On Fri, Jun 2, 2023 at 5:46 PM Randy Dunlap <rdunlap@xxxxxxxxxxxxx> wrote: > > Hi again, > > On 6/2/23 06:10, Jorge Lopez wrote: > > HP BIOS Configuration driver purpose is to provide a driver supporting > > the latest sysfs class firmware attributes framework allowing the user > > to change BIOS settings and security solutions on HP Inc.’s commercial > > notebooks. > > > > Many features of HP Commercial notebooks can be managed using Windows > > Management Instrumentation (WMI). WMI is an implementation of Web-Based > > Enterprise Management (WBEM) that provides a standards-based interface > > for changing and monitoring system settings. HP BIOSCFG driver provides > > a native Linux solution and the exposed features facilitates the > > migration to Linux environments. > > > > The Linux security features to be provided in hp-bioscfg driver enables > > managing the BIOS settings and security solutions via sysfs, a virtual > > filesystem that can be used by user-mode applications. The new > > documentation cover HP-specific firmware sysfs attributes such Secure > > Platform Management and Sure Start. Each section provides security > > feature description and identifies sysfs directories and files exposed > > by the driver. > > > > Many HP Commercial notebooks include a feature called Secure Platform > > Management (SPM), which replaces older password-based BIOS settings > > management with public key cryptography. PC secure product management > > begins when a target system is provisioned with cryptographic keys > > that are used to ensure the integrity of communications between system > > management utilities and the BIOS. > > > > HP Commercial notebooks have several BIOS settings that control its > > behaviour and capabilities, many of which are related to security. > > To prevent unauthorized changes to these settings, the system can > > be configured to use a cryptographic signature-based authorization > > string that the BIOS will use to verify authorization to modify the > > setting. > > > > Linux Security components are under development and not published yet. > > The only linux component is the driver (hp bioscfg) at this time. > > Other published security components are under Windows. > > > > A commit message should tell what and why. E.g.: > > Add Makefile and Kconfig to build hp-bioscfg. > > It does not need all of that boilerplate info. > The cover letter is good for that. > > The "why" part can and usually should include some background/history > info. I will update the commit message for all portions of the driver as indicated > > > Signed-off-by: Jorge Lopez <jorge.lopez2@xxxxxx> > > > > --- > > Based on the latest platform-drivers-x86.git/for-next > > --- > > drivers/platform/x86/hp/Kconfig | 16 ++++++++++++++++ > > drivers/platform/x86/hp/Makefile | 1 + > > drivers/platform/x86/hp/hp-bioscfg/Makefile | 11 +++++++++++ > > 3 files changed, 28 insertions(+) > > create mode 100644 drivers/platform/x86/hp/hp-bioscfg/Makefile > > thanks. > -- > ~Randy
