The following commit has been merged into the efi/core branch of tip:
Commit-ID: 25519d68344269f9dc58b5bc72f648248a1fafb9
Gitweb:
https://git.kernel.org/tip/25519d68344269f9dc58b5bc72f648248a1fafb9
Author:Chester Lin
AuthorDate:Fri, 30 Oct 2020 14:08:39 +08:00
Committer
The following commit has been merged into the efi/core branch of tip:
Commit-ID: e1ac4b2406d94eddce8ac2c5ab4235f6075a9602
Gitweb:
https://git.kernel.org/tip/e1ac4b2406d94eddce8ac2c5ab4235f6075a9602
Author:Chester Lin
AuthorDate:Fri, 30 Oct 2020 14:08:38 +08:00
Committer
The following commit has been merged into the efi/core branch of tip:
Commit-ID: 8d39cee0592e0129280e5a3cc480d64649c5e63f
Gitweb:
https://git.kernel.org/tip/8d39cee0592e0129280e5a3cc480d64649c5e63f
Author:Chester Lin
AuthorDate:Fri, 30 Oct 2020 14:08:40 +08:00
Committer
On Fri, Oct 30, 2020 at 12:53:25PM +0100, Ard Biesheuvel wrote:
> On Fri, 30 Oct 2020 at 07:09, Chester Lin wrote:
> >
> > Add arm64 IMA arch support. The code and arch policy is mainly inherited
> > from x86.
> >
> > Signed-off-by: Chester Lin
> > ---
Hi Ard,
Thanks for your time and reviewing.
On Fri, Oct 30, 2020 at 12:51:10PM +0100, Ard Biesheuvel wrote:
> Hello Chester,
>
> Thanks again for looking into this.
>
> On Fri, 30 Oct 2020 at 07:09, Chester Lin wrote:
> >
> > Generalize the efi_get_secureboot() f
remove the get_sb_mode() from x86/kernel/ima_arch.c and create a common
helper ima_get_efi_secureboot() in IMA so that all EFI-based architectures
can refer to the same procedure.
Signed-off-by: Chester Lin
---
arch/x86/kernel/ima_arch.c | 69 +++-
include
Add arm64 IMA arch support. The code and arch policy is mainly inherited
from x86.
Signed-off-by: Chester Lin
---
arch/arm64/Kconfig | 1 +
arch/arm64/kernel/Makefile | 2 ++
arch/arm64/kernel/ima_arch.c | 43
3 files changed, 46 insertions
/linux-efi/msg20645.html
Chester Lin (3):
efi: generalize efi_get_secureboot
ima: remove get_sb_mode() and create ima_get_efi_secureboot()
arm64/ima: add ima_arch support
arch/arm64/Kconfig| 1 +
arch/arm64/kernel/Makefile| 2 +
arch/arm64/kernel/
Generalize the efi_get_secureboot() function so not only efistub but also
other subsystems can use it.
Signed-off-by: Chester Lin
---
drivers/firmware/efi/libstub/Makefile | 2 +-
drivers/firmware/efi/libstub/efi-stub.c | 2 +-
drivers/firmware/efi/libstub/efistub.h| 22
Hi Ard and Mimi,
On Wed, Oct 14, 2020 at 07:56:17AM -0400, Mimi Zohar wrote:
> On Wed, 2020-10-14 at 13:00 +0200, Ard Biesheuvel wrote:
> > Hello Chester,
> >
> > Thanks for looking into this.
> >
> > Some comments below.
> >
> > On
Hi Ard and Mimi,
On Wed, Oct 14, 2020 at 06:40:31PM +0800, Chester Lin wrote:
> Separate the get_sb_mode() from arch/x86 and treat it as a common function
> [rename to efi_get_secureboot_mode] so all EFI-based architectures can
> reuse the same logic.
