ecute ourselves and be using the same addresses in the child.
>
> While -fno-pie is already added, -no-pie is also required.
>
> Fixes: ca64da7574f8 ("selftests/powerpc/dexcr: Add hashst/hashchk
> test")
> Signed-off-by: Benjamin Gray
This matches the gcc documentat
On Fri, 2024-05-03 at 13:15 +1000, Andrew Donnellan wrote:
> This doesn't seem quite right to me, I don't think we can just
> redefine
> CONFIG_CXL as a bool, but I'll do something like this. Probably won't
> bother for CXLFLASH since they'll see it for CXL anyway, but I might
>
The cxl driver is no longer actively maintained and we
> intend to
> + remove it in a future kernel release.
> +
> Select this option to enable driver support for IBM
> Coherent
> Accelerators (CXL). CXL is otherwise known as Coherent
> Accelerator
> Processor Interface (CAPI). CAPI allows accelerators in
> FPGAs to be
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
sleep() everywhere to
> insert delay.
>
> Reported-by: Nageswara R Sastry
> Fixes: 2454a7af0f2a ("powerpc/pseries: define driver for Platform
> KeyStore")
> Signed-off-by: Nayna Jain
> Tested-by: Nageswara R Sastry
Reviewed-by: Andrew Donnellan
> ---
&
The cxl driver is no longer actively maintained and we intend to remove it
in a future kernel release. Change its status to obsolete, and update the
sysfs ABI documentation accordingly.
Signed-off-by: Andrew Donnellan
---
Documentation/ABI/{testing => obsolete}/sysfs-class-cxl
.
Signed-off-by: Andrew Donnellan
---
MAINTAINERS | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/MAINTAINERS b/MAINTAINERS
index aea47e04c3a5..34f605498873 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -5780,10 +5780,9 @@ F: include/uapi/misc/cxl.h
CXLFLASH (IBM
gt; + fsleep(delay_us);
> + timeout += delay_us;
> }
> rc = pseries_status_to_err(rc);
> } while (rc == -EBUSY && timeout < PLPKS_MAX_TIMEOUT);
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
Seems like a good idea to me!
Reviewed-by: Andrew Donnellan
Tested-by: Andrew Donnellan
> ---
> arch/powerpc/Kbuild | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/arch/powerpc/Kbuild b/arch/powerpc/Kbuild
> index 22cd0d55a892..da862e9558bc 100644
>
MAX_TIMEOUT, and assumes
it to be in milliseconds rather than microseconds.
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
ter all
> drivers
> are converted, .remove_new() will be renamed to .remove().
>
> Trivially convert this driver from always returning zero in the
> remove
> callback to the void returning variant.
>
> Signed-off-by: Uwe Kleine-König
Acked-by: Andrew Donnellan
> ---
>
On Fri, 2024-01-12 at 13:49 +0800, Kunwu Chan wrote:
> +err:
> + if (rc < 0)
> + return ERR_PTR(rc);
> return NULL;
I don't think there's a way for this NULL to ever get returned?
Apart from that it looks good:
Reviewed-by: Andrew Donnellan
--
A
it_one().
This doesn't really work for returning specific error codes, so I'd
just return -1 here (or change the way the return codes are handled on
the caller side).
> + }
> +
> ent->path.size = strlen((char *)ent->path.data);
>
> dir = debugfs_create_dir(ent->name, root);
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
; keeping that additional argument.
>
> Signed-off-by: Christian Brauner
Acked-by: Andrew Donnellan # ocxl
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
consistency:
Acked-by: Andrew Donnellan
> ---
> drivers/misc/ocxl/main.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/misc/ocxl/main.c b/drivers/misc/ocxl/main.c
> index ef73cf35dda2b..658974143c3cc 100644
> --- a/drivers/misc/ocxl
On Mon, 2023-11-13 at 09:45 +0800, Li zeming wrote:
> The link pointer does not need to cast the type.
>
> Signed-off-by: Li zeming
Acked-by: Andrew Donnellan
> ---
> drivers/misc/ocxl/link.c | 14 +++---
> 1 file changed, 7 insertions(+), 7 deletions(-)
>
&
On Mon, 2023-11-13 at 09:22 +0800, Li zeming wrote:
> The irq pointer does not need to cast the type.
