diff options
| author | Russ Weight <russell.h.weight@intel.com> | 2022-06-06 18:00:37 +0200 |
|---|---|---|
| committer | Xu Yilun <yilun.xu@intel.com> | 2022-06-08 11:04:38 +0200 |
| commit | 7f03d84a672d87630448339a8a0e1d689f6980f9 (patch) | |
| tree | e84306d2c5532268db043805acb6101d5ae95471 /Documentation/ABI | |
| parent | fpga: m10bmc-sec: expose max10 flash update count (diff) | |
| download | linux-7f03d84a672d87630448339a8a0e1d689f6980f9.tar.xz linux-7f03d84a672d87630448339a8a0e1d689f6980f9.zip | |
fpga: m10bmc-sec: expose max10 canceled keys in sysfs
Extend the MAX10 BMC Secure Update driver to provide sysfs files to
expose the 128 bit code signing key (CSK) cancellation vectors. These use
the standard bitmap list format (e.g. 1,2-6,9).
Each CSK is assigned an ID, a number between 0-127, during the signing
process. CSK ID cancellation information is stored in 128-bit fields in
write-once locations in flash. The cancellation of a CSK can be used
to prevent the card from being rolled back to older images that were
signed with a CSK that is now cancelled.
Reviewed-by: Tom Rix <trix@redhat.com>
Tested-by: Tianfei Zhang <tianfei.zhang@intel.com>
Signed-off-by: Russ Weight <russell.h.weight@intel.com>
Link: https://lore.kernel.org/r/20220606160038.846236-5-russell.h.weight@intel.com
Signed-off-by: Xu Yilun <yilun.xu@intel.com>
Diffstat (limited to 'Documentation/ABI')
| -rw-r--r-- | Documentation/ABI/testing/sysfs-driver-intel-m10-bmc-sec-update | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/Documentation/ABI/testing/sysfs-driver-intel-m10-bmc-sec-update b/Documentation/ABI/testing/sysfs-driver-intel-m10-bmc-sec-update index 6114e15885e5..0a41afe0ab4c 100644 --- a/Documentation/ABI/testing/sysfs-driver-intel-m10-bmc-sec-update +++ b/Documentation/ABI/testing/sysfs-driver-intel-m10-bmc-sec-update @@ -28,6 +28,30 @@ Description: Read only. Returns the root entry hash for the BMC image underlying device supports it. Format: string. +What: /sys/bus/platform/drivers/intel-m10bmc-sec-update/.../security/sr_canceled_csks +Date: Sep 2022 +KernelVersion: 5.20 +Contact: Russ Weight <russell.h.weight@intel.com> +Description: Read only. Returns a list of indices for canceled code + signing keys for the static region. The standard bitmap + list format is used (e.g. "1,2-6,9"). + +What: /sys/bus/platform/drivers/intel-m10bmc-sec-update/.../security/pr_canceled_csks +Date: Sep 2022 +KernelVersion: 5.20 +Contact: Russ Weight <russell.h.weight@intel.com> +Description: Read only. Returns a list of indices for canceled code + signing keys for the partial reconfiguration region. The + standard bitmap list format is used (e.g. "1,2-6,9"). + +What: /sys/bus/platform/drivers/intel-m10bmc-sec-update/.../security/bmc_canceled_csks +Date: Sep 2022 +KernelVersion: 5.20 +Contact: Russ Weight <russell.h.weight@intel.com> +Description: Read only. Returns a list of indices for canceled code + signing keys for the BMC. The standard bitmap list format + is used (e.g. "1,2-6,9"). + What: /sys/bus/platform/drivers/intel-m10bmc-sec-update/.../security/flash_count Date: Sep 2022 KernelVersion: 5.20 |