[PATCH 0/6] add ima_arch support for ARM64

From: Chester Lin
Date: Fri Sep 04 2020 - 03:29:45 EST

Next message: Zwane Mwaikambo: "[PATCH]] drm/dp check aux_dev before use in drm_dp_aux_dev_get_by_minor()"
Previous message: Gerd Hoffmann: "Re: [PATCH v2 0/3] KVM: x86: KVM_MEM_PCI_HOLE memory"
Next in thread: Chester Lin: "[PATCH 2/6] efi/arm: a helper to parse secure boot param in fdt params"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Add IMA arch dependent support for ARM64. Some IMA functions can check
arch-specific status before running. For example, the ima_load_data
function or the boot param "ima_appraise=" should not be executed when
UEFI secure boot is enabled. We want to fill the gap in order to complete
the IMA support on ARM64.

Chester Lin (6):
efistub: pass uefi secureboot flag via fdt params
efi/arm: a helper to parse secure boot param in fdt params
efi: add secure boot flag
efi/arm: check secure boot status in efi init
arm64/ima: add ima arch support
docs/arm: add the description of uefi-secure-boot param

Documentation/arm/uefi.rst | 2 ++
arch/arm64/Kconfig | 1 +
arch/arm64/kernel/Makefile | 2 ++
arch/arm64/kernel/ima_arch.c | 37 ++++++++++++++++++++++++++++
drivers/firmware/efi/arm-init.c | 3 +++
drivers/firmware/efi/fdtparams.c | 23 ++++++++++++++++++
drivers/firmware/efi/libstub/fdt.c | 39 +++++++++++++++++++++++++++++-
include/linux/efi.h | 2 ++
8 files changed, 108 insertions(+), 1 deletion(-)
create mode 100644 arch/arm64/kernel/ima_arch.c

--
2.26.1

Next message: Zwane Mwaikambo: "[PATCH]] drm/dp check aux_dev before use in drm_dp_aux_dev_get_by_minor()"
Previous message: Gerd Hoffmann: "Re: [PATCH v2 0/3] KVM: x86: KVM_MEM_PCI_HOLE memory"
Next in thread: Chester Lin: "[PATCH 2/6] efi/arm: a helper to parse secure boot param in fdt params"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]