--- Comment From naynj...@ibm.com 2020-04-06 11:28 EDT---
I tested the ppa kernel patch which links secureboot with lockdown.
When secureboot is disabled:
ubuntu@ltc-wspoon13:~$ sudo cat /sys/kernel/security/lockdown
[none] integrity confidentiality
When secureboot is enabled:
ubuntu@ltc-
--- Comment From daniel.axte...@ibm.com 2020-04-06 09:26 EDT---
Hi,
This works as expected on a machine with secure boot disabled in
hardware:
dja@talos2:~$ uname -a
Linux talos2 5.4.0-21-generic #25+lp1866909v202004031128-Ubuntu SMP Fri Apr 3
18:38:30 UTC 202 ppc64le ppc64le ppc64le GNU
--- Comment From naynj...@ibm.com 2020-03-27 11:17 EDT---
Hi, Thanks for the quick response. I have one question based on your statement
- "prior to 20.04 the secure-boot lockdown in Ubuntu was largely based on
Matthew Garrett patch set."
Q. Is the lockdown enabled during build ? And if
--- Comment From naynj...@ibm.com 2020-03-27 10:03 EDT---
I would like to understand that with new lockdown patches upstreamed now,
* Is Ubuntu still going to carry a patch linking secureboot with lockdown ? If
yes, would you be doing same for powerpc ?
* Is Ubuntu going to enable lockdow
--- Comment From daniel.axte...@ibm.com 2020-02-17 00:27 EDT---
Hi,
I'm sorry, I thought I had already mentioned this but it was a case of
me getting projects and teams mixed up.
Please could you pick up (in addition to the issue still pending) commit
69393cb03ccd ("powerpc/xmon: Restrict
--- Comment From daniel.axte...@ibm.com 2020-02-16 22:34 EDT---
Hi,
I'm going to ask you to hold this open for a little bit - we're
investigating internally another ppcism that may need additional
lockdown support.
In the mean time I will test the kernel in -proposed.
Kind regards,
Danie
--- Comment From mranw...@us.ibm.com 2020-02-10 01:28 EDT---
I tried this out with the latest kernel in proposed. It looks like the -14
kernel picked up commit a356646a56857c2e5ad875beec734d7145ecd49a and that got
rid of the warns. I tired access to /dev/mem and got correct results.
--
--- Comment From daniel.axte...@ibm.com 2020-01-09 00:14 EDT---
Hi,
Apologies for the delay.
I installed the most recent kernel, modules and extra modules I could
find from that PPA on a p8 kvm guest.
dja@dja-guest:~$ uname -a
Linux dja-guest 5.4.0-9-generic #12-Ubuntu SMP Mon Dec 16 22:
--- Comment From naynj...@ibm.com 2019-12-15 12:11 EDT---
Daniel Axtens would be performing the testing and update the results.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/185566
9 matches
Mail list logo
