mirror of
https://github.com/torvalds/linux.git
synced 2026-04-18 23:03:57 -04:00
9e8a3df3e7
Enable EFI COCO secrets support. Provide the ioremap_encrypted() support required by the driver. Cc: Sami Mujawar <sami.mujawar@arm.com> Cc: Will Deacon <will@kernel.org> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Aneesh Kumar K.V <aneesh.kumar@kernel.org> Cc: Steven Price <steven.price@arm.com> Reviewed-by: Gavin Shan <gshan@redhat.com> Tested-by: Sami Mujawar <sami.mujawar@arm.com> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com> Signed-off-by: Will Deacon <will@kernel.org>
17 lines
664 B
Plaintext
17 lines
664 B
Plaintext
# SPDX-License-Identifier: GPL-2.0-only
|
|
config EFI_SECRET
|
|
tristate "EFI secret area securityfs support"
|
|
depends on EFI && (X86_64 || ARM64)
|
|
select EFI_COCO_SECRET
|
|
select SECURITYFS
|
|
help
|
|
This is a driver for accessing the EFI secret area via securityfs.
|
|
The EFI secret area is a memory area designated by the firmware for
|
|
confidential computing secret injection (for example for AMD SEV
|
|
guests). The driver exposes the secrets as files in
|
|
<securityfs>/secrets/coco. Files can be read and deleted (deleting
|
|
a file wipes the secret from memory).
|
|
|
|
To compile this driver as a module, choose M here.
|
|
The module will be called efi_secret.
|