>
> Signed-off-by: Li zeming
Acked-by: Andrew Donnellan
> ---
> drivers/misc/ocxl/afu_irq.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff -
On Mon, 2023-11-13 at 09:15 +0800, Li zeming wrote:
> The ctx pointer does not need to cast the type.
>
> Signed-off-by: Li zeming
Acked-by: Andrew Donnellan
> ---
> drivers/misc/ocxl/context.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff -
more difficult to read
> over time because of the inconsistency. Remove them, fixing up
> checkpatch issues with unnamed parameters (rtas_call) and bracket
> alignment (early_init_dt_scan_rtas) that get raised as a result of
> touching the code.
>
> Signed-off-by: Nathan Lynch '
LG
On Tue, 2023-11-14 at 11:22 -0600, Nathan Lynch via B4 Relay wrote:
> From: Nathan Lynch
>
> Use scripts/cleanfile to remove instances of trailing space in the
> core RTAS code and header.
>
> Signed-off-by: Nathan Lynch
Thanks for the cleanup, LGTM.
Reviewed-by
ned-off-by: Nathan Lynch
This looks correct to me (the other user is in mobility.c which already
has the header file included).
Reviewed-by: Andrew Donnellan
> ---
> arch/powerpc/include/asm/rtas.h | 1 -
> arch/powerpc/platforms/pseries/pseries.h | 1 +
> arch/powerpc/platform
> Signed-off-by: Nathan Lynch
grep confirms this.
Reviewed-by: Andrew Donnellan
> ---
> arch/powerpc/include/asm/rtas.h | 1 -
> arch/powerpc/kernel/rtas.c | 5 -
> 2 files changed, 6 deletions(-)
>
> diff --git a/arch/powerpc/include/asm/rtas.h
> b/arch
upport from arch/ppc").
>
> Signed-off-by: Nathan Lynch
grep confirms this.
Reviewed-by: Andrew Donnellan
> ---
> arch/powerpc/include/asm/rtas.h | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/arch/powerpc/include/asm/rtas.h
> b/arch/powerpc/include/asm
locate and release the SPA with the AFU"), but has never been
> called
> in its current form. Drop it.
>
> Signed-off-by: Michael Ellerman
Indeed it looks unused.
Acked-by: Andrew Donnellan
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
On Fri, 2023-08-11 at 18:20 +0800, Zheng Zengkai wrote:
> PCI core API pci_dev_id() can be used to get the BDF number for a pci
> device. We don't need to compose it mannually. Use pci_dev_id() to
> simplify the code a little bit.
>
> Signed-off-by: Zheng Zengkai
Acked-by: A
On Mon, 2023-08-07 at 11:18 +0800, Xiongfeng Wang wrote:
> PCI core add pci_find_next_dvsec_capability() to query the next
> DVSEC.
> We can use that core API to simplify the code. Also remove the unused
> macros.
>
> Signed-off-by: Xiongfeng Wang
Reviewed-by: Andrew Donne
pci_dev
> *dev, u16 pos, int cap);
> struct pci_bus *pci_find_next_bus(const struct pci_bus *from);
> u16 pci_find_vsec_capability(struct pci_dev *dev, u16 vendor, int
> cap);
> u16 pci_find_dvsec_capability(struct pci_dev *dev, u16 vendor, u16
> dvsec);
> +u16 pci_find_next_dvsec_capability(struct pci_dev *dev, u16 start,
> u16 vendor,
> + u16 dvsec);
>
> u64 pci_get_dsn(struct pci_dev *dev);
>
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
ngfeng Wang
LGTM
The cxl driver doesn't currently bind to any devices that don't have an
IBM vendor ID, and it's very unlikely to in future. If that ever
changes, this will of course need to be updated accordingly.
Reviewed-by: Andrew Donnellan
> ---
> drivers/misc/cxl/pci.c | 12 ++-
] https://github.com/kilobyte/arch-test
Signed-off-by: Andrew Donnellan
Cc: Nicholas Piggin
Cc: Naveen N Rao
Cc: Christophe Leroy
Cc: Adam Borowski
---
arch/powerpc/include/asm/elf.h | 6 --
arch/powerpc/include/asm/thread_info.h | 6 +-
2 files changed, 1 insertion(+), 11
need to
> explicitly include the correct includes.
