linux-mainline

mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux synced 2025-09-28 19:57:53 +10:00

Main-line Linux kernel tree http://www.kernel.org

Go to file

Ilias Apalodimas 71c7adc9ff efi/libstub: measure EFI LoadOptions The EFI TCG spec, in §10.2.6 "Measuring UEFI Variables and UEFI GPT Data", only reasons about the load options passed to a loaded image in the context of boot options booted directly from the BDS, which are measured into PCR #5 along with the rest of the Boot#### EFI variable. However, the UEFI spec mentions the following in the documentation of the LoadImage() boot service and the EFI_LOADED_IMAGE protocol: The caller may fill in the image’s "load options" data, or add additional protocol support to the handle before passing control to the newly loaded image by calling EFI_BOOT_SERVICES.StartImage(). The typical boot sequence for Linux EFI systems is to load GRUB via a boot option from the BDS, which [hopefully] calls LoadImage to load the kernel image, passing the kernel command line via the mechanism described above. This means that we cannot rely on the firmware implementing TCG measured boot to ensure that the kernel command line gets measured before the image is started, so the EFI stub will have to take care of this itself. Given that PCR #5 has an official use in the TCG measured boot spec, let's avoid it in this case. Instead, add a measurement in PCR #9 (which we already use for our initrd) and extend it with the LoadOptions measurements Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>		2022-09-27 13:26:16 +02:00
arch	Second shared stable tag between EFI and LoongArch trees	2022-09-27 13:26:13 +02:00
block	block-6.0-2022-08-12	2022-08-13 13:37:36 -07:00
certs	Kbuild updates for v5.20	2022-08-10 10:40:41 -07:00
crypto	crypto: blake2b: effectively disable frame size warning	2022-08-10 17:59:11 -07:00
Documentation	efi: libstub: unify initrd loading between architectures	2022-09-27 13:21:36 +02:00
drivers	efi/libstub: measure EFI LoadOptions	2022-09-27 13:26:16 +02:00
fs	take care to handle NULL ->proc_lseek()	2022-08-14 15:16:18 -04:00
include	Second shared stable tag between EFI and LoongArch trees	2022-09-27 13:26:13 +02:00
init	Kbuild updates for v5.20	2022-08-10 10:40:41 -07:00
io_uring	io_uring-6.0-2022-08-13	2022-08-13 13:28:54 -07:00
ipc
kernel	xen: branch for v6.0-rc1b	2022-08-14 09:28:54 -07:00
lib	lib: remove lib/nodemask.c	2022-08-12 09:07:33 -07:00
LICENSES
mm	- hugetlb_vmemmap cleanups from Muchun Song	2022-08-10 11:18:00 -07:00
net	Including fixes from bluetooth, bpf, can and netfilter.	2022-08-11 13:45:37 -07:00
samples
scripts	RISC-V Patches for the 5.20 Merge Window, Part 2	2022-08-12 18:39:43 -07:00
security	+ Features	2022-08-10 10:53:22 -07:00
sound	sound fixes for 6.0-rc1	2022-08-12 09:55:32 -07:00
tools	perf tools changes for v6.0: 2nd batch	2022-08-14 09:22:11 -07:00
usr
virt	KVM: Actually create debugfs in kvm_create_vm()	2022-08-10 15:08:28 -04:00
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS	xen: branch for v6.0-rc1b	2022-08-14 09:28:54 -07:00
Makefile	Linux 6.0-rc1	2022-08-14 15:50:18 -07:00
README

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.