| Message ID | 20230131063928.388035-11-ajd@linux.ibm.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | pSeries dynamic secure boot secvar interface + platform keyring loading | expand |
On 1/31/23 01:39, Andrew Donnellan wrote: > From: Russell Currey <ruscur@russell.cc> > > The forthcoming pseries consumer of the secvar API wants to expose a > number of config variables. Allowing secvar implementations to provide > their own sysfs attributes makes it easy for consumers to expose what > they need to. > > This is not being used by the OPAL secvar implementation at present, and > the config directory will not be created if no attributes are set. > > Signed-off-by: Russell Currey <ruscur@russell.cc> > Co-developed-by: Andrew Donnellan <ajd@linux.ibm.com> > Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> > > --- > > v3: Remove unnecessary "secvar:" prefix from error messages (ajd) > > Merge config attributes into secvar_operations (mpe) > --- > arch/powerpc/include/asm/secvar.h | 2 ++ > arch/powerpc/kernel/secvar-sysfs.c | 33 +++++++++++++++++++++++++----- > 2 files changed, 30 insertions(+), 5 deletions(-) > > diff --git a/arch/powerpc/include/asm/secvar.h b/arch/powerpc/include/asm/secvar.h > index bf396215903d..011a53a8076c 100644 > --- a/arch/powerpc/include/asm/secvar.h > +++ b/arch/powerpc/include/asm/secvar.h > @@ -10,6 +10,7 @@ > > #include <linux/types.h> > #include <linux/errno.h> > +#include <linux/sysfs.h> > > extern const struct secvar_operations *secvar_ops; > > @@ -19,6 +20,7 @@ struct secvar_operations { > int (*set)(const char *key, u64 key_len, u8 *data, u64 data_size); > ssize_t (*format)(char *buf, size_t bufsize); > int (*max_size)(u64 *max_size); > + const struct attribute **config_attrs; > }; > > #ifdef CONFIG_PPC_SECURE_BOOT > diff --git a/arch/powerpc/kernel/secvar-sysfs.c b/arch/powerpc/kernel/secvar-sysfs.c > index 8f3deff94009..7df32be86507 100644 > --- a/arch/powerpc/kernel/secvar-sysfs.c > +++ b/arch/powerpc/kernel/secvar-sysfs.c > @@ -144,6 +144,19 @@ static int update_kobj_size(void) > return 0; > } > > +static int secvar_sysfs_config(struct kobject *kobj) > +{ > + struct attribute_group config_group = { > + .name = "config", > + .attrs = (struct attribute **)secvar_ops->config_attrs, > + }; > + > + if (secvar_ops->config_attrs) > + return sysfs_create_group(kobj, &config_group); > + > + return 0; > +} > + > static int secvar_sysfs_load(void) > { > struct kobject *kobj; > @@ -208,26 +221,36 @@ static int secvar_sysfs_init(void) > > rc = sysfs_create_file(secvar_kobj, &format_attr.attr); > if (rc) { > - kobject_put(secvar_kobj); > - return -ENOMEM; > + pr_err("Failed to create format object\n"); > + rc = -ENOMEM; > + goto err; > } > > secvar_kset = kset_create_and_add("vars", NULL, secvar_kobj); > if (!secvar_kset) { > pr_err("sysfs kobject registration failed\n"); > - kobject_put(secvar_kobj); > - return -ENOMEM; > + rc = -ENOMEM; > + goto err; > } > > rc = update_kobj_size(); > if (rc) { > pr_err("Cannot read the size of the attribute\n"); > - return rc; > + goto err; > + } > + > + rc = secvar_sysfs_config(secvar_kobj); > + if (rc) { > + pr_err("Failed to create config directory\n"); > + goto err; > } > > secvar_sysfs_load(); > > return 0; > +err: > + kobject_put(secvar_kobj); > + return rc; > } > > late_initcall(secvar_sysfs_init);
diff --git a/arch/powerpc/include/asm/secvar.h b/arch/powerpc/include/asm/secvar.h index bf396215903d..011a53a8076c 100644 --- a/arch/powerpc/include/asm/secvar.h +++ b/arch/powerpc/include/asm/secvar.h @@ -10,6 +10,7 @@ #include <linux/types.h> #include <linux/errno.h> +#include <linux/sysfs.h> extern const struct secvar_operations *secvar_ops; @@ -19,6 +20,7 @@ struct secvar_operations { int (*set)(const char *key, u64 key_len, u8 *data, u64 data_size); ssize_t (*format)(char *buf, size_t bufsize); int (*max_size)(u64 *max_size); + const struct attribute **config_attrs; }; #ifdef CONFIG_PPC_SECURE_BOOT diff --git a/arch/powerpc/kernel/secvar-sysfs.c b/arch/powerpc/kernel/secvar-sysfs.c index 8f3deff94009..7df32be86507 100644 --- a/arch/powerpc/kernel/secvar-sysfs.c +++ b/arch/powerpc/kernel/secvar-sysfs.c @@ -144,6 +144,19 @@ static int update_kobj_size(void) return 0; } +static int secvar_sysfs_config(struct kobject *kobj) +{ + struct attribute_group config_group = { + .name = "config", + .attrs = (struct attribute **)secvar_ops->config_attrs, + }; + + if (secvar_ops->config_attrs) + return sysfs_create_group(kobj, &config_group); + + return 0; +} + static int secvar_sysfs_load(void) { struct kobject *kobj; @@ -208,26 +221,36 @@ static int secvar_sysfs_init(void) rc = sysfs_create_file(secvar_kobj, &format_attr.attr); if (rc) { - kobject_put(secvar_kobj); - return -ENOMEM; + pr_err("Failed to create format object\n"); + rc = -ENOMEM; + goto err; } secvar_kset = kset_create_and_add("vars", NULL, secvar_kobj); if (!secvar_kset) { pr_err("sysfs kobject registration failed\n"); - kobject_put(secvar_kobj); - return -ENOMEM; + rc = -ENOMEM; + goto err; } rc = update_kobj_size(); if (rc) { pr_err("Cannot read the size of the attribute\n"); - return rc; + goto err; + } + + rc = secvar_sysfs_config(secvar_kobj); + if (rc) { + pr_err("Failed to create config directory\n"); + goto err; } secvar_sysfs_load(); return 0; +err: + kobject_put(secvar_kobj); + return rc; } late_initcall(secvar_sysfs_init);