linux-efi.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [GIT PULL] EFI updates for v5.19
@ 2022-05-20  8:39 Ard Biesheuvel
  2022-05-23 19:20 ` pr-tracker-bot
  0 siblings, 1 reply; 2+ messages in thread
From: Ard Biesheuvel @ 2022-05-20  8:39 UTC (permalink / raw)
  To: linux-efi; +Cc: torvalds, Ard Biesheuvel

Hi Linus,

Please pull the changes below. Note the conflict in drivers/virt/Kconfig and
Makefile: this is due to CoCo changes arriving via different trees, and the
resolution is obvious.

Thanks,
Ard.


The following changes since commit 3123109284176b1532874591f7c81f3837bbdc17:

  Linux 5.18-rc1 (2022-04-03 14:08:21 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git tags/efi-next-for-v5.19

for you to fetch changes up to 3f68e69520d3d52d66a6ad872a75b7d8f2ea7665:

  riscv/efi_stub: Add support for RISCV_EFI_BOOT_PROTOCOL (2022-05-19 10:22:17 +0200)

----------------------------------------------------------------
EFI updates for v5.19

- Allow runtime services to be re-enabled at boot on RT kernels.
- Provide access to secrets injected into the boot image by CoCo
  hypervisors (COnfidential COmputing)
- Use DXE services on x86 to make the boot image executable after
  relocation, if needed.
- Prefer mirrored memory for randomized allocations.
- Only randomize the placement of the kernel image on arm64 if the
  loader has not already done so.
- Add support for obtaining the boot hartid from EFI on RISC-V.

----------------------------------------------------------------
Ard Biesheuvel (3):
      efi: libstub: pass image handle to handle_kernel_image()
      efi/arm64: libstub: run image in place if randomized by the loader
      efi: stub: prefer mirrored memory for randomized allocations

Baskov Evgeniy (2):
      efi: libstub: declare DXE services table
      efi: libstub: ensure allocated memory to be executable

Dov Murik (4):
      efi: Save location of EFI confidential computing area
      virt: Add efi_secret module to expose confidential computing secrets
      efi: Register efi_secret platform device if EFI secret area is declared
      docs: security: Add secrets/coco documentation

Jan Kiszka (1):
      efi: Add missing prototype for efi_capsule_setup_info

Javier Martinez Canillas (1):
      efi: Allow to enable EFI runtime services by default on RT

Peter Jones (1):
      efi: x86: Set the NX-compatibility flag in the PE header

Sunil V L (1):
      riscv/efi_stub: Add support for RISCV_EFI_BOOT_PROTOCOL

 Documentation/ABI/testing/securityfs-secrets-coco |  51 ++++
 Documentation/security/index.rst                  |   1 +
 Documentation/security/secrets/coco.rst           | 103 +++++++
 Documentation/security/secrets/index.rst          |   9 +
 arch/x86/boot/header.S                            |   4 +
 arch/x86/include/asm/efi.h                        |   5 +
 arch/x86/platform/efi/efi.c                       |   3 +
 drivers/firmware/efi/Kconfig                      |  43 +++
 drivers/firmware/efi/efi.c                        |  13 +-
 drivers/firmware/efi/libstub/arm32-stub.c         |   3 +-
 drivers/firmware/efi/libstub/arm64-stub.c         |  15 +-
 drivers/firmware/efi/libstub/efi-stub.c           |   2 +-
 drivers/firmware/efi/libstub/efistub.h            |  84 +++++-
 drivers/firmware/efi/libstub/randomalloc.c        |  11 +
 drivers/firmware/efi/libstub/riscv-stub.c         |  32 +-
 drivers/firmware/efi/libstub/x86-stub.c           | 119 +++++++-
 drivers/virt/Kconfig                              |   3 +
 drivers/virt/Makefile                             |   1 +
 drivers/virt/coco/efi_secret/Kconfig              |  16 +
 drivers/virt/coco/efi_secret/Makefile             |   2 +
 drivers/virt/coco/efi_secret/efi_secret.c         | 349 ++++++++++++++++++++++
 include/linux/efi.h                               |  27 ++
 22 files changed, 876 insertions(+), 20 deletions(-)
 create mode 100644 Documentation/ABI/testing/securityfs-secrets-coco
 create mode 100644 Documentation/security/secrets/coco.rst
 create mode 100644 Documentation/security/secrets/index.rst
 create mode 100644 drivers/virt/coco/efi_secret/Kconfig
 create mode 100644 drivers/virt/coco/efi_secret/Makefile
 create mode 100644 drivers/virt/coco/efi_secret/efi_secret.c

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [GIT PULL] EFI updates for v5.19
  2022-05-20  8:39 [GIT PULL] EFI updates for v5.19 Ard Biesheuvel
@ 2022-05-23 19:20 ` pr-tracker-bot
  0 siblings, 0 replies; 2+ messages in thread
From: pr-tracker-bot @ 2022-05-23 19:20 UTC (permalink / raw)
  To: Ard Biesheuvel; +Cc: linux-efi, torvalds, Ard Biesheuvel

The pull request you sent on Fri, 20 May 2022 10:39:46 +0200:

> git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git tags/efi-next-for-v5.19

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/bf2431021c8cfe52c866d7bf640ced03a35ebe91

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-05-23 19:34 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-20  8:39 [GIT PULL] EFI updates for v5.19 Ard Biesheuvel
2022-05-23 19:20 ` pr-tracker-bot

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).