| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 24 Dec 2020 10:04:06 +0100
From: Borislav Petkov <bp@...e.de>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-efi <linux-efi@...r.kernel.org>, x86-ml <x86@...nel.org>,
lkml <linux-kernel@...r.kernel.org>
Subject: [GIT PULL] efi/core for v5.11
Hi Linus,
please pull the EFI updates for v5.11. They got delayed due to a last
minute ia64 build issue which got fixed in the meantime:
https://lkml.kernel.org/r/87o8iwdtbj.fsf@nanos.tec.linutronix.de
and now the lot is all clear.
Thx.
---
The following changes since commit 3650b228f83adda7e5ee532e2b90429c03f7b9ec:
Linux 5.10-rc1 (2020-10-25 15:14:11 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/efi_updates_for_v5.11
for you to fetch changes up to 3dcb8b53cbd2cc5618863b19ef00f8ea82f27e83:
Merge tag 'efi-next-for-v5.11-3' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi into efi/core (2020-12-15 12:14:38 +0100)
----------------------------------------------------------------
EFI updates collected by Ard Biesheuvel:
- Don't move BSS section around pointlessly in the x86 decompressor
- Refactor helper for discovering the EFI secure boot mode
- Wire up EFI secure boot to IMA for arm64
- Some fixes for the capsule loader
- Expose the RT_PROP table via the EFI test module
- Relax DT and kernel placement restrictions on ARM
+ followup fixes:
- fix the build breakage on IA64 caused by recent capsule loader changes
- suppress a type mismatch build warning in the expansion of
EFI_PHYS_ALIGN on ARM
----------------------------------------------------------------
Ard Biesheuvel (7):
efi: x86/xen: switch to efi_get_secureboot_mode helper
efi: capsule: use atomic kmap for transient sglist mappings
efi: capsule: clean scatter-gather entries from the D-cache
efi: arm: reduce minimum alignment of uncompressed kernel
efi: stub: get rid of efi_get_max_fdt_addr()
efi: ia64: disable the capsule loader
efi: arm: force use of unsigned type for EFI_PHYS_ALIGN
Arvind Sankar (1):
efi/x86: Only copy the compressed kernel image in efi_relocate_kernel()
Chester Lin (3):
efi: generalize efi_get_secureboot
ima: generalize x86/EFI arch glue for other EFI architectures
arm64/ima: add ima_arch support
Geert Uytterhoeven (1):
efi/libstub: EFI_GENERIC_STUB_INITRD_CMDLINE_LOADER should not default to yes
Heinrich Schuchardt (2):
efi/libstub/x86: simplify efi_is_native()
efi/efi_test: read RuntimeServicesSupported
Thomas Gleixner (1):
Merge tag 'efi-next-for-v5.11-3' of git://git.kernel.org/.../efi/efi into efi/core
arch/arm/include/asm/efi.h | 24 ++++++------
arch/arm64/Kconfig | 1 +
arch/arm64/include/asm/efi.h | 11 +++---
arch/riscv/include/asm/efi.h | 6 ---
arch/x86/boot/compressed/Makefile | 2 +-
arch/x86/include/asm/efi.h | 5 ++-
arch/x86/kernel/Makefile | 2 -
arch/x86/xen/efi.c | 37 +++++-------------
drivers/firmware/efi/Kconfig | 4 +-
drivers/firmware/efi/Makefile | 5 ++-
drivers/firmware/efi/capsule.c | 16 +++++++-
drivers/firmware/efi/libstub/efi-stub.c | 1 -
drivers/firmware/efi/libstub/efistub.h | 3 +-
drivers/firmware/efi/libstub/fdt.c | 3 +-
drivers/firmware/efi/libstub/secureboot.c | 44 ++++++++-------------
drivers/firmware/efi/libstub/x86-stub.c | 5 ++-
drivers/firmware/efi/test/efi_test.c | 16 ++++++++
drivers/firmware/efi/test/efi_test.h | 3 ++
include/linux/efi.h | 33 ++++++++++++----
security/integrity/ima/Makefile | 4 ++
.../ima_arch.c => security/integrity/ima/ima_efi.c | 45 ++++++----------------
21 files changed, 133 insertions(+), 137 deletions(-)
rename arch/x86/kernel/ima_arch.c => security/integrity/ima/ima_efi.c (60%)
--
Regards/Gruss,
Boris.
SUSE Software Solutions Germany GmbH, GF: Felix Imendörffer, HRB 36809, AG Nürnberg
Powered by blists - more mailing lists