Re: [PATCH v9 0/4] powerpc: expose secure variables to the kernel and userspace

From: Michael Ellerman
Date: Mon Nov 11 2019 - 20:21:10 EST

Next message: Darrick J. Wong: "Re: [PATCH 2/2] fs: Move swap_[de]activate to file_operations"
Previous message: Wanpeng Li: "Re: [PATCH 1/2] KVM: X86: Single target IPI fastpath"
In reply to: Lakshmi Ramasubramanian: "Re: [PATCH v9 0/4] powerpc: expose secure variables to the kernel and userspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx> writes:
> On 11/10/19 7:10 PM, Nayna Jain wrote:
>
> Hi Nayna,
>
>> In order to verify the OS kernel on PowerNV systems, secure boot requires
>> X.509 certificates trusted by the platform. These are stored in secure
>> variables controlled by OPAL, called OPAL secure variables. In order to
>> enable users to manage the keys, the secure variables need to be exposed
>> to userspace.
> Are you planning to split the patches in this patch set into smaller
> chunks so that it is easier to code review and also perhaps make it
> easier when merging the changes?

I don't think splitting them would add any value. They're already split
into the firmware specific bits (patch 1), and the sysfs parts (patch
2), which is sufficient for me.

cheers

Next message: Darrick J. Wong: "Re: [PATCH 2/2] fs: Move swap_[de]activate to file_operations"
Previous message: Wanpeng Li: "Re: [PATCH 1/2] KVM: X86: Single target IPI fastpath"
In reply to: Lakshmi Ramasubramanian: "Re: [PATCH v9 0/4] powerpc: expose secure variables to the kernel and userspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]