On Thu Apr 4, 2024 at 2:56 AM EEST, Eric Biggers wrote:
> On Wed, Apr 03, 2024 at 09:32:02AM -0700, Andy Lutomirski wrote:
> > On Fri, Feb 23, 2024, at 10:30 AM, Eric Biggers wrote:
> > > On Fri, Feb 23, 2024 at 06:20:27PM +, Andrew Cooper wrote:
> > >> On 23/02/2024 5:54 pm, Eric Biggers
On Mon Sep 18, 2023 at 6:41 PM EEST, Dimitri John Ledkov wrote:
> On Tue, 12 Sept 2023 at 11:38, Jarkko Sakkinen wrote:
> >
> > On Tue Sep 12, 2023 at 2:20 AM EEST, Neal Gompa wrote: > On Mon, Sep 11,
> > 2023 at 7:15 PM Jarkko Sakkinen wrote:
> > > > On
On Thu Sep 14, 2023 at 7:11 PM EEST, Jan Hendrik Farr wrote:
> > BTW, would not be a bad idea to extend CC list to at least Matthew and
> > James Bottomley on this patch.
>
> Sure. Added Matthew and James in CC
>
> Also, I already made some minor changes. cmdline is now used from the
> syscall if
On Thu Sep 14, 2023 at 3:26 PM EEST, Jarkko Sakkinen wrote:
> On Thu Sep 14, 2023 at 12:32 PM EEST, Lennart Poettering wrote:
> > On Mi, 13.09.23 16:00, Philipp Rudo (pr...@redhat.com) wrote:
> >
> > > For example there are two definitions for the UKI which cont
On Thu Sep 14, 2023 at 12:32 PM EEST, Lennart Poettering wrote:
> On Mi, 13.09.23 16:00, Philipp Rudo (pr...@redhat.com) wrote:
>
> > For example there are two definitions for the UKI which contradict each
> > other.
> > The dedicated one [1] you have cited earlier and the one in the BLS for
> >
On Thu Sep 14, 2023 at 12:11 PM EEST, Lennart Poettering wrote:
> On Mi, 13.09.23 17:45, Jarkko Sakkinen (jar...@kernel.org) wrote:
>
> > On Tue Sep 12, 2023 at 11:49 PM EEST, Jan Hendrik Farr wrote:
> > >
> > > > These are sort of "tautological" argu
On Thu Sep 14, 2023 at 11:48 AM EEST, Lennart Poettering wrote:
> On Di, 12.09.23 17:32, Jan Hendrik Farr (ker...@jfarr.cc) wrote:
>
> > >> The format itself is rather simple. It's just a PE file (as required
> > >> by the UEFI spec) that contains a small stub application in the .text,
> > >>
On Wed Sep 13, 2023 at 6:07 PM EEST, Jan Hendrik Farr wrote:
> On Wed, Sep 13, 2023, at 4:45 PM, Jarkko Sakkinen wrote:
> > On Tue Sep 12, 2023 at 11:49 PM EEST, Jan Hendrik Farr wrote:
> >>
> >> > These are sort of "tautological" arguments. There m
On Tue Sep 12, 2023 at 11:49 PM EEST, Jan Hendrik Farr wrote:
>
> > These are sort of "tautological" arguments. There must be some
> > objective reasons why this architecture was chosen instead of
> > other (i.e. using what already pre-exists).
>
> I think I misunderstood you in my earlier reply.
On Tue Sep 12, 2023 at 9:56 PM EEST, Jan Hendrik Farr wrote:
> > What sort of bottleneck does the EFI stub have so that we need yet
> > another envelope?
>
> Well I can come up with a few advantages of UKI compared to normal bzImage
> with builtin initrd and cmdline.
>
> 1. You already identified
On Tue Sep 12, 2023 at 6:32 PM EEST, Jan Hendrik Farr wrote:
> >> The format itself is rather simple. It's just a PE file (as required
> >> by the UEFI spec) that contains a small stub application in the .text,
> >> .data, etc sections that is responsible for invoking the contained
> >> kernel and
On Tue Sep 12, 2023 at 2:20 AM EEST, Neal Gompa wrote: > On Mon, Sep 11, 2023
at 7:15 PM Jarkko Sakkinen wrote:
> > On Sat Sep 9, 2023 at 7:18 PM EEST, Jan Hendrik Farr wrote:
> > > Hello,
> > >
> > > this patch implements UKI support for kexec_file_
On Tue Sep 12, 2023 at 1:54 AM EEST, Jan Hendrik Farr wrote:
> > What the heck is UKI?