>
> Signed-off-
.net/lists/linux-efi/msg20645.html
Chester Lin (2):
efi: add secure boot get helper
arm64/ima: add ima_arch support
arch/arm64/Kconfig | 1 +
arch/arm64/kernel/Makefile | 2 ++
arch/arm64/kernel/ima_arch.c | 46 +++
arch/x86/kernel/ima_arc
Separate the get_sb_mode() from arch/x86 and treat it as a common function
[rename to efi_get_secureboot_mode] so all EFI-based architectures can
reuse the same logic.
Signed-off-by: Chester Lin
---
arch/x86/kernel/ima_arch.c | 47 ++
drivers/firmware/efi
Add arm64 IMA arch support. The code and arch policy is mainly inherited
from x86.
Signed-off-by: Chester Lin
---
arch/arm64/Kconfig | 1 +
arch/arm64/kernel/Makefile | 2 ++
arch/arm64/kernel/ima_arch.c | 46
3 files changed, 49 insertions
On Mon, Sep 14, 2020 at 04:05:22PM +0800, Chester Lin wrote:
> Hi Ard,
>
> On Fri, Sep 11, 2020 at 06:01:09PM +0300, Ard Biesheuvel wrote:
> > On Fri, 4 Sep 2020 at 10:29, Chester Lin wrote:
> > >
> > > Add a new UEFI parameter: "linux,uefi-secure-b
Hi Ard,
On Fri, Sep 11, 2020 at 06:01:09PM +0300, Ard Biesheuvel wrote:
> On Fri, 4 Sep 2020 at 10:29, Chester Lin wrote:
> >
> > Add a new UEFI parameter: "linux,uefi-secure-boot" in fdt boot params
> > as other architectures have done in their own boot data. F
Add a new UEFI parameter: "linux,uefi-secure-boot" in fdt boot params
as other architectures have done in their own boot data. For example,
the boot_params->secure_boot in x86.
Signed-off-by: Chester Lin
---
drivers/firmware/efi/libstub/fdt.c | 39 +-
1
Add the description of "linux,uefi-secure-boot" param.
Signed-off-by: Chester Lin
---
Documentation/arm/uefi.rst | 2 ++
1 file changed, 2 insertions(+)
diff --git a/Documentation/arm/uefi.rst b/Documentation/arm/uefi.rst
index f868330df6be..7d9c6a1697af 100644
--- a/Documentation/ar
Add arm64 IMA arch support. The arch policy is inherited from x86.
Signed-off-by: Chester Lin
---
arch/arm64/Kconfig | 1 +
arch/arm64/kernel/Makefile | 2 ++
arch/arm64/kernel/ima_arch.c | 37
3 files changed, 40 insertions(+)
create mode
Add a new EFI flag to indicate whether secure boot is enabled by UEFI
firmware or not.
Signed-off-by: Chester Lin
---
include/linux/efi.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/linux/efi.h b/include/linux/efi.h
index 315126b2f5e9..82a19bb0237a 100644
--- a/include/linux
set EFI_SECURE_BOOT flag when UEFI secure boot is eanbled on ARM.
Signed-off-by: Chester Lin
---
drivers/firmware/efi/arm-init.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/firmware/efi/arm-init.c b/drivers/firmware/efi/arm-init.c
index 71c445d20258..70f2eaf5fb1a 100644
te
the IMA support on ARM64.
Chester Lin (6):
efistub: pass uefi secureboot flag via fdt params
efi/arm: a helper to parse secure boot param in fdt params
efi: add secure boot flag
efi/arm: check secure boot status in efi init
arm64/ima: add ima arch support
docs/arm: add the description of u
Add a helper to query the UEFI secureboot param from the chosen node in
FDT.
Signed-off-by: Chester Lin
---
drivers/firmware/efi/fdtparams.c | 23 +++
include/linux/efi.h | 1 +
2 files changed, 24 insertions(+)
diff --git a/drivers/firmware/efi/fdtparams.c b
Hi Anup,
On Fri, Sep 06, 2019 at 01:50:37PM +0530, Anup Patel wrote:
> On Fri, Sep 6, 2019 at 12:50 PM Chester Lin wrote:
> >
> > Change the symbol from "RISCV" to "RSCV" so the magic number can be 32-bit
> > long, which is consistent with other architec
Change the symbol from "RISCV" to "RSCV" so the magic number can be 32-bit
long, which is consistent with other architectures.