>
> Signed-off-by: Rob Herring
Acked-by: Andrew Donnellan # cxl
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
g that tries to inspect ptrace-decl.h by itself.
>
> Signed-off-by: Benjamin Gray
> Reviewed-by: Russell Currey
Reviewed-by: Andrew Donnellan
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
/* !__ASSEMBLY__ */
>
> #include
> +#include
>
> DECLARE_STATIC_KEY_FALSE(uaccess_flush_key);
>
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
= min_t(u16, be32_to_cpu(data.key_len), var.datalen);
> memcpy(key, data.key, len);
> - kfree(var.data);
> -
> key[len] = '\0';
> *keylen = len;
>
> diff --git a/block/Kconfig b/block/Kconfig
> index 76b23114fdeb..75d4db34df5a 100644
> --- a/bloc
On Fri, 2022-11-04 at 17:51 +, Christophe Leroy wrote:
>
>
> Le 04/11/2022 à 18:27, Andrew Donnellan a écrit :
> > When CONFIG_VMAP_STACK is enabled, we set THREAD_SIZE to be at
> > least the
> > size of a page.
> >
> > There's a few bits of
e object files in
arch/powerpc:
- there's no difference at all caused by changing
rtas_ext_event_log_v6.vendor_log, which kind of surprises me given the
above.
- changing rtas_error_log.buffer does seem to change some code
generation in arch/powerpc/platforms/pseries/ras.o, I can't quite see
why.
Andrew
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
ll, Nayna, George]
I think it's conceivable that you may want to build a kernel that has
no ability for userspace to read/write to the key store at all as a
defence in depth measure in hardened environments, but I haven't
thought about this for more than 15 seconds, so opinions welcome.
--
Andre
FIG_CRYPTO_DEV_NX_ENCRYPT=m
> CONFIG_CRYPTO_DEV_VMX=y
> +CONFIG_SYSTEM_TRUSTED_KEYRING=y
> +CONFIG_SYSTEM_BLACKLIST_KEYRING=y
> CONFIG_PRINTK_TIME=y
> CONFIG_PRINTK_CALLER=y
> CONFIG_DEBUG_KERNEL=y
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
.05% )
> + 6.54256 +- 0.00830 seconds time elapsed ( +- 0.13% )
>
> Move the existing rtas_lock-guarded critical section in sys_rtas()
> into a conventional rtas_busy_delay()-based loop, returning to user
> space only when a final success or failure result is availabl
> Signed-off-by: Nathan Lynch
I'm no lockdep expert and I haven't checked if every possible case that
can be annotated has been annotated, but these changes make sense as
far as I can tell from my limited inspection.
Reviewed-by: Andrew Donnellan
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
+
> va_start(list, nret);
> va_rtas_call(args, token, nargs, nret, list);
> va_end(list);
>
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
all(args, token, nargs, nret, list);
> va_end(list);
>
> /* A -1 return code indicates that the last command couldn't
>
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
On Mon, 2023-03-06 at 15:33 -0600, Nathan Lynch via B4 Relay wrote:
> From: Nathan Lynch
>
> Add documentation for rtas_call_unlocked(), including details on how
> it differs from rtas_call().
>
> Signed-off-by: Nathan Lynch
Reviewed-by: Andrew Donnellan
--
Andrew Donnel
4 version of this code did not have this problem.
>
> Use memmove() instead.
>
> Fixes: 033ef338b6e0 ("powerpc: Merge rtas.c into
> arch/powerpc/kernel")
> Signed-off-by: Nathan Lynch
Reviewed-by: Andrew Donnellan
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
tas_args
> >
> > Add an alignment directive to the struct rtas_args declaration so
> > all
> > instances have the alignment required by the specs. rtas-types.h no
> > longer refers to any spinlock types, so drop the spinlock_types.h
> > inclusion while we're
On Mon, 2023-03-06 at 15:33 -0600, Nathan Lynch via B4 Relay wrote:
> From: Nathan Lynch
>
> The 'filter' member is a pointer, not a bool; fix the wording
> accordingly.