>
> UKI (Unified Kernel Image) is the kernel image + initrd + cmdline (+
> some other optional stuff) all packaged up together as one EFI
> application.
>
> This EFI application can then be launched directly by
On Sat Sep 9, 2023 at 7:18 PM EEST, Jan Hendrik Farr wrote:
> Hello,
>
> this patch implements UKI support for kexec_file_load. It will require support
> in the kexec-tools userspace utility. For testing purposes the following can
> be used:
> https://github.com/Cydox/kexec-test/
>
> There has
On Thu Aug 3, 2023 at 4:22 AM EEST, Mimi Zohar wrote:
> On Wed, 2023-08-02 at 06:58 +0300, Jarkko Sakkinen wrote:
> >
> > From long description I see zero motivation to ack this change, except
> > some heresay about IMA requiring it. Why does IMA need update_cnt and
> >
On Thu Aug 3, 2023 at 12:04 AM EEST, Tushar Sugandhi wrote:
> Btw, the function tpm2_pcr_read is not exposed directly to the other
> subsystems (like IMA). It is exposed via tpm_pcr_read.
>
> Do you want to expose tpm2_pcr_read directly,
> or do you want me to update the function signature of
On Wed Aug 2, 2023 at 12:01 AM EEST, Tushar Sugandhi wrote:
> Thanks for the response Jarkko.
>
> On 8/1/23 12:02, Jarkko Sakkinen wrote:
> > The short summary is cryptic to say the least.
> Do you mean the patch subject line, or the description below?
It is in the process doc
The short summary is cryptic to say the least.
"update counter" does not map it to have anything to do with PCRs.
Why not "tpm: Read pcrUpdateCounter field from TPM2_PCR_Read"?
On Tue Aug 1, 2023 at 9:19 PM EEST, Tushar Sugandhi wrote:
> The TPM2_PCR_Read command returns TPM2_PCR_Read Response
On Fri, 2023-06-09 at 14:49 -0400, Stefan Berger wrote:
>
> On 6/9/23 14:18, Jarkko Sakkinen wrote:
> > On Thu May 25, 2023 at 1:56 AM EEST, Jerry Snitselaar wrote:
> > > On Tue, Apr 18, 2023 at 09:44:07AM -0400, Stefan Berger wrote:
> > > > Simplify tpm_read_
On Fri Jun 9, 2023 at 9:49 PM EEST, Stefan Berger wrote:
>
>
> On 6/9/23 14:18, Jarkko Sakkinen wrote:
> > On Thu May 25, 2023 at 1:56 AM EEST, Jerry Snitselaar wrote:
> >> On Tue, Apr 18, 2023 at 09:44:07AM -0400, Stefan Berger wrote:
> >>> Simplify tpm_re
; used also for kexec support. Call the new of_tpm_get_sml_parameters()
> > function from the TPM Open Firmware driver.
> >
> > Signed-off-by: Stefan Berger
> > Cc: Jarkko Sakkinen
> > Cc: Jason Gunthorpe
> > Cc: Rob Herring
> > Cc: Frank Rowand
> > R
On Fri May 12, 2023 at 6:58 PM EEST, Ross Philipson wrote:
> On 5/10/23 19:02, Jarkko Sakkinen wrote:
> > On Thu May 4, 2023 at 5:50 PM EEST, Ross Philipson wrote:
> >> The routine slaunch_setup is called out of the x86 specific setup_arch
> >> routine during early ker
On Thu May 4, 2023 at 5:50 PM EEST, Ross Philipson wrote:
> The routine slaunch_setup is called out of the x86 specific setup_arch
> routine during early kernel boot. After determining what platform is
> present, various operations specific to that platform occur. This
> includes finalizing
On Thu May 4, 2023 at 5:50 PM EEST, Ross Philipson wrote:
> Introduce the Secure Launch Resource Table which forms the formal
> interface between the pre and post launch code.
