I had a first glimpse at the patches/commits, and found out that: The following commits are already in 'focal' aka 20.04 (even in master, hence they are in the current focal kernel): 8c655784e2cf "integrity: Define a trusted platform keyring" f218a29c25ad "ima: Support platform keyring for kernel appraisal" 467d27824920 "ima: carry the measurement list across kexec" So these can be considered as done.
The following commits are yet neither in the linux tree, nor in linux-next: "ima: arch specific policy support" "Appended signatures support for IMA appraisal" "TPM 2.0 Multibank extend support" "TPM 2.0 Eventlog support" "kexec_file_load system call support" I assume they are currently on a staging tree?! And the two TBDs are not ready, yet, but probably in the works. Please notice that the patches need to be upstream (accepted) for Canonical to be able to pick them up. And they need to apply cleanly on top of the target kernel's master-next tree (in this case 'focal' master-next): git clone https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal --branch master-next --single-branch focal-master-next Due to the fact that there seems to be still some work needed, and because the patches look pretty significant and touch common-code and that we are already quite late in the 'focal' development cycle, I'm not sure if it will be possible to get them into the initial release version of 20.04. But at the end it depends on the (upstream) availability and the Canonical kernel team. As soon as all commits/patches are available and apply cleanly, I'll submit a request to the Canonical kernel team's mailing list and a decision will finally be made by the kernel team. For now I'm setting the status to Incomplete. ** Changed in: linux (Ubuntu) Status: New => Incomplete ** Changed in: ubuntu-power-systems Status: New => Incomplete -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1866909 Title: Ubuntu Kernel Support for OpenPOWER NV Secure & Trusted Boot Status in The Ubuntu-power-systems project: Incomplete Status in linux package in Ubuntu: Incomplete Bug description: == Comment: #0 - George C. Wilson <gcwil...@us.ibm.com> - 2020-02-25 18:40:44 == - sysfs enablement: TBD - ima: arch specific policy support 6191706246de - platform keyring changes for powerpc: TBD - Appended signatures support for IMA appraisal 39b07096364a42c516415d5f841069e885234e61 - integrity: Define a trusted platform keyring: 9dc92c45177a - ima: Support platform keyring for kernel appraisal: d7cecb676dd3 - TPM 2.0 Multibank extend support: c1f92b4b04ad - TPM 2.0 Eventlog support: 4d23cc323cdb - ima: carry the measurement list across kexec: d68a6fe9fccf - kexec_file_load system call support: 500c7ab1a9db To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1866909/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