>
> Signed-off-by: Nathan Lynch
Reviewed-by: Andrew Donnellan
> ---
> arch/powerpc/kernel
f24] kernel_init+0x64/0x400
> [c00263607e50] [ce68e0e4]
> ret_from_kernel_thread+0x5c/0x64
>
> Fix this by creating separate notifier_block structs for each bus
> type.
>
> Fixes: d6b9a81b2a45 ("powerpc: IOMMU fault injection")
> Reported-by: Nageswara R Sastry
> Signed-off-by: Russell Currey
Reviewed-by: Andrew Donnellan
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
Add a firmware feature flag, FW_FEATURE_PLPKS, to indicate availability of
Platform KeyStore related hcalls.
Check this flag in plpks_is_available() and pseries_plpks_init() before
trying to make an hcall.
Suggested-by: Michael Ellerman
Signed-off-by: Andrew Donnellan
---
arch/powerpc/include
ement secvars for dynamic secure
boot")
Signed-off-by: Andrew Donnellan
---
arch/powerpc/platforms/pseries/plpks-secvar.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/platforms/pseries/plpks-secvar.c
b/arch/powerpc/platforms/pseries/plpks-secv
doesn't have a notion of flags at all. (The
flags interface for pseries is a little ugly, but it gets the job done
- userspace can read the format attribute to discover what it needs to
do.)
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
On Mon, 2023-02-13 at 16:26 +1100, Michael Ellerman wrote:
> Andrew Donnellan writes:
> > On Fri, 2023-02-10 at 16:28 -0500, Stefan Berger wrote:
> > > > > +err:
> > > > > + kfree(var.data);
> > > >
> > > > remove the kfree
ypervisor/big endian format
Thanks for catching this - it turns out we weren't properly testing the
one flag that exists (append vs replace) in our test script, so I
didn't notice this.
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
for catching this.
I don't think the condition is needed - we can assume the var.data is
unmodified.
mpe, are you able to fix this up in merge?
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
On Fri, 2023-02-10 at 15:47 -0500, Stefan Berger wrote:
>
>
> On 2/10/23 03:03, Andrew Donnellan wrote:
> > When the H_PKS_GEN_PASSWORD hcall returns H_IN_USE, operations that
> > require
> > authentication (i.e. anything other than reading a world-readable
>
.
However, we can't get of the separate option completely, because it will
also be used for SED Opal purposes.
Change PSERIES_PLPKS into a hidden option, which is selected by
PPC_SECURE_BOOT.
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell Currey
Reviewed-by: Stefan Berger
---
v3: New
to the user.
Handle the timeout case separately and return ETIMEDOUT if triggered.
Fixes: 2454a7af0f2a ("powerpc/pseries: define driver for Platform KeyStore")
Reported-by: Benjamin Gray
Signed-off-by: Andrew Donnellan
Tested-by: Russell Currey
Reviewed-by: Russell Currey
From: Russell Currey
Move plpks.h from platforms/pseries/ to include/asm/. This is necessary
for later patches to make use of the PLPKS from code in other subsystems.
Signed-off-by: Russell Currey
Signed-off-by: Andrew Donnellan
Reviewed-by: Stefan Berger
---
v3: New patch
---
.../powerpc
of write buffer at a time, and the
hypervisor does not expose an interface for partial writes.)
Co-developed-by: Nayna Jain
Signed-off-by: Nayna Jain
Co-developed-by: Andrew Donnellan
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell Currey
---
v2: Remove unnecessary config vars from sysfs
and misc cleanups]
Co-developed-by: Andrew Donnellan
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell Currey
Reviewed-by: Stefan Berger
---
v3: Merge plpks fixes and signed update series with secvar series
Fix error code handling in plpks_confirm_object_flushed() (ruscur)
Pass
h "ibm,edk2-compat-v1" and "ibm,secvar-backend" as
compatible strings.)
Signed-off-by: Russell Currey
Signed-off-by: Andrew Donnellan
Reviewed-by: Stefan Berger
---
v3: New patch
v4: Pass format buffer size (stefanb, npiggin)
v5: Use sizeof(buf) rather than stating the
implementation at present, and
the config directory will not be created if no attributes are set.
