All of lore.kernel.org
 help / color / mirror / Atom feed
From: Greg KH <gregkh@linuxfoundation.org>
To: Dionna Amalie Glaze <dionnaglaze@google.com>
Cc: stable@vger.kernel.org, Jarkko Sakkinen <jarkko@kernel.org>,
	Stefano Garzarella <sgarzare@redhat.com>
Subject: Re: Please backport 980a573621ea to 6.12, 6.14
Date: Fri, 2 May 2025 06:54:30 +0200	[thread overview]
Message-ID: <2025050202-diving-palatable-b44c@gregkh> (raw)
In-Reply-To: <CAAH4kHY7sccAgtoouC4wFEbp4beKJ-pMD2SxW_jVrVpg5FexVw@mail.gmail.com>

On Thu, May 01, 2025 at 01:06:34PM -0700, Dionna Amalie Glaze wrote:
> On Thu, May 1, 2025 at 11:04 AM Greg KH <gregkh@linuxfoundation.org> wrote:
> >
> > On Thu, May 01, 2025 at 09:48:59AM -0700, Dionna Amalie Glaze wrote:
> > > 980a573621ea ("tpm: Make chip->{status,cancel,req_canceled} opt")
> > >
> > > This is a dependent commit for the series of patches to add the AMD
> > > SEV-SNP SVSM vTPM device driver. Kernel 6.11 added SVSM support, but
> > > not support for the critical component for boot integrity that follows
> > > the SEV-SNP threat model. That series
> > > https://lore.kernel.org/all/20250410135118.133240-1-sgarzare@redhat.com/
> > > is applied at tip but is not yet in the mainline.
> >
> > How does this fix a bug in these stable branches now?
> 
> I find that the inability to use the main purpose of SVSM support for
> trusted boot integrity is a security bug according to the SEV-SNP
> threat model.

That is a new feature, sorry.  Just use new kernel versions if you wish
to have this.

greg k-h

      reply	other threads:[~2025-05-02  4:54 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-05-01 16:48 Please backport 980a573621ea to 6.12, 6.14 Dionna Amalie Glaze
2025-05-01 18:04 ` Greg KH
2025-05-01 20:06   ` Dionna Amalie Glaze
2025-05-02  4:54     ` Greg KH [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2025050202-diving-palatable-b44c@gregkh \
    --to=gregkh@linuxfoundation.org \
    --cc=dionnaglaze@google.com \
    --cc=jarkko@kernel.org \
    --cc=sgarzare@redhat.com \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.