From patchwork Wed Sep 16 16:21:16 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Richter X-Patchwork-Id: 1365451 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Bs5711VtYz9sS8 for ; Thu, 17 Sep 2020 02:25:33 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=qtWE3VXj; dkim-atps=neutral Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 4Bs5702vtYzDqXN for ; Thu, 17 Sep 2020 02:25:32 +1000 (AEST) X-Original-To: skiboot@lists.ozlabs.org Delivered-To: skiboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=linux.ibm.com (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com; envelope-from=erichte@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=qtWE3VXj; dkim-atps=neutral Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4Bs52l16gVzDqNT for ; Thu, 17 Sep 2020 02:21:47 +1000 (AEST) Received: from pps.filterd (m0098393.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 08GG25ht082026 for ; Wed, 16 Sep 2020 12:21:46 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=EEJXdOAPaIraUXY2+e59bnE7iucLAB9DvzF5pcZPtUY=; b=qtWE3VXjtzSQ8b7TOSmxxdzYEfsCOnjVoEEAZ+o0wHwM/L6d9XvoNkjmZYjPYn+1++ty L9Q7tEThjxadi5XFRWplk7wy4eMv0jfLnmAYZilzmKkoKutlojbt5cYS80uSvlNLW/mP j2cIWCShlVwweRbzDkh6ErU3uKP+MV7KHEDUcblLswa+y5BJ9RTQbrkyF7r+tVEDq25J JnjGuW9JEsDCOC6I0fDh0dBOIKI2I/waZe7y9xSqRBQac9boOWtmQ2TTYWydnh/sDjJW hQTSZaxNThJ3dikZIoMjl/BH//nutl5ucKT8tjLC8xsvw0pNk2/anQbyETPtF0edXGwZ Jg== Received: from ppma04ams.nl.ibm.com (63.31.33a9.ip4.static.sl-reverse.com [169.51.49.99]) by mx0a-001b2d01.pphosted.com with ESMTP id 33knsnrsbj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 16 Sep 2020 12:21:45 -0400 Received: from pps.filterd (ppma04ams.nl.ibm.com [127.0.0.1]) by ppma04ams.nl.ibm.com (8.16.0.42/8.16.0.42) with SMTP id 08GGI9RD017134 for ; Wed, 16 Sep 2020 16:21:43 GMT Received: from b06avi18878370.portsmouth.uk.ibm.com (b06avi18878370.portsmouth.uk.ibm.com [9.149.26.194]) by ppma04ams.nl.ibm.com with ESMTP id 33k5up8urq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 16 Sep 2020 16:21:43 +0000 Received: from d06av25.portsmouth.uk.ibm.com (d06av25.portsmouth.uk.ibm.com [9.149.105.61]) by b06avi18878370.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 08GGLeMO29950272 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 16 Sep 2020 16:21:40 GMT Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E461511C054; Wed, 16 Sep 2020 16:21:40 +0000 (GMT) Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 3B0C611C04C; Wed, 16 Sep 2020 16:21:40 +0000 (GMT) Received: from ceres.ibmuc.com (unknown [9.160.109.67]) by d06av25.portsmouth.uk.ibm.com (Postfix) with ESMTP; Wed, 16 Sep 2020 16:21:40 +0000 (GMT) From: Eric Richter To: skiboot@lists.ozlabs.org Date: Wed, 16 Sep 2020 11:21:16 -0500 Message-Id: <20200916162131.22478-6-erichte@linux.ibm.com> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200916162131.22478-1-erichte@linux.ibm.com> References: <20200916162131.22478-1-erichte@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-09-16_10:2020-09-16, 2020-09-16 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 clxscore=1015 malwarescore=0 mlxlogscore=933 phishscore=0 suspectscore=1 lowpriorityscore=0 mlxscore=0 impostorscore=0 spamscore=0 bulkscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2006250000 definitions=main-2009160114 Subject: [Skiboot] [PATCH v6 05/20] secvar: change backend hook interface to take in bank references X-BeenThere: skiboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Mailing list for skiboot development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: nayna@linux.ibm.com Errors-To: skiboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Skiboot" From: Nayna Jain Previously, backends were implicitly expected to operate on global references to the variable and update banks. This patch changes the interface for this driver to instead take the banks in as an argument. This removes the implict dependency on these references, makes the design consistent with the storage driver, and also will simplify unit testing of these functions. Signed-off-by: Nayna Jain Signed-off-by: Eric Richter --- V4: - squashed in a whitespace fix for the storage driver struct V5: - adjusted comments so they don't blow way past the column limit include/secvar.h | 22 +++++++++++++++++----- libstb/secvar/secvar_main.c | 6 +++--- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/include/secvar.h b/include/secvar.h index 76525534..db103953 100644 --- a/include/secvar.h +++ b/include/secvar.h @@ -17,11 +17,23 @@ struct secvar_storage_driver { }; struct secvar_backend_driver { - int (*pre_process)(void); // Perform any pre-processing stuff (e.g. determine secure boot state) - int (*process)(void); // Process all updates - int (*post_process)(void); // Perform any post-processing stuff (e.g. derive/update variables) - int (*validate)(struct secvar *var); // Validate a single variable, return boolean - const char *compatible; // String to use for compatible in secvar node + /* Perform any pre-processing stuff (e.g. determine secure boot state) */ + int (*pre_process)(struct list_head *variable_bank, + struct list_head *update_bank); + + /* Process all updates */ + int (*process)(struct list_head *variable_bank, + struct list_head *update_bank); + + /* Perform any post-processing stuff (e.g. derive/update variables)*/ + int (*post_process)(struct list_head *variable_bank, + struct list_head *update_bank); + + /* Validate a single variable, return boolean */ + int (*validate)(struct secvar *var); + + /* String to use for compatible in secvar node */ + const char *compatible; }; diff --git a/libstb/secvar/secvar_main.c b/libstb/secvar/secvar_main.c index d8737621..759d8ef4 100644 --- a/libstb/secvar/secvar_main.c +++ b/libstb/secvar/secvar_main.c @@ -65,7 +65,7 @@ int secvar_main(struct secvar_storage_driver storage_driver, secvar_set_status("okay"); if (secvar_backend.pre_process) { - rc = secvar_backend.pre_process(); + rc = secvar_backend.pre_process(&variable_bank, &update_bank); if (rc) { prlog(PR_ERR, "Error in backend pre_process = %d\n", rc); /* Early failure state, lock the storage */ @@ -79,7 +79,7 @@ int secvar_main(struct secvar_storage_driver storage_driver, goto soft_fail; /* Process variable updates from the update bank. */ - rc = secvar_backend.process(); + rc = secvar_backend.process(&variable_bank, &update_bank); /* Create and set the update-status device tree property */ secvar_set_update_status(rc); @@ -109,7 +109,7 @@ int secvar_main(struct secvar_storage_driver storage_driver, secvar_storage.lockdown(); if (secvar_backend.post_process) { - rc = secvar_backend.post_process(); + rc = secvar_backend.post_process(&variable_bank, &update_bank); if (rc) { prlog(PR_ERR, "Error in backend post_process = %d\n", rc); goto soft_fail;