archive mirror
 help / color / mirror / Atom feed
From: Jorge Lopez <>
Subject: [PATCH v2 0/4]  Introduction of HP-BIOSCFG driver
Date: Fri, 14 Oct 2022 18:27:22 -0500	[thread overview]
Message-ID: <> (raw)

Version: 1

  Introduction of HP-BIOSCFG driver (1/4)
    The purpose for this patch is submit HP BIOSCFG driver to be list of
    HP Linux kernel drivers.  HP BIOS Configuration driver purpose is to
    provide a driver supporting the latest sysfs class firmware attributes
    framework allowing the user to change BIOS settings and security
    solutions on HP Inc.’s commercial notebooks.
    Many features of HP Commercial PC’s can be managed using Windows
    Management Instrumentation (WMI). WMI is an implementation of Web-Based
    Enterprise Management (WBEM) that provides a standards-based interface
    for changing and monitoring system settings.  HP BISOCFG driver provides
    a native Linux solution and the exposed features facilitates the
    migration to Linux environments.
    The Linux security features to be provided in hp-bioscfg driver enables
    managing the BIOS settings and security solutions via sysfs, a virtual
    filesystem that can be used by user-mode applications.   The new
    documentation cover features such Secure Platform Management, Sure
    Admin, and Sure Start.  Each section provides security feature
    description and identifies sysfs directories and files exposed by
    the driver.
    Many HP Commercial PC’s include a feature called Secure Platform
    Management (SPM), which replaces older password-based BIOS settings
    management with public key cryptography. PC secure product management
    begins when a target system is provisioned with cryptographic keys
    that are used to ensure the integrity of communications between system
    management utilities and the BIOS.
    HP Commercial PC’s have several BIOS settings that control its behaviour
    and capabilities, many of which are related to security. To prevent
    unauthorized changes to these settings, the system can be configured
    to use a Sure Admin cryptographic signature-based authorization string
    that the BIOS will use to verify authorization to modify the setting.

Version: 2

  Update pending_reboot state value (2/4)

    There is not a reliable mechanism to programmatically determine which
    BIOS settings require a reboot to be updated.  The latest changes
    leverages “RequiredPhysicalPresence” reported value to set

  Set current_value permissions appropriate to read-only attributes (3/4)

    This patch updates ‘current_value’ permissions to match the value
    reported by ‘is_readonly’ value associated with the attribute.
    ‘current_value’ permissions are set to read-only if ‘is_readonly’
    value is 1.  ‘current_value’ permissions are set to read-write if
    ‘is_readonly’ value is zero.   Other read-only and write-only
    permissions will remain unchanged.
  Improve friendly display name values (4/4)

    The purpose of this patch is to improve the friendly display name for
    few numbers of attributes associated with ‘Schedule Power-ON.’  BIOS
    assign names such ‘Tuesday’ to an attribute. The name is correct, but
    it is not descriptive enough for the user.  It is under those
    conditions a portion of the path data value is append to the attribute
    name to create a user-friendly name.
    For instance, the attribute name is ‘Tuesday,’ and the display name
    value is ‘Schedule Power-ON – Tuesday’

 .../testing/sysfs-class-firmware-attributes   |  175 ++-
 drivers/platform/x86/Kconfig                  |    1 +
 drivers/platform/x86/Makefile                 |    1 +
 drivers/platform/x86/hp/Kconfig               |   35 +
 drivers/platform/x86/hp/Makefile              |   19 +
 drivers/platform/x86/hp/biosattr-interface.c  |  286 +++++
 drivers/platform/x86/hp/bioscfg.c             | 1064 +++++++++++++++++
 drivers/platform/x86/hp/bioscfg.h             |  671 +++++++++++
 drivers/platform/x86/hp/enum-attributes.c     |  521 ++++++++
 drivers/platform/x86/hp/int-attributes.c      |  478 ++++++++
 drivers/platform/x86/hp/ordered-attributes.c  |  586 +++++++++
 .../platform/x86/hp/passwdattr-interface.c    |   50 +
 .../platform/x86/hp/passwdobj-attributes.c    |  647 ++++++++++
 drivers/platform/x86/hp/spmobj-attributes.c   |  408 +++++++
 drivers/platform/x86/hp/string-attributes.c   |  457 +++++++
 .../platform/x86/hp/sureadmin-attributes.c    | 1014 ++++++++++++++++
 .../platform/x86/hp/surestart-attributes.c    |  145 +++
 17 files changed, 6557 insertions(+), 1 deletion(-)
 create mode 100644 drivers/platform/x86/hp/Kconfig
 create mode 100644 drivers/platform/x86/hp/Makefile
 create mode 100644 drivers/platform/x86/hp/biosattr-interface.c
 create mode 100644 drivers/platform/x86/hp/bioscfg.c
 create mode 100644 drivers/platform/x86/hp/bioscfg.h
 create mode 100644 drivers/platform/x86/hp/enum-attributes.c
 create mode 100644 drivers/platform/x86/hp/int-attributes.c
 create mode 100644 drivers/platform/x86/hp/ordered-attributes.c
 create mode 100644 drivers/platform/x86/hp/passwdattr-interface.c
 create mode 100644 drivers/platform/x86/hp/passwdobj-attributes.c
 create mode 100644 drivers/platform/x86/hp/spmobj-attributes.c
 create mode 100644 drivers/platform/x86/hp/string-attributes.c
 create mode 100644 drivers/platform/x86/hp/sureadmin-attributes.c
 create mode 100644 drivers/platform/x86/hp/surestart-attributes.c


             reply	other threads:[~2022-10-14 23:27 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-10-14 23:27 Jorge Lopez [this message]
2022-10-14 23:27 ` [PATCH v2 1/4] Introduction of HP-BIOSCFG driver Jorge Lopez
2022-10-14 23:27 ` [PATCH v2 2/4] Update pending_reboot state value Jorge Lopez
2022-10-14 23:27 ` [PATCH v2 3/4] Set current_value permissions appropriate to read-only attributes Jorge Lopez
2022-10-14 23:27 ` [PATCH v2 4/4] Improve friendly display name values Jorge Lopez

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).