>
> Signed-off-by: Ross Philipson
> ---
> include/linux/slr_table.h | 270
>
On Thu May 4, 2023 at 5:50 PM EEST, Ross Philipson wrote:
> On Intel, the APs are left in a well documented state after TXT performs
> the late launch. Specifically they cannot have #INIT asserted on them so
> a standard startup via INIT/SIPI/SIPI cannot be performed. Instead the
> early SL stub
On Thu May 4, 2023 at 5:50 PM EEST, Ross Philipson wrote:
> From: "Daniel P. Smith"
>
> The Secure Launch platform module is a late init module. During the
> init call, the TPM event log is read and measurements taken in the
> early boot stub code are located. These measurements are extended
>
On Thu May 4, 2023 at 5:50 PM EEST, Ross Philipson wrote:
> From: "Daniel P. Smith"
>
> The Secure Launch platform module is a late init module. During the
> init call, the TPM event log is read and measurements taken in the
> early boot stub code are located. These measurements are extended
>
On Wed May 10, 2023 at 4:21 AM EEST, Eric Biggers wrote:
> On Thu, May 04, 2023 at 02:50:15PM +, Ross Philipson wrote:
> > From: "Daniel P. Smith"
> >
> > The SHA algorithms are necessary to measure configuration information into
> > the TPM as early as possible before using the values. This
from the TPM Open Firmware driver.
>
> Signed-off-by: Stefan Berger
> Cc: Jarkko Sakkinen
> Cc: Jason Gunthorpe
> Cc: Rob Herring
> Cc: Frank Rowand
> Reviewed-by: Mimi Zohar
> Tested-by: Nageswara R Sastry
> Reviewed-by: Jarkko Sakkinen
> Tested-by: Coiby Xu
On Sun, Aug 14, 2022 at 10:16:09PM +0300, Jarkko Sakkinen wrote:
> On Fri, Aug 12, 2022 at 12:43:03PM -0400, Stefan Berger wrote:
> > Simplify tpm_read_log_of() by moving reusable parts of the code into
> > an inline function that makes it commonly available so it can be
> >
from the TPM Open Firmware driver.
>
> Signed-off-by: Stefan Berger
> Cc: Jarkko Sakkinen
> Cc: Jason Gunthorpe
> Cc: Rob Herring
> Cc: Frank Rowand
> Reviewed-by: Mimi Zohar
> Tested-by: Nageswara R Sastry
>
> ---
> v7:
> - Added original comment ba
On Fri, Jul 15, 2022 at 12:01:36PM -0400, Stefan Berger wrote:
>
>
> On 7/10/22 23:04, Jarkko Sakkinen wrote:
> > On Wed, Jul 06, 2022 at 11:23:27AM -0400, Stefan Berger wrote:
> > > Simplify tpm_read_log_of() by moving reusable parts of the code into
> > &
from the TPM Open Firmware driver.
>
> Signed-off-by: Stefan Berger
> Cc: Jarkko Sakkinen
> Cc: Jason Gunthorpe
> Cc: Rob Herring
> Cc: Frank Rowand
>
> ---
> v4:
> - converted to inline function
> ---
> drivers/char/tpm/eventlog/of.c | 31 +-
from the TPM Open Firmware driver.
>
> Signed-off-by: Stefan Berger
> Cc: Jarkko Sakkinen
> Cc: Jason Gunthorpe
> Cc: Rob Herring
> Cc: Frank Rowand
>
> ---
> v4:
> - converted to inline function
> ---
> drivers/char/tpm/eventlog/of.c | 31 +-
On Wed, Jun 29, 2022 at 10:16:37AM -0400, Stefan Berger wrote:
>
>
> On 6/28/22 22:45, Jarkko Sakkinen wrote:
> > On Tue, Jun 28, 2022 at 09:29:48AM -0400, Stefan Berger wrote:
> > >
> > >
> > > On 6/27/22 18:43, Rob Herring wrote:
> > >
nfirmware driver to make the code reusable. Call the new
> >
> > There is no such 'Openfirmware driver'.
> >
> > > of_tpm_get_sml_parameters() function from the TPM Openfirmware driver.
> > >
> > > Signed-off-by: Stefan Berger
> > > Cc: Ja
On Tue, Jun 14, 2022 at 12:12:58PM -0400, Stefan Berger wrote:
> Simplify tpm_read_log_of() and call of_tpm_get_sml_parameters() to get
> the base and size of the TPM log.
>
> Signed-off-by: Stefan Berger
> Cc: Jarkko Sakkinen
> Cc: Jason Gunthorpe
> ---
> drivers/cha
37 matches
Mail list logo