Re: [PATCH GRUB] fs/xfs: fix large extent counters incompat feature support

On Wed, Dec 04, 2024 at 07:50:28 -0600, Eric Sandeen wrote: > When large extent counter / NREXT64 support was added to grub, it missed > a couple of direct reads of nextents which need to be changed to the new > NREXT64-aware helper as well. Without this, we'll have mis-reads of some > directories

[PATCH v3 14/19] slaunch: Add Secure Launch framework and commands

From: Fedora Ninjas The usage looks as follows: # Enable secure launch (required and must come before other slaunch # commands). slaunch # Specify the startup binary for DRTM. This is optional on Intel if # BIOS has already loaded ACM. There can be multiple such commands # with th

[PATCH v3 18/19] slaunch: Introduce a hook for filling SLRT policy

Signed-off-by: Sergii Dmytruk --- grub-core/loader/slaunch/slrt.c | 37 - include/grub/slaunch.h | 10 + 2 files changed, 46 insertions(+), 1 deletion(-) diff --git a/grub-core/loader/slaunch/slrt.c b/grub-core/loader/slaunch/slrt.c index b5213bca

[PATCH v3 10/19] slaunch/txt: Add Intel TXT core implementation

From: Ross Philipson Signed-off-by: Ross Philipson Signed-off-by: Daniel Kiper Signed-off-by: Sergii Dmytruk --- grub-core/loader/slaunch/txt.c | 935 + include/grub/i386/linux.h | 5 +- include/grub/i386/memory.h | 5 + 3 files changed, 944 insert

[PATCH v3 13/19] i386/efi: Add DL stub as common DL event module

From: Ross Philipson Signed-off-by: Ross Philipson Signed-off-by: Sergii Dmytruk --- grub-core/loader/efi/dltrampoline.S | 94 + grub-core/loader/slaunch/dlstub.c | 93 2 files changed, 187 insertions(+) create mode 100644 grub-core/l

[PATCH v3 06/19] slaunch: Add Secure Launch Resource Table (SLRT) header file

From: Ross Philipson Introduce the Secure Launch Resource Table which forms the formal interface between the pre and post launch code. Signed-off-by: Ross Philipson Signed-off-by: Sergii Dmytruk --- grub-core/Makefile.am| 3 + include/grub/slr_table.h | 296 +

[PATCH v3 12/19] slaunch/txt: Add Intel TXT verification routines

From: Ross Philipson Signed-off-by: Ross Philipson Signed-off-by: Daniel Kiper Signed-off-by: Sergii Dmytruk --- grub-core/loader/slaunch/verify.c | 297 ++ 1 file changed, 297 insertions(+) create mode 100644 grub-core/loader/slaunch/verify.c diff --git a/grub-c

[PATCH v3 11/19] slaunch/txt: Add Intel TXT ACM module support

From: Ross Philipson Signed-off-by: Ross Philipson Signed-off-by: Daniel Kiper Signed-off-by: Sergii Dmytruk --- grub-core/loader/slaunch/acmod.c | 575 +++ 1 file changed, 575 insertions(+) create mode 100644 grub-core/loader/slaunch/acmod.c diff --git a/grub-co

[PATCH v3 05/19] commands/i386/tpm: Add TPM TIS and CRB driver

From: Daniel Kiper It will be used by Intel TXT secure launcher introduced by subsequent patches to query TPM version and relinquish a locality. It also provides `tpm_type` command that prints TPM version and interface. Signed-off-by: Daniel Kiper Signed-off-by: Krystian Hebel Signed-off-by:

[PATCH v3 16/19] i386/txt: Initialize TPM 1.2 event log in TXT heap

From: Michał Żygowski Signed-off-by: Michał Żygowski Signed-off-by: Krystian Hebel Signed-off-by: Sergii Dmytruk --- grub-core/loader/slaunch/txt.c | 68 +- include/grub/i386/txt.h| 33 + 2 files changed, 100 insertions(+), 1 deletion(-)

[PATCH v3 17/19] multiboot: Make GRUB_MULTIBOOT(make_mbi) return MBI's size

GRUB_MULTIBOOT(get_mbi_size) returns an upper bound on MBI's size instead of the actual size. It could also be used for measurements after zeroing unused parts of the buffer, but using an actual size seems like a better option as the same MBI will always have the same hash regardless of the amount

[PATCH v3 09