forked from Minki/linux
9155e2341a
The X.509 certificates trusted by the platform and required to secure boot the OS kernel are wrapped in secure variables, which are controlled by OPAL. This patch adds firmware/kernel interface to read and write OPAL secure variables based on the unique key. This support can be enabled using CONFIG_OPAL_SECVAR. Signed-off-by: Claudio Carvalho <cclaudio@linux.ibm.com> Signed-off-by: Nayna Jain <nayna@linux.ibm.com> Signed-off-by: Eric Richter <erichte@linux.ibm.com> [mpe: Make secvar_ops __ro_after_init, only build opal-secvar.c if PPC_SECURE_BOOT=y] Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/1573441836-3632-2-git-send-email-nayna@linux.ibm.com
18 lines
364 B
C
18 lines
364 B
C
// SPDX-License-Identifier: GPL-2.0
|
|
/*
|
|
* Copyright (C) 2019 IBM Corporation
|
|
* Author: Nayna Jain
|
|
*
|
|
* This file initializes secvar operations for PowerPC Secureboot
|
|
*/
|
|
|
|
#include <linux/cache.h>
|
|
#include <asm/secvar.h>
|
|
|
|
const struct secvar_operations *secvar_ops __ro_after_init;
|
|
|
|
void set_secvar_ops(const struct secvar_operations *ops)
|
|
{
|
|
secvar_ops = ops;
|
|
}
|