Signed-off-by: Chester Lin
---
arch/riscv/include/asm/image.h | 9 +
arch/riscv/kernel/head.S | 5 ++---
2 files changed, 7 insert
On Thu, Aug 22, 2019 at 11:45:34AM +0800, Chester Lin wrote:
> adjust_lowmem_bounds() checks every memblocks in order to find the boundary
> between lowmem and highmem. However some memblocks could be marked as NOMAP
> so they are not used by kernel, which should be skipped while ca
adjust_lowmem_bounds() checks every memblocks in order to find the boundary
between lowmem and highmem. However some memblocks could be marked as NOMAP
so they are not used by kernel, which should be skipped while calculating
the boundary.
Signed-off-by: Chester Lin
---
arch/arm/mm/mmu.c | 3
On Wed, Jul 03, 2019 at 10:14:39AM +, Chester Lin wrote:
> Currently there are two ways to handle ACPI device ejection. When an eject
> event happens on a container, the kernel just sends KOBJ_CHANGE to
> userland and userland should handle offline operation. For other devic
On Wed, Jul 03, 2019 at 10:14:39AM +, Chester Lin wrote:
> Currently there are two ways to handle ACPI device ejection. When an eject
> event happens on a container, the kernel just sends KOBJ_CHANGE to
> userland and userland should handle offline operation. For other devic
/ABI/testing/sysfs-bus-acpi
- device_sysfs: Replace the declartion with DEVICE_ATTR_RW and add cancel
option in eject_store.
- scan: Add a retry mechanism when userspace fail to put device offline.
- scan: Add ready-to-remove state.
Chester Lin (3):
ACPI / hotplug: Send change events
-by: Chester Lin
---
Documentation/ABI/testing/sysfs-bus-acpi | 9 ++-
drivers/acpi/device_sysfs.c | 94 +---
drivers/acpi/internal.h | 4 +-
drivers/acpi/scan.c | 38 +-
4 files changed, 129 insertions(+), 16 deletions
online event or offline failure within the whole device tree during
ejection will stop the whole process and devices who have been put offline
will need be online again as recovery.
Signed-off-by: Chester Lin
---
drivers/acpi/glue.c | 146 ++
drivers/acpi
over to userland so that userland can have more time to prepare
before any device change actually happens.
All child devices under the ejection target are traversed and notified
hierarchically based on ACPI namespace in ascending order when an eject
event happens.
Signed-off-by: Chester Lin
On Fri, May 31, 2019 at 06:38:59AM -0700, Greg KH wrote:
> On Fri, May 31, 2019 at 02:56:42PM +0800, Chester Lin wrote:
> > An acpi_eject_show attribute for users to monitor current status because
> > sometimes it might take time to finish an ejection so we need to know
> >
and start over an eject process, there's a
status trace mechanism in this eject flow, which helps to count current
online devices under the ejectable target, and it can reschedule an eject
event when all nodes within the device tree have been put offline.
Chester Lin (3):
ACPI / hotplug: Send change
An acpi_eject_show attribute for users to monitor current status because
sometimes it might take time to finish an ejection so we need to know
whether it is still in progress or not.
Signed-off-by: Chester Lin
---
drivers/acpi/device_sysfs.c | 20 +++-
drivers/acpi/internal.h
online event within the whole device tree during ejection will stop the
whole process and devices who have been put offline will need be online
again as recovery.
Signed-off-by: Chester Lin
---
drivers/acpi/glue.c | 81 +++
drivers/acpi/internal.h | 28
drivers
over to userland so that userland can have more time to prepare
before any device change actually happens.
All child devices under the ejection target are traversed and notified
hierarchically based on ACPI namespace in ascending order when an eject
event happens.
Signed-off-by: Chester Lin
38 matches
Mail list logo
