[Kernel-packages] [Bug 1996071] Re: [UBUNTU 20.04] boot: Add secure boot trailer

Thu, 10 Nov 2022 03:35:31 -0800 

So commit aa127a069ef312aca02b730d5137e1778d0c3ba7 "s390/boot: add secure boot 
trailer" was just upstream accepted with v6.1-rc3.
And it got tagged for upstream stable with:
"Cc: <sta...@vger.kernel.org> # 5.2+"
That means that it will ideally automatically land over time in all Ubuntu 
kernels, down to focal's 5.4.

But since this bug is marked as critical, the patch is relatively short,
traceable and s390x-specific, I'll go ahead and submit this patch for
Jammy and Focal ahead of upstream stable.

It's planned to have kernel 6.2 in lunar (23.04), hence it will get the
patch automatically when at the planned target level.

** Also affects: linux (Ubuntu Jammy)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Kinetic)
   Importance: Undecided
       Status: New

** Changed in: linux (Ubuntu)
       Status: New => Invalid

** Also affects: ubuntu-z-systems
   Importance: Undecided
       Status: New

** Changed in: ubuntu-z-systems
     Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team)

** Changed in: linux (Ubuntu)
     Assignee: Skipper Bug Screeners (skipper-screen-team) => (unassigned)

** Changed in: ubuntu-z-systems
   Importance: Undecided => Critical

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1996071

Title:
  [UBUNTU 20.04] boot: Add secure boot trailer

Status in Ubuntu on IBM z Systems:
  New
Status in linux package in Ubuntu:
  Invalid
Status in linux source package in Jammy:
  New
Status in linux source package in Kinetic:
  New

Bug description:
  Description:   boot: Add secure boot trailer
  Symptom:       Secure boot of Linux will no longer be possible with an 
upcoming
                 IBM Z firmware update.

  Problem:       New IBM Z firmware requires signed bootable images to contain a
                 trailing data block with a specific format.

  Solution:      Add the trailing data block to the Linux kernel image.

  Reproduction:  Apply latest firmware, perform IPL with Secure Boot
  enabled.

  Fix:           available upstream with
  Upstream-ID:   aa127a069ef312aca02b730d5137e1778d0c3ba7

  Preventive:    yes

  Date:          2022-10-27
  Author:        Peter Oberparleiter <ober...@linux.ibm.com>
  Component:     kernel

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1996071/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to