Signed-off-by: Russell Currey
Co-developed-by: Andrew Donnellan
Signed-off-by: Andrew Donnellan
Reviewed-by: Stefan Berger
---
v3: Remove unnecessary "secvar:" prefix from error mes
From: Russell Currey
Add helper function to get the PLPKS password length. This will be used
in a later patch to support passing the password between kernels over
kexec.
Signed-off-by: Russell Currey
Signed-off-by: Andrew Donnellan
Reviewed-by: Stefan Berger
---
v3: New patch
v5: Drop
te header file
to document this.
Suggested-by: Michael Ellerman
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell Currey
Reviewed-by: Stefan Berger
---
v3: New patch (mpe)
v6: Reword commit message (stefanb)
---
arch/powerpc/include/asm/plpks.h | 12
arch/powerpc/
From: Russell Currey
Move the constants defined in plpks.c to plpks.h, and standardise their
naming, so that PLPKS consumers can make use of them later on.
Signed-off-by: Russell Currey
Co-developed-by: Andrew Donnellan
Signed-off-by: Andrew Donnellan
Reviewed-by: Stefan Berger
---
v3
with the kexec_file_load() syscall, not the older
kexec_load() syscall, however if you're using Secure Boot then you want
to be using kexec_file_load() anyway.
Signed-off-by: Russell Currey
Signed-off-by: Andrew Donnellan
---
v3: New patch
v4: Fix compile when CONFIG_PSERIES_PLPKS=n (snowpatch)
Fix error
Signed-off-by: Andrew Donnellan
---
v3: New patch
---
.../integrity/platform_certs/load_powerpc.c | 26 ++-
1 file changed, 20 insertions(+), 6 deletions(-)
diff --git a/security/integrity/platform_certs/load_powerpc.c
b/security/integrity/platform_certs/load_powerpc.c
index
.
Signed-off-by: Andrew Donnellan
---
v6: New patch
---
arch/powerpc/platforms/pseries/plpks.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/powerpc/platforms/pseries/plpks.c
b/arch/powerpc/platforms/pseries/plpks.c
index 926b6a927326..01ae919b4497 100644
--- a/arch
to support additional v3 API fields, minor fixes]
Co-developed-by: Andrew Donnellan
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell Currey
Reviewed-by: Stefan Berger
---
v3: Merge plpks fixes and signed update series with secvar series
Refresh config values in plpks_get_usedspace() (ajd
-by: Russell Currey
Signed-off-by: Andrew Donnellan
Reviewed-by: Stefan Berger
---
arch/powerpc/platforms/pseries/plpks.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/powerpc/platforms/pseries/plpks.c
b/arch/powerpc/platforms/pseries/plpks.c
index cee06fb9a370..e5755443d4a4 100644
Kuppusamy
Signed-off-by: Andrew Donnellan
Reviewed-by: Stefan Berger
---
v3: New patch
---
arch/powerpc/kernel/secvar-sysfs.c | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/arch/powerpc/kernel/secvar-sysfs.c
b/arch/powerpc/kernel/secvar-sysfs.c
index 6ba23b2bb9da
ead, let the backend put
a NULL-terminated array of variable names into secvar_ops->var_names,
which will be used if get_next() is undefined.
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell Currey
Reviewed-by: Stefan Berger
---
v3: New patch (ajd/mpe)
v6: Add newlines for better aest
Due to sysfs constraints, when writing to a variable, we can only handle
writes of up to PAGE_SIZE.
It's possible that the maximum object size is larger than PAGE_SIZE, in
which case, print a warning on boot so that the user is aware.
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell
From: Russell Currey
The secvar code only supports one consumer at a time.
Multiple consumers aren't possible at this point in time, but we'd want
it to be obvious if it ever could happen.
Signed-off-by: Russell Currey
Co-developed-by: Andrew Donnellan
Signed-off-by: Andrew Donnellan
From: Russell Currey
The code that handles the format string in secvar-sysfs.c is entirely
OPAL specific, so create a new "format" op in secvar_operations to make
the secvar code more generic. No functional change.
