Linux kernel development work - see feature branches https://git.zx2c4.com/linux-dev/atom/arch/powerpc/kernel/secvar-ops.c?h=linus%2Fmaster 2019-11-12T13:33:22Z 2019-11-12T13:33:22Z Nayna Jain nayna@linux.ibm.com 2019-11-11T03:10:33Z urn:sha1:9155e2341aa8b5df057dc1c77633b33d1a4f17d2 The X.509 certificates trusted by the platform and required to secure boot the OS kernel are wrapped in secure variables, which are controlled by OPAL. This patch adds firmware/kernel interface to read and write OPAL secure variables based on the unique key. This support can be enabled using CONFIG_OPAL_SECVAR. Signed-off-by: Claudio Carvalho <cclaudio@linux.ibm.com> Signed-off-by: Nayna Jain <nayna@linux.ibm.com> Signed-off-by: Eric Richter <erichte@linux.ibm.com> [mpe: Make secvar_ops __ro_after_init, only build opal-secvar.c if PPC_SECURE_BOOT=y] Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/1573441836-3632-2-git-send-email-nayna@linux.ibm.com