Hello,
Continuing upstreaming [TrenchBoot] code changes. More context can be found in
the cover letter for [v1]. This set targets v11 of Linux patches [linux-v11].
How the patches look now:
1. [01-02] Various additions in preparation for later commits
2. [03-05] TPM-related part (`tpm` module rename, addition of a simple TPM
driver)
3. [06-08] SecureLaunch with its SLRT
4. [09-12] Support for Intel TXT D-RTM
5. [13-15] Implementation of SecureLaunch commands
6. [16] Support for TPM 1
7. [17-19] Multiboot2 support for Intel TXT
This set of changes can also be viewed on GitHub at [TrenchBoot/grub].
Best regards,
Sergii
-----
Changes in v3:
- rebase on latest master
- overhaul that changes how SLRT is built, adds UEFI support and a common DL
entry
- AMD changes were removed from this series to be submitted separately
Changes in [v2]:
- 5 patches landed as a separate [generic-x86] series
- 3 patches were in [generic-x86] as well, got Reviewed-Bys and returned here;
one of them was extracted out of a different patch
- patches related to modules received some documentation additions
- several commit messages became more verbose
- some commits have seen cosmetic changes with no impact on functionality
- a leak fix got dropped to be sent separately (it's not really related to the
rest of changes)
-----
[TrenchBoot]: https://trenchboot.org/
[v1]: https://lists.gnu.org/archive/html/grub-devel/2024-08/msg00088.html
[v2]: https://lists.gnu.org/archive/html/grub-devel/2024-11/msg00000.html
[TrenchBoot/grub]:
https://github.com/TrenchBoot/grub/compare/f6e2ef2...tb-2.12-139-v3
[generic-x86]:
https://lists.gnu.org/archive/html/grub-devel/2024-10/msg00055.html
[linux-v11]: https://lkml.org/lkml/2024/9/13/1396
-----
Aleksandr Burmashev (1):
commands/tpm: Rename tpm module to tpm_verifier
Daniel Kiper (2):
mmap: Add grub_mmap_get_lowest() and grub_mmap_get_highest()
commands/i386/tpm: Add TPM TIS and CRB driver
Fedora Ninjas (1):
slaunch: Add Secure Launch framework and commands
Michał Żygowski (2):
i386/txt: Initialize TPM 1.2 event log in TXT heap
multiboot2: Support TXT Secure Launch
Ross Philipson (11):
i386: Add CRx, MMIO, MSR and extend CPUID definitions
efi/tpm: Replace tpm command
slaunch: Add Secure Launch Resource Table (SLRT) header file
slaunch: Add main Secure Launch definitions header
slaunch: Add SLR table setup support module
i386/txt: Add Intel TXT definitions header file
slaunch/txt: Add Intel TXT core implementation
slaunch/txt: Add Intel TXT ACM module support
slaunch/txt: Add Intel TXT verification routines
i386/efi: Add DL stub as common DL event module
efi: Add Secure Launch support for efi/linux boot through EFI stub
Sergii Dmytruk (2):
multiboot: Make GRUB_MULTIBOOT(make_mbi) return MBI's size
slaunch: Introduce a hook for filling SLRT policy
docs/grub.texi | 32 +-
grub-core/Makefile.am | 6 +
grub-core/Makefile.core.def | 23 +-
grub-core/commands/efi/tpm.c | 2 +-
grub-core/commands/i386/tpm.c | 151 +++
grub-core/commands/{tpm.c => tpm_verifier.c} | 57 +-
grub-core/lib/i386/relocator32.S | 8 +
grub-core/loader/efi/dltrampoline.S | 94 ++
grub-core/loader/efi/linux.c | 16 +
grub-core/loader/i386/bsd.c | 3 +
grub-core/loader/i386/linux.c | 87 +-
grub-core/loader/i386/multiboot_mbi.c | 4 +-
grub-core/loader/i386/xnu.c | 2 +
grub-core/loader/multiboot.c | 16 +-
grub-core/loader/multiboot_elfxx.c | 90 +-
grub-core/loader/multiboot_mbi2.c | 138 ++-
grub-core/loader/slaunch/acmod.c | 575 ++++++++++
grub-core/loader/slaunch/dlstub.c | 93 ++
grub-core/loader/slaunch/i386_linux.c | 220 ++++
grub-core/loader/slaunch/slaunch.c | 204 ++++
grub-core/loader/slaunch/slrt.c | 320 ++++++
grub-core/loader/slaunch/txt.c | 1001 ++++++++++++++++++
grub-core/loader/slaunch/verify.c | 297 ++++++
grub-core/loader/slaunch/x86_efi_linux.c | 212 ++++
grub-core/mmap/mmap.c | 83 ++
include/grub/file.h | 3 +
include/grub/i386/cpuid.h | 13 +
include/grub/i386/crfr.h | 190 ++++
include/grub/i386/linux.h | 19 +-
include/grub/i386/memory.h | 5 +
include/grub/i386/mmio.h | 74 ++
include/grub/i386/msr.h | 61 ++
include/grub/i386/tpm.h | 35 +
include/grub/i386/txt.h | 708 +++++++++++++
include/grub/memory.h | 3 +
include/grub/multiboot.h | 2 +-
include/grub/multiboot2.h | 6 +-
include/grub/slaunch.h | 129 +++
include/grub/slr_table.h | 298 ++++++
include/grub/tpm.h | 2 +
40 files changed, 5217 insertions(+), 65 deletions(-)
create mode 100644 grub-core/commands/i386/tpm.c
rename grub-core/commands/{tpm.c => tpm_verifier.c} (60%)
create mode 100644 grub-core/loader/efi/dltrampoline.S
create mode 100644 grub-core/loader/slaunch/acmod.c
create mode 100644 grub-core/loader/slaunch/dlstub.c
create mode 100644 grub-core/loader/slaunch/i386_linux.c
create mode 100644 grub-core/loader/slaunch/slaunch.c
create mode 100644 grub-core/loader/slaunch/slrt.c
create mode 100644 grub-core/loader/slaunch/txt.c
create mode 100644 grub-core/loader/slaunch/verify.c
create mode 100644 grub-core/loader/slaunch/x86_efi_linux.c
create mode 100644 include/grub/i386/crfr.h
create mode 100644 include/grub/i386/mmio.h
create mode 100644 include/grub/i386/tpm.h
create mode 100644 include/grub/i386/txt.h
create mode 100644 include/grub/slaunch.h
create mode 100644 include/grub/slr_table.h
base-commit: 3b8b9e330a3ef211c334a6a6f53ece883d94f8be
prerequisite-patch-id: 450e6ee179d407f3718821303500f65cb955b5db
--
2.47.1
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
