Hi Jan,
2023年8月15日(火) 2:23 Jan Kiszka jan.kiszka@siemens.com:
On 14.08.23 11:24, Ilias Apalodimas wrote:
Hi Jan,
On Mon, 7 Aug 2023 at 05:53, Masahisa Kojima masahisa.kojima@linaro.org
wrote:
This series introduces the tee based EFI Runtime Variable Service.
The eMMC device is typically owned by the non-secure world(linux in this case). There is an existing solution utilizing eMMC RPMB partition for EFI Variables, it is implemented by interacting with OP-TEE, StandaloneMM(as EFI Variable Service Pseudo TA), eMMC driver and tee-supplicant. The last piece is the tee-based variable access driver to interact with OP-TEE and StandaloneMM.
Changelog: v7 -> v8 Only patch #3 "efi: Add tee-based EFI variable driver" is updated.
- fix typos
- refactor error handling, direct return if applicable
- use devm_add_action_or_reset() for closing of tee context/session
- remove obvious comment
Any chance you can run this and see if it solves your issues?
I also need [1], and I still need a cleanup script before terminating the tee-supplicant, right?
Yes, we need patch[1] and a cleanup script. Sorry, I should note in the cover letter.
And if need some service in the initrd
already, I still need to start the supplicant there and transfer its ownership to systemd later on?
Yes.
These patches here only make life easier
if the supplicant is started by systemd, after efivarfs has been mounted, correct?
Yes.
Thanks, Masahisa Kojima
Jan
[1] https://lkml.org/lkml/2023/7/28/853
-- Siemens AG, Technology Linux Expert Center