Received: by 2002:a17:90a:8582:0:0:0:0 with SMTP id m2csp2348008pjn; Tue, 2 Apr 2019 14:52:18 -0700 (PDT) X-Google-Smtp-Source: APXvYqzFu04tYhAH4Lhs0eULCjWswCq5OW3JmKjVodod6o7XL/MAlCeQ2uNKRqjQdgkzH0UckR52 X-Received: by 2002:a63:f448:: with SMTP id p8mr23931102pgk.50.1554241938379; Tue, 02 Apr 2019 14:52:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554241938; cv=none; d=google.com; s=arc-20160816; b=GRSzjDdG8E8b1gmi29bYOa7bqeCHMIcNJRUkYBG+YQquVhhQ3lpwNKWSGM95VoUrC4 UgF2DR5htNtA4bffBKz0sixOQX+1O8IcBJNqqVq/bGeflFNcW22fMgkyPl1V5woy0LIh Dc9OEa7DViIDaNlaZeyVpaFg5RDWxKfPnAFotoT2C8jEefTvl7baFsVcyRVKjq5g1/ft SXS6nehVl3rifH2uO0abiMkBA945a0Dr69hOR6X0GJL79jJdU3iIS99VqdqXLXLAfeOY coVjQMz+2aDW9nKwAZobCBem0Vfkam3GuQAXnu2zn72FS70+JUhaJL8Tu7KGds+eW6aY Hjzw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=Xywp59diGGhpDkbiKwDy1z/p41TsJGCT04l9clYa/bw=; b=dKu4S3xcGeACe3iEc0/Gj3WoyI1OSlsToryv+SvQFUVMgUi96wqAw87hbVgQ4nGgAU HAOKioAhpcpAxuKePxbbieeGOFicQboRBWLhfanWJ07LL+mJt9D01qt6zBJk7FNachTj KuIhujJYo6VsnodCp2xppaPlx9xghNQ8H75F3JL1/NKshyYK9X/nRrfwjFG98kP0yedm bfek2BZ5GCN/kwjUnrTuTHyQxoWcLV46kfgqyi6lm+yoGVAcur4R8yKhSf/goQ78zyX6 zf4rfHsT6QGje52+ldwOx1Qu8JPhYfDjFFwVvvWTPPtfDs4SJAHptVHJkl8gV7jlHlyy ogaw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=cgxH1p9h; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g3si10045377plp.369.2019.04.02.14.52.01; Tue, 02 Apr 2019 14:52:18 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=cgxH1p9h; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726415AbfDBVv0 (ORCPT + 99 others); Tue, 2 Apr 2019 17:51:26 -0400 Received: from mail-it1-f195.google.com ([209.85.166.195]:35471 "EHLO mail-it1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726097AbfDBVv0 (ORCPT ); Tue, 2 Apr 2019 17:51:26 -0400 Received: by mail-it1-f195.google.com with SMTP id w15so7990663itc.0 for ; Tue, 02 Apr 2019 14:51:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Xywp59diGGhpDkbiKwDy1z/p41TsJGCT04l9clYa/bw=; b=cgxH1p9hR+Q06JJs5kFBfM9Kyh5DPamsWYdVF0dOKK8prPxsq3lgTyOaY7YDCicOWA T488n5X1XcxSkrl0ukEtFGi+xPCJQJyQHBue/DNa1uXTEPoo05oAgpFuei/QDfJRCyyq t9FsqC7+HgEDi1sT636+7YZnoy1JpZ8TDmu9iXyxMUkDuvo0s1RZ5ru4csy0g0f4k5iM 1AiLgmJZKN3SfNQfXEKMjmbVvFqsV7CZbF3SmMx+eU2XvavP0JM/EG2NUI4gg/T7HG8G 2gQW9vzgCcSihzMmWJL2dvHpG7HP2BzimvQN5myrNc1Xjq2n2r95Ar8Uhu0gPOdX+nfZ ewhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Xywp59diGGhpDkbiKwDy1z/p41TsJGCT04l9clYa/bw=; b=LAbusWh1YF+qbyZZRcx6UIYGLTTwd+jBgnAVh9E7F6afWNHykNxiPmyqKTDkFMzMJg 5w7G+vzC2fiu2WG1P5bFPBFPrhyEembF6WBThXDygOX8a966jYb32BxDZ8vEga10p5LX +kX1bv/rIBLKCnTe2uwA4h/uilTIEbGviLM+ogVYAeqJ+bb50d1TkcOTzDqGfzKNHiBI ehaUIU5n7hbFkxoL4/7PyrTipGTQB/w7bJGD2UgKanBcQtHral0nROV4KHKyfDxes8Ri io3bZ1Wq1WLWiJwjBFYwO3oeZ4+sqebOXNk7MTGk/cMAGdCcaUsiCjsyFXl5UlGPv0+n lNsA== X-Gm-Message-State: APjAAAUErch60jfpvUWuN+etuRwCz2RdGvxNy55G43ToN6Ioy0Gk3q45 iiz10vmOGtbQu3Bxtp4gs8CWld8usvonlgSXiwnyvA== X-Received: by 2002:a24:7294:: with SMTP id x142mr6230609itc.7.1554241885398; Tue, 02 Apr 2019 14:51:25 -0700 (PDT) MIME-Version: 1.0 References: <20190402181505.25037-1-cclaudio@linux.ibm.com> <4ce5e057-0702-b0d5-7bb2-cea5b22e2efa@linux.ibm.com> In-Reply-To: <4ce5e057-0702-b0d5-7bb2-cea5b22e2efa@linux.ibm.com> From: Matthew Garrett Date: Tue, 2 Apr 2019 14:51:14 -0700 Message-ID: Subject: Re: [PATCH 0/4] Enabling secure boot on PowerNV systems To: Claudio Carvalho Cc: linuxppc-dev@ozlabs.org, linux-efi , linux-integrity , Linux Kernel Mailing List , Michael Ellerman , Paul Mackerras , Benjamin Herrenschmidt , Ard Biesheuvel , Jeremy Kerr , Matthew Garret , Nayna Jain Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 2, 2019 at 2:11 PM Claudio Carvalho wrote: > We want to use the efivarfs for compatibility with existing userspace > tools. We will track and match any EFI changes that affect us. So you implement the full PK/KEK/db/dbx/dbt infrastructure, and updates are signed in the same way? > Our use case is restricted to secure boot - this is not going to be a > general purpose EFI variable implementation. In that case we might be better off with a generic interface for this purpose that we can expose on all platforms that implement a secure boot key hierarchy. Having an efivarfs that doesn't allow the creation of arbitrary attributes may break other existing userland expectations.