From: Jarkko Sakkinen <jarkko.sakkinen@iki.fi>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org,
keyrings@vger.kernel.org, James Morris <jmorris@namei.org>,
David Howells <dhowells@redhat.com>,
Peter Huewe <peterhuewe@gmx.de>, Jason Gunthorpe <jgg@ziepe.ca>
Subject: [GIT PULL] TPM DEVICE DRIVER updates for v5.18
Date: Mon, 14 Mar 2022 05:32:39 +0200 [thread overview]
Message-ID: <Yi63V9wVfSJ3ioSm@iki.fi> (raw)
The following changes since commit ea4424be16887a37735d6550cfd0611528dbe5d9:
Merge tag 'mtd/fixes-for-5.17-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux (2022-03-07 11:43:22 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/ tags/tpmdd-next-v5.18-v2
for you to fetch changes up to fb5abce6b2bb5cb3d628aaa63fa821da8c4600f9:
tpm: use try_get_ops() in tpm-space.c (2022-03-10 01:47:25 +0200)
----------------------------------------------------------------
tpmdd updates for Linux v5.18
----------------------------------------------------------------
Andreas Rammhold (1):
KEYS: trusted: Fix trusted key backends when building as module
Dave Kleikamp (1):
KEYS: trusted: Avoid calling null function trusted_key_exit
Eric Biggers (8):
KEYS: fix length validation in keyctl_pkey_params_get_2()
KEYS: x509: clearly distinguish between key and signature algorithms
KEYS: x509: remove unused fields
KEYS: x509: remove never-set ->unsupported_key flag
KEYS: x509: remove dead code that set ->unsupported_sig
KEYS: remove support for asym_tpm keys
KEYS: asymmetric: enforce that sig algo matches key algo
KEYS: asymmetric: properly validate hash_algo and encoding
Eric Snowberg (8):
integrity: Fix warning about missing prototypes
integrity: Introduce a Linux keyring called machine
integrity: add new keyring handler for mok keys
KEYS: store reference to machine keyring
KEYS: Introduce link restriction for machine keys
efi/mokvar: move up init order
integrity: Trust MOK keys if MokListTrustedRT found
integrity: Only use machine keyring when uefi_check_trust_mok_keys is true
Gustavo A. R. Silva (1):
tpm: xen-tpmfront: Use struct_size() helper
James Bottomley (1):
tpm: use try_get_ops() in tpm-space.c
Lino Sanfilippo (1):
tpm: fix reference counting for struct tpm_chip
Stefan Berger (1):
selftests: tpm2: Determine available PCR bank
Tadeusz Struk (2):
tpm: Fix error handling in async work
selftests: tpm: add async space test with noneexisting handle
certs/system_keyring.c | 44 +-
crypto/asymmetric_keys/Kconfig | 21 -
crypto/asymmetric_keys/Makefile | 12 -
crypto/asymmetric_keys/asym_tpm.c | 957 ---------------------
crypto/asymmetric_keys/pkcs7_verify.c | 13 +-
crypto/asymmetric_keys/public_key.c | 126 ++-
crypto/asymmetric_keys/tpm.asn1 | 5 -
crypto/asymmetric_keys/tpm_parser.c | 102 ---
crypto/asymmetric_keys/x509.asn1 | 2 +-
crypto/asymmetric_keys/x509_cert_parser.c | 34 +-
crypto/asymmetric_keys/x509_parser.h | 1 -
crypto/asymmetric_keys/x509_public_key.c | 24 -
drivers/char/tpm/tpm-chip.c | 46 +-
drivers/char/tpm/tpm-dev-common.c | 8 +-
drivers/char/tpm/tpm.h | 2 +
drivers/char/tpm/tpm2-space.c | 73 +-
drivers/char/tpm/xen-tpmfront.c | 8 +-
drivers/firmware/efi/mokvar-table.c | 2 +-
include/crypto/asym_tpm_subtype.h | 19 -
include/keys/system_keyring.h | 14 +
security/integrity/Kconfig | 13 +
security/integrity/Makefile | 1 +
security/integrity/digsig.c | 15 +-
security/integrity/integrity.h | 17 +-
.../integrity/platform_certs/keyring_handler.c | 18 +-
.../integrity/platform_certs/keyring_handler.h | 5 +
security/integrity/platform_certs/load_uefi.c | 4 +-
.../integrity/platform_certs/machine_keyring.c | 77 ++
security/keys/keyctl_pkey.c | 14 +-
security/keys/trusted-keys/trusted_core.c | 6 +-
tools/testing/selftests/tpm2/tpm2.py | 31 +
tools/testing/selftests/tpm2/tpm2_tests.py | 45 +-
32 files changed, 486 insertions(+), 1273 deletions(-)
delete mode 100644 crypto/asymmetric_keys/asym_tpm.c
delete mode 100644 crypto/asymmetric_keys/tpm.asn1
delete mode 100644 crypto/asymmetric_keys/tpm_parser.c
delete mode 100644 include/crypto/asym_tpm_subtype.h
create mode 100644 security/integrity/platform_certs/machine_keyring.c
next reply other threads:[~2022-03-14 3:33 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-14 3:32 Jarkko Sakkinen [this message]
2022-03-14 3:38 ` [GIT PULL] TPM DEVICE DRIVER updates for v5.18 Jarkko Sakkinen
-- strict thread matches above, loose matches on Subject: below --
2022-03-14 3:36 Jarkko Sakkinen
2022-03-08 12:58 Jarkko Sakkinen
2022-03-08 18:10 ` Eric Biggers
2022-03-08 18:50 ` Jarkko Sakkinen
2022-03-09 23:50 ` Jarkko Sakkinen
2022-03-10 4:20 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Yi63V9wVfSJ3ioSm@iki.fi \
--to=jarkko.sakkinen@iki.fi \
--cc=dhowells@redhat.com \
--cc=jgg@ziepe.ca \
--cc=jmorris@namei.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterhuewe@gmx.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.