From: Ard Biesheuvel <ardb+git@google.com>
To: torvalds@linux-foundation.org
Cc: linux-efi@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>
Subject: [GIT PULL] EFI updates for v6.9
Date: Tue, 12 Mar 2024 18:51:32 +0100 [thread overview]
Message-ID: <20240312175137.2185208-2-ardb+git@google.com> (raw)
From: Ard Biesheuvel <ardb@kernel.org>
Hello Linus,
Please pull the EFI changes below.
The following changes since commit 841c35169323cd833294798e58b9bf63fa4fa1de:
Linux 6.8-rc4 (2024-02-11 12:18:13 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git tags/efi-next-for-v6.9
for you to fetch changes up to 021bc4b9d7ed8dcc90dc288e59f120fa6e3087dc:
virt: efi_secret: Convert to platform remove callback returning void (2024-03-09 11:37:18 +0100)
----------------------------------------------------------------
EFI updates for v6.9:
- Measure initrd and command line using the CC protocol if the ordinary
TCG2 protocol is not implemented, typically on TDX confidential VMs
- Avoid creating mappings that are both writable and executable while
running in the EFI boot services. This is a prerequisite for getting
the x86 shim loader signed by MicroSoft again, which allows the
distros to install on x86 PCs that ship with EFI secure boot enabled.
- API update for struct platform_driver::remove()
----------------------------------------------------------------
Ard Biesheuvel (4):
efi/libstub: Use TPM event typedefs from the TCG PC Client spec
efi/tpm: Use symbolic GUID name from spec for final events table
efi/libstub: Measure into CC protocol if TCG2 protocol is absent
x86/efistub: Remap kernel text read-only before dropping NX attribute
Kuppuswamy Sathyanarayanan (2):
efi/libstub: Add Confidential Computing (CC) measurement typedefs
efi/libstub: Add get_event_log() support for CC platforms
Uwe Kleine-König (1):
virt: efi_secret: Convert to platform remove callback returning void
arch/x86/boot/compressed/Makefile | 2 +-
arch/x86/boot/compressed/misc.c | 1 +
arch/x86/include/asm/boot.h | 1 +
drivers/firmware/efi/efi.c | 3 +-
drivers/firmware/efi/libstub/efi-stub-helper.c | 98 ++++++++++++++++++--------
drivers/firmware/efi/libstub/efi-stub.c | 2 +-
drivers/firmware/efi/libstub/efistub.h | 95 +++++++++++++++++++++++--
drivers/firmware/efi/libstub/tpm.c | 82 +++++++++++++--------
drivers/firmware/efi/libstub/x86-stub.c | 13 +++-
drivers/virt/coco/efi_secret/efi_secret.c | 5 +-
include/linux/efi.h | 4 +-
11 files changed, 234 insertions(+), 72 deletions(-)
next reply other threads:[~2024-03-12 17:52 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-12 17:51 Ard Biesheuvel [this message]
2024-03-13 21:47 ` [GIT PULL] EFI updates for v6.9 pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240312175137.2185208-2-ardb+git@google.com \
--to=ardb+git@google.com \
--cc=ardb@kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.