Signed-off-by: Russell Currey
Signed-off-by: Andrew Donnellan
Signed-off-by: Andrew Donnellan
Reviewed-by: Stefan Berger
---
v3: Change uint64_t type to u64 (mpe)
v4: Return immediately if node is NULL (gjoyce)
---
arch/powerpc/include/asm/secvar.h| 1 +
arch/powerpc/kernel/secvar-sysfs.c | 17 +++
arch/powerpc/platforms
Remove unnecessary prefixes from error messages in secvar_sysfs_init()
(the file defines pr_fmt, so putting "secvar:" in every message is
unnecessary). Make capitalisation and punctuation more consistent.
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell Currey
Reviewed-by: Ste
From: Russell Currey
The secvar format string and object size sysfs files are both ASCII
text, and should use sysfs_emit(). No functional change.
Suggested-by: Greg Kroah-Hartman
Signed-off-by: Russell Currey
Signed-off-by: Andrew Donnellan
Reviewed-by: Stefan Berger
---
v2: New patch
that size).
Reported-by: Benjamin Gray
Fixes: 2454a7af0f2a ("powerpc/pseries: define driver for Platform KeyStore")
Signed-off-by: Andrew Donnellan
Reviewed-by: Russell Currey
Signed-off-by: Russell Currey
---
v3: Merge plpks fixes and signed update series with secvar series
v4
eeding to expose more, we
can add them later and update the docs.
Use sysfs_emit() instead of sprintf() for all sysfs strings
Change the size of the sysfs binary attributes to include the 8-byte
flags header, preventing truncation of large writes.
Andrew Donnellan (9):
power
pace via sysfs"), but the return code of
secvar_sysfs_load() was never checked so this issue never mattered.
Signed-off-by: Russell Currey
Signed-off-by: Andrew Donnellan
Reviewed-by: Stefan Berger
---
v5: New patch
---
arch/powerpc/kernel/secvar-sysfs.c | 6 --
1 file changed, 4 ins
Ellerman
Reviewed-by: Russell Currey
Reviewed-by: Andrew Donnellan
Signed-off-by: Andrew Donnellan
---
v3: Include new patch
---
arch/powerpc/include/asm/secvar.h| 9 +++--
arch/powerpc/kernel/secvar-sysfs.c | 8
arch/powerpc/platforms/powernv/opal
On Tue, 2023-01-31 at 11:38 -0500, Stefan Berger wrote:
>
>
> On 1/31/23 01:39, Andrew Donnellan wrote:
> > Currently, plpks_read_var() allocates a buffer to pass to the
> > H_PKS_READ_OBJECT hcall, then allocates another buffer, of the
> > caller's
>
>
> -&
ere's no apparent
> reason not to upgrade timebase_lock as well.
>
> Signed-off-by: Nathan Lynch
I'm no locking expert but this looks reasonable from a quick read-
through.
Reviewed-by: Andrew Donnellan
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
tas_call() lack appropriate spacing around
> operators and cause checkpatch errors; fix these as well.
>
> Suggested-by: Laurent Dufour
> Signed-off-by: Nathan Lynch
Reviewed-by: Andrew Donnellan
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
seem unlikely.
>
> Arguably the default for RTAS symbols should have become
> EXPORT_SYMBOL_GPL once it was available. Let's make it so now, and
> exceptions can be evaluated as needed.
>
> Signed-off-by: Nathan Lynch
Agreed.
Reviewed-by: Andrew Donnellan
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
at
wants access to the rtas struct would clearly be doing something
extremely cursed that ought to be stopped.
Reviewed-by: Andrew Donnellan
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
write if we have at least
> > one byte of data.
> > + if (data_size <= sizeof(flags))
> > + return -EINVAL;
> > +
> > + // We subtract 1 from key_len because we don't need to
> > include the
> > + // null terminator at the end of the string
> > + var.name = kcalloc(key_len - 1, sizeof(wchar_t),
> > GFP_KERNEL);
> here I would think that it should be key_len * 2 - 1 since
> utf8s_to_utf16s presumably makes the string longer
No, wchar_t is u16, so this allocates (key_len - 1)*sizeof(u16) =
(key_len - 1)*2 bytes.
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
cial pointers.
Indeed, I was confused - in the read case, the buffer doesn't get
directly passed to the hcall.
I'll wait a little bit longer for more feedback on v5 of this series
and maybe fix this in v6 if mpe thinks I should respin it again.
