Re: [PATCH v7 2/4] powerpc: expose secure variables to userspace via sysfs

From: Greg Kroah-Hartman
Date: Thu Nov 07 2019 - 02:40:40 EST

Next message: Thomas Gleixner: "Re: [patch 5/9] x86/ioport: Reduce ioperm impact for sane usage further"
Previous message: Biju Das: "RE: [PATCH 3/5] PCI: rcar: Add R-Car PCIe endpoint device tree bindings"
In reply to: Eric Richter: "[PATCH v7 2/4] powerpc: expose secure variables to userspace via sysfs"
Next in thread: Eric Richter: "[PATCH v7 3/4] x86/efi: move common keyring handler functions to new file"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Nov 06, 2019 at 10:22:03PM -0600, Eric Richter wrote:
> From: Nayna Jain <nayna@xxxxxxxxxxxxx>
>
> PowerNV secure variables, which store the keys used for OS kernel
> verification, are managed by the firmware. These secure variables need to
> be accessed by the userspace for addition/deletion of the certificates.
>
> This patch adds the sysfs interface to expose secure variables for PowerNV
> secureboot. The users shall use this interface for manipulating
> the keys stored in the secure variables.
>
> Signed-off-by: Nayna Jain <nayna@xxxxxxxxxxxxx>
> Reviewed-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Eric Richter <erichte@xxxxxxxxxxxxx>
> ---
> Documentation/ABI/testing/sysfs-secvar | 46 +++++
> arch/powerpc/Kconfig | 11 ++
> arch/powerpc/kernel/Makefile | 1 +
> arch/powerpc/kernel/secvar-sysfs.c | 247 +++++++++++++++++++++++++
> 4 files changed, 305 insertions(+)
> create mode 100644 Documentation/ABI/testing/sysfs-secvar
> create mode 100644 arch/powerpc/kernel/secvar-sysfs.c
>
> diff --git a/Documentation/ABI/testing/sysfs-secvar b/Documentation/ABI/testing/sysfs-secvar
> new file mode 100644
> index 000000000000..911b89cc6957
> --- /dev/null
> +++ b/Documentation/ABI/testing/sysfs-secvar
> @@ -0,0 +1,46 @@
> +What: /sys/firmware/secvar
> +Date: August 2019
> +Contact: Nayna Jain <nayna@xxxxxxxxxxxxx>
> +Description: This directory is created if the POWER firmware supports OS
> + secureboot, thereby secure variables. It exposes interface
> + for reading/writing the secure variables
> +
> +What: /sys/firmware/secvar/vars
> +Date: August 2019
> +Contact: Nayna Jain <nayna@xxxxxxxxxxxxx>
> +Description: This directory lists all the secure variables that are supported
> + by the firmware.
> +
> +What: /sys/firmware/secvar/backend
> +Date: August 2019
> +Contact: Nayna Jain <nayna@xxxxxxxxxxxxx>
> +Description: A string indicating which backend is in use by the firmware.
> + This determines the format of the variable and the accepted
> + format of variable updates.
> +
> +What: /sys/firmware/secvar/vars/<variable name>
> +Date: August 2019
> +Contact: Nayna Jain <nayna@xxxxxxxxxxxxx>
> +Description: Each secure variable is represented as a directory named as
> + <variable_name>. The variable name is unique and is in ASCII
> + representation. The data and size can be determined by reading
> + their respective attribute files.
> +
> +What: /sys/firmware/secvar/vars/<variable_name>/size
> +Date: August 2019
> +Contact: Nayna Jain <nayna@xxxxxxxxxxxxx>
> +Description: An integer representation of the size of the content of the
> + variable. In other words, it represents the size of the data.
> +
> +What: /sys/firmware/secvar/vars/<variable_name>/data
> +Date: August 2019
> +Contact: Nayna Jain h<nayna@xxxxxxxxxxxxx>
> +Description: A read-only file containing the value of the variable. The size
> + of the file represents the maximum size of the variable data.
> +
> +What: /sys/firmware/secvar/vars/<variable_name>/update
> +Date: August 2019
