fpgainfo: Remove the sdm hash and cancel keys from CMC fpgainfo security #3099
Conversation
There was a problem hiding this comment.
Thanks @anandaravuri! Can this be split into two separate commits?
- The CMC platform does not support SDM PR and SR key hashes/cancel keys; therefore, remove them from the CMC board module
- Update the security key enumeration and read sysfs attribute logic into table format.
Pull Request Test Coverage Report for Build 7879099070Details
💛 - Coveralls |
The CMC platform does not support SDM PR and SR key hashes/cancel keys; therefore, remove them from the CMC board module Signed-off-by: anandaravuri <[email protected]>
3361146
to
65ead29
Compare
The CMC platform does not support SDM PR and SR key hashes/cancel keys; therefore, remove them from the CMC board module Signed-off-by: anandaravuri <[email protected]>
…e logic into table format. Signed-off-by: anandaravuri <[email protected]>
|
|
||
| typedef struct fpga_sec_key { | ||
| char name[FPGA_VAR_BUF_LEN]; | ||
| char sysfs[FPGA_VAR_BUF_LEN]; |
There was a problem hiding this comment.
It would be better to define as follows:
const char *name;
const char sysfs;
You don't need or want to specify an string size here.
|
|
||
| #define SEC_ARRAY_MAX_SIZE 7 | ||
|
|
||
| fpga_sec_key sec_key_data[SEC_ARRAY_MAX_SIZE] = |
There was a problem hiding this comment.
Don't specify size of array. Add a null entry at the end.
| }, | ||
| {.name = "User flash update counter", | ||
| .sysfs = "*flash_count" | ||
| } |
There was a problem hiding this comment.
You can end the array with {} to create a empty entry.
| printf("%-32s : %s\n", "FIM root entry hash", "None"); | ||
| resval = res; | ||
| } | ||
| for (i = 0; i < SEC_ARRAY_MAX_SIZE; i++) |
There was a problem hiding this comment.
for (p = sec_key_data; p->name; p++)
Signed-off-by: anandaravuri <[email protected]>
|
Hi Ananda, Please squash/fix the 5 commits such that there are only two commits as Peter requested. The first commit removes the unsupported #defines and code using them. The second commit should be turning the linear code into a table and a for loop. |
There was a problem hiding this comment.
Please squash/fix the 5 commits such that there are only two commits as Peter requested.
The first commit removes the unsupported #defines and code using them.
The second commit should be turning the linear code into a table and a for loop.
Please never mind, squashing this PR to a single commit is fine. I had misread the description initially as two relatively independent changes, but removing the old without adding the new code breaks the entire functionality of print_sec_info().
The CMC platform does not support SDM PR and SR key hashes/cancel keys; therefore, remove them from the CMC board module
Update the security key enumeration and read sysfs attribute logic into table format.