From: Greg KH <gregkh@linuxfoundation.org>
To: Daniel Axtens <dja@axtens.net>
Cc: Nayna <nayna@linux.vnet.ibm.com>,
nayna@linux.ibm.com, cclaudio@linux.ibm.com,
linux-fsdevel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org
Subject: Re: [WIP RFC PATCH 0/6] Generic Firmware Variable Filesystem
Date: Mon, 3 Jun 2019 09:29:16 +0200 [thread overview]
Message-ID: <20190603072916.GA7545@kroah.com> (raw)
In-Reply-To: <87zhmzxkzz.fsf@dja-thinkpad.axtens.net>
On Mon, Jun 03, 2019 at 04:04:32PM +1000, Daniel Axtens wrote:
> Hi Nayna,
>
> >> As PowerNV moves towards secure boot, we need a place to put secure
> >> variables. One option that has been canvassed is to make our secure
> >> variables look like EFI variables. This is an early sketch of another
> >> approach where we create a generic firmware variable file system,
> >> fwvarfs, and an OPAL Secure Variable backend for it.
> >
> > Is there a need of new filesystem ? I am wondering why can't these be
> > exposed via sysfs / securityfs ?
> > Probably, something like... /sys/firmware/secureboot or
> > /sys/kernel/security/secureboot/ ?
>
> I suppose we could put secure variables in sysfs, but I'm not sure
> that's what sysfs was intended for. I understand sysfs as "a
> filesystem-based view of kernel objects" (from
> Documentation/filesystems/configfs/configfs.txt), and I don't think a
> secure variable is really a kernel object in the same way most other
> things in sysfs are... but I'm open to being convinced.
What makes them more "secure" than anything else that is in sysfs today?
I didn't see anything in this patchset that provided "additional
security", did I miss it?
> securityfs seems to be reserved for LSMs, I don't think we can put
> things there.
Yeah, I wouldn't mess with that.
I would just recommend putting this in sysfs. Make a new subsystem
(i.e. class) and away you go.
> My hope with fwvarfs is to provide a generic place for firmware
> variables so that we don't need to expand the list of firmware-specific
> filesystems beyond efivarfs. I am also aiming to make things simple to
> use so that people familiar with firmware don't also have to become
> familiar with filesystem code in order to expose firmware variables to
> userspace.
Why would anyone need to be writing new code to firmware variables that
makes it any different from any other kernel change?
> > Also, it sounds like this is needed only for secure firmware variables
> > and does not include
> > other firmware variables which are not security relevant ? Is that
> > correct understanding ?
>
> The primary use case at the moment - OPAL secure variables - is security
> focused because the current OPAL secure variable design stores and
> manipulates secure variables separately from the rest of nvram. This
> isn't an inherent feature of fwvarfs.
Again, why not just put it in sysfs please?
> fwvarfs can also be used for variables that are not security relevant as
> well. For example, with the EFI backend (patch 3), both secure and
> insecure variables can be read.
I don't remember why efi variables were not put in sysfs, I think there
was some reasoning behind it originally. Perhaps look in the linux-efi
archives.
thanks,
greg k-h
next prev parent reply other threads:[~2019-06-03 7:29 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-20 6:25 [WIP RFC PATCH 0/6] Generic Firmware Variable Filesystem Daniel Axtens
2019-05-20 6:25 ` [WIP RFC PATCH 1/6] kernfs: add create() and unlink() hooks Daniel Axtens
2019-05-20 6:25 ` [WIP RFC PATCH 2/6] fwvarfs: a generic firmware variable filesystem Daniel Axtens
2019-05-20 6:25 ` [WIP RFC PATCH 3/6] fwvarfs: efi backend Daniel Axtens
2019-05-20 6:25 ` [WIP RFC PATCH 4/6] powerpc/powernv: Add support for OPAL secure variables Daniel Axtens
2019-05-20 6:25 ` [WIP RFC PATCH 5/6] powerpc/powernv: Remove EFI " Daniel Axtens
2019-05-20 6:25 ` [WIP RFC PATCH 6/6] fwvarfs: Add opal_secvar backend Daniel Axtens
2019-05-31 4:04 ` [WIP RFC PATCH 0/6] Generic Firmware Variable Filesystem Nayna
2019-06-03 6:04 ` Daniel Axtens
2019-06-03 7:29 ` Greg KH [this message]
2019-06-03 23:56 ` Daniel Axtens
2019-06-04 20:01 ` Nayna
2019-06-04 20:05 ` Matthew Garrett
2019-06-05 8:13 ` Greg KH
2019-06-04 20:33 ` Nayna
2019-06-05 6:14 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190603072916.GA7545@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=cclaudio@linux.ibm.com \
--cc=dja@axtens.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=nayna@linux.ibm.com \
--cc=nayna@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).