From patchwork Thu Apr 11 22:45:46 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Richter X-Patchwork-Id: 1084343 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44gGNd6sYFz9s55 for ; Fri, 12 Apr 2019 08:46:41 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 44gGNd4gJMzDqT1 for ; Fri, 12 Apr 2019 08:46:41 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=linux.ibm.com (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com; envelope-from=erichte@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 44gGMz6Pr7zDqSr for ; Fri, 12 Apr 2019 08:46:07 +1000 (AEST) Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x3BMhtPg096237 for ; Thu, 11 Apr 2019 18:46:06 -0400 Received: from e06smtp07.uk.ibm.com (e06smtp07.uk.ibm.com [195.75.94.103]) by mx0a-001b2d01.pphosted.com with ESMTP id 2rtcc75bnu-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 11 Apr 2019 18:46:06 -0400 Received: from localhost by e06smtp07.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 11 Apr 2019 23:46:04 +0100 Received: from b06cxnps4076.portsmouth.uk.ibm.com (9.149.109.198) by e06smtp07.uk.ibm.com (192.168.101.137) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Thu, 11 Apr 2019 23:46:01 +0100 Received: from d06av25.portsmouth.uk.ibm.com (d06av25.portsmouth.uk.ibm.com [9.149.105.61]) by b06cxnps4076.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x3BMjxIB31260884 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 11 Apr 2019 22:45:59 GMT Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 78B9711C073; Thu, 11 Apr 2019 22:45:59 +0000 (GMT) Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id EF61E11C058; Thu, 11 Apr 2019 22:45:58 +0000 (GMT) Received: from yorha.ibmuc.com (unknown [9.80.238.6]) by d06av25.portsmouth.uk.ibm.com (Postfix) with ESMTP; Thu, 11 Apr 2019 22:45:58 +0000 (GMT) From: Eric Richter To: skiboot@lists.ozlabs.org Date: Thu, 11 Apr 2019 17:45:46 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190411224551.29401-1-erichte@linux.ibm.com> References: <20190411224551.29401-1-erichte@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19041122-0028-0000-0000-0000035FE7F7 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19041122-0029-0000-0000-0000241F10AB Message-Id: <20190411224551.29401-4-erichte@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-04-11_14:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=951 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904110145 Subject: [Skiboot] [RFC v2 3/8] platform.h: add secure variable storage hooks X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" Different platforms may support a range of features that can be used for persistent secure variable storage. This patch adds the following hooks to the platform struct, to be implemented by platforms that support secure variables: - secvar_platform_init - secvar_load_bank - secvar_write_bank secvar_platform_init performs any loading or initialization that the platform may need to prepare the internal banks. This may include initialization or formatting of a pnor section, TPM, etc. secvar_load_bank loads a bank from the platform's storage into the in-memory cache. secvar_write_bank takes an in-memory cache and writes it to the platform's storage. A subsequent patch will provide an implementation that should be usable for most p9 systems that use the SECBOOT pnor partition. Signed-off-by: Eric Richter --- include/platform.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/platform.h b/include/platform.h index 0cc9c234..c4aa92a0 100644 --- a/include/platform.h +++ b/include/platform.h @@ -185,6 +185,11 @@ struct platform { int (*secboot_read)(void *dst, uint32_t src, uint32_t len); int (*secboot_write)(uint32_t dst, void *src, uint32_t len); + // TODO: Document this + int (*secvar_platform_init)(void); + int (*secvar_load_bank)(struct list_head *bank, int section); + int (*secvar_write_bank)(struct list_head *bank, int section); + /* * OCC timeout. This return how long we should wait for the OCC * before timing out. This lets us use a high value on larger FSP