELL_NOT_FOUND ((grub_int32_t) -7) > >> + >> #define GRUB_IEEE1275_CELL_FALSE ((grub_ieee1275_cell_t) 0) >> #define GRUB_IEEE1275_CELL_TRUE ((grub_ieee1275_cell_t) -1) >> >> diff --git a/include/grub/powerpc/ieee1275/ieee1275.h >> b/include/grub/powerpc/ieee1275/ieee1275.h >> index 4eb207018..b70b813f2 100644 >> --- a/include/grub/powerpc/ieee1275/ieee1275.h >> +++ b/include/grub/powerpc/ieee1275/ieee1275.h >> @@ -28,4 +28,24 @@ typedef grub_uint32_t grub_ieee1275_cell_t; >> #define PRIxGRUB_IEEE1275_CELL_T PRIxGRUB_UINT32_T >> #define PRIuGRUB_IEEE1275_CELL_T PRIuGRUB_UINT32_T >> >> +#ifdef __powerpc__ >> + >> +extern int >> +grub_ieee1275_test (const char *name, grub_ieee1275_cell_t *missing); >> + >> +extern int >> +grub_ieee1275_pks_max_object_size (grub_size_t *result); >> + >> +extern int >> +grub_ieee1275_pks_read_object (grub_uint8_t consumer, grub_uint8_t *label, >> + grub_size_t label_len, grub_uint8_t *buffer, >> + grub_size_t buffer_len, grub_size_t >> *data_len, >> + grub_uint32_t *policies); >> + >> +extern int >> +grub_ieee1275_pks_read_sbvar (grub_uint8_t sbvarflags, grub_uint8_t >> sbvartype, >> + grub_uint8_t *buffer, grub_size_t buffer_len, >> + grub_size_t *data_len); >> +#endif > > Return types does not look right for me. I think you should check > IEEE 1275 spec and choose proper "grub_" prefixed type. Same for > some args members, e.g. rc, types in these functions. Sure. I will do it. I followed the below two files and wrote these PKS interfaces. include/grub/ieee1275/ieee1275.h grub-core/kern/ieee1275/ieee1275.c Thanks, Sudhakar > > Daniel _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