--
Andrew DonnellanOzLabs, ADL Canberra
a...@linux.ibm.com IBM Australia Limited
From: Russell Currey
The secvar code only supports one consumer at a time.
Multiple consumers aren't possible at this point in time, but we'd want
it to be obvious if it ever could happen.
Signed-off-by: Russell Currey
Co-developed-by: Andrew Donnellan
Signed-off-by: Andrew Donnellan
Due to sysfs constraints, when writing to a variable, we can only handle
writes of up to PAGE_SIZE.
It's possible that the maximum object size is larger than PAGE_SIZE, in
which case, print a warning on boot so that the user is aware.
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell
Signed-off-by: Andrew Donnellan
---
v3: Change uint64_t type to u64 (mpe)
v4: Return immediately if node is NULL (gjoyce)
---
arch/powerpc/include/asm/secvar.h| 1 +
arch/powerpc/kernel/secvar-sysfs.c | 17 +++
arch/powerpc/platforms/powernv/opal-secvar.c | 22
o NULL and var->datalen will be populated. Update header file
to document this.
Suggested-by: Michael Ellerman
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell Currey
---
v3: New patch (mpe)
---
arch/powerpc/include/asm/plpks.h | 12
arch/powerpc/platforms/pseries/plp
From: Russell Currey
The code that handles the format string in secvar-sysfs.c is entirely
OPAL specific, so create a new "format" op in secvar_operations to make
the secvar code more generic. No functional change.
Signed-off-by: Russell Currey
Signed-off-by: Andrew Donnellan
--
ead, let the backend put
a NULL-terminated array of variable names into secvar_ops->var_names,
which will be used if get_next() is undefined.
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell Currey
---
v3: New patch (ajd/mpe)
---
arch/powerpc/include/asm/secvar.h | 4 ++
arch/powerpc/
and misc cleanups]
Co-developed-by: Andrew Donnellan
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell Currey
---
v3: Merge plpks fixes and signed update series with secvar series
Fix error code handling in plpks_confirm_object_flushed() (ruscur)
Pass plpks_var struct
From: Russell Currey
Move the constants defined in plpks.c to plpks.h, and standardise their
naming, so that PLPKS consumers can make use of them later on.
Signed-off-by: Russell Currey
Co-developed-by: Andrew Donnellan
Signed-off-by: Andrew Donnellan
---
v3: New patch
---
arch/powerpc
of write buffer at a time, and the
hypervisor does not expose an interface for partial writes.)
Co-developed-by: Nayna Jain
Signed-off-by: Nayna Jain
Co-developed-by: Andrew Donnellan
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell Currey
---
v2: Remove unnecessary config vars from sysfs
h "ibm,edk2-compat-v1" and "ibm,secvar-backend" as
compatible strings.)
Signed-off-by: Russell Currey
Signed-off-by: Andrew Donnellan
---
v3: New patch
v4: Pass format buffer size (stefanb, npiggin)
v5: Use sizeof(buf) rather than stating the size twice (npiggin)
-by: Russell Currey
Signed-off-by: Andrew Donnellan
---
arch/powerpc/platforms/pseries/plpks.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/powerpc/platforms/pseries/plpks.c
b/arch/powerpc/platforms/pseries/plpks.c
index cee06fb9a370..e5755443d4a4 100644
--- a/arch/powerpc/platforms
Signed-off-by: Andrew Donnellan
---
v3: New patch
v4: Fix compile when CONFIG_PSERIES_PLPKS=n (snowpatch)
Fix error handling on fdt_path_offset() call (ruscur)
v5: Fix DT property name in commit message (npiggin)
Clear prop in FDT during init to prevent password exposure (mpe
.
However, we can't get of the separate option completely, because it will
also be used for SED Opal purposes.
Change PSERIES_PLPKS into a hidden option, which is selected by
PPC_SECURE_BOOT.
Signed-off-by: Andrew Donnellan
Signed-off-by: Russell Currey
---
v3: New patch
v5: Change
From: Russell Currey
Add helper function to get the PLPKS password length. This will be used
in a later patch to support passing the password between kernels over
kexec.
Signed-off-by: Russell Currey
Signed-off-by: Andrew Donnellan
---
v3: New patch
v5: Drop plpks_get_password() since we
1 - 100 of 1009 matches
Mail list logo