efi: Register efi_secret platform device if EFI secret area is declared - linux

diff options

author	Dov Murik <dovmurik@linux.ibm.com>	2022-04-12 23:21:26 +0200
committer	Ard Biesheuvel <ardb@kernel.org>	2022-04-13 19:11:20 +0200
commit	20ffd9205ef60fca8912bc9df1602bb627756602 (patch)
tree	ac5b80804d72393998b4fd017c23cffea7ed772a /Documentation/security/index.rst
parent	virt: Add efi_secret module to expose confidential computing secrets (diff)
download	linux-20ffd9205ef60fca8912bc9df1602bb627756602.tar.xz linux-20ffd9205ef60fca8912bc9df1602bb627756602.zip

efi: Register efi_secret platform device if EFI secret area is declared

During efi initialization, check if coco_secret is defined in the EFI configuration table; in such case, register platform device "efi_secret". This allows udev to automatically load the efi_secret module (platform driver), which in turn will populate the <securityfs>/secrets/coco directory in guests into which secrets were injected. Note that a declared address of an EFI secret area doesn't mean that secrets where indeed injected to that area; if the secret area is not populated, the driver will not load (but the platform device will still be registered). Signed-off-by: Dov Murik <dovmurik@linux.ibm.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Link: https://lore.kernel.org/r/20220412212127.154182-4-dovmurik@linux.ibm.com Signed-off-by: Ard Biesheuvel <ardb@kernel.org>

Diffstat (limited to 'Documentation/security/index.rst')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: