------- Comment From [email protected] 2020-11-12 01:12 EDT-------
Hi,
So, here are what I believe are the relevant kernel changes.
Firstly, there is a common core with the support for OpenPower/PowerNV
Secure Boot - LP#1866909 and friends. This covers things like securing
kexec under lockdown, and all went in for 20.04.
For this iteration of LPAR/KVM guest secure boot - which is supporting
only static keys - we just need an additional patch to detect the
slightly different Device Tree properties that are used to indicate
guest vs host secure boot. This is commit 61f879d97ce4
("powerpc/pseries: Detect secure and trusted boot state of the system.")
which went into 5.9.
Kind regards,
Daniel
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1903288
Title:
Power guest secure boot with static keys: kernel portion
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1903288/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