> +Contact: Nayna Jain <nayna@xxxxxxxxxxxxx>
> +Description: A write-only file that is used to submit the new value for the
> + variable. The size of the file represents the maximum size of
> + the variable data that can be written.
> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
> index c795039bdc73..cabc091f3fe1 100644
> --- a/arch/powerpc/Kconfig
> +++ b/arch/powerpc/Kconfig
> @@ -945,6 +945,17 @@ config PPC_SECURE_BOOT
> to enable OS secure boot on systems that have firmware support for
> it. If in doubt say N.
>
> +config PPC_SECVAR_SYSFS
> + bool "Enable sysfs interface for POWER secure variables"
> + default y
> + depends on PPC_SECURE_BOOT
> + depends on SYSFS
> + help
> + POWER secure variables are managed and controlled by firmware.
> + These variables are exposed to userspace via sysfs to enable
> + read/write operations on these variables. Say Y if you have
> + secure boot enabled and want to expose variables to userspace.
> +
> endmenu
>
> config ISA_DMA_API
> diff --git a/arch/powerpc/kernel/Makefile b/arch/powerpc/kernel/Makefile
> index 3cf26427334f..b216e9f316ee 100644
> --- a/arch/powerpc/kernel/Makefile
> +++ b/arch/powerpc/kernel/Makefile
> @@ -162,6 +162,7 @@ obj-y += ucall.o
> endif
>
> obj-$(CONFIG_PPC_SECURE_BOOT) += secure_boot.o ima_arch.o secvar-ops.o
> +obj-$(CONFIG_PPC_SECVAR_SYSFS) += secvar-sysfs.o
>
> # Disable GCOV, KCOV & sanitizers in odd or sensitive code
> GCOV_PROFILE_prom_init.o := n
> diff --git a/arch/powerpc/kernel/secvar-sysfs.c b/arch/powerpc/kernel/secvar-sysfs.c
> new file mode 100644
> index 000000000000..a3ba58ee4285
> --- /dev/null
> +++ b/arch/powerpc/kernel/secvar-sysfs.c
> @@ -0,0 +1,247 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +/*
> + * Copyright (C) 2019 IBM Corporation <nayna@xxxxxxxxxxxxx>
> + *
> + * This code exposes secure variables to user via sysfs
> + */
> +
> +#define pr_fmt(fmt) "secvar-sysfs: "fmt
> +
> +#include <linux/slab.h>
> +#include <linux/compat.h>
> +#include <linux/string.h>
> +#include <linux/of.h>
> +#include <asm/secvar.h>
> +
> +#define NAME_MAX_SIZE 1024
> +
> +static struct kobject *secvar_kobj;
> +static struct kset *secvar_kset;
> +
> +static ssize_t backend_show(struct kobject *kobj, struct kobj_attribute *attr,
> + char *buf)
> +{
> + ssize_t ret = 0;
> + struct device_node *node;
> + const char *compatible;
> +
> + node = of_find_node_by_name(NULL, "secvar");
> + if (!of_device_is_available(node))
> + return -ENODEV;
> +
> + ret = of_property_read_string(node, "compatible", &compatible);
> + if (ret)
> + return ret;
> +
> + ret = sprintf(buf, "%s\n", compatible);
> +
> + of_node_put(node);
> +
> + return ret;
> +}
> +
> +
> +static ssize_t size_show(struct kobject *kobj, struct kobj_attribute *attr,
> + char *buf)
> +{
> + uint64_t dsize;
> + int rc;
> +
> + rc = secvar_ops->get(kobj->name, strlen(kobj->name) + 1, NULL, &dsize);
> + if (rc) {
> + pr_err("Error retrieving variable size %d\n", rc);

For this, and the other errors in the show/store functions, you might
want to print the kobject name as well, so that userspace has a hint as
to what variable is the one having problems.

thanks,

greg k-h

Next message: Thomas Gleixner: "Re: [patch 5/9] x86/ioport: Reduce ioperm impact for sane usage further"
Previous message: Biju Das: "RE: [PATCH 3/5] PCI: rcar: Add R-Car PCIe endpoint device tree bindings"
In reply to: Eric Richter: "[PATCH v7 2/4] powerpc: expose secure variables to userspace via sysfs"
Next in thread: Eric Richter: "[PATCH v7 3/4] x86/efi: move common keyring handler functions to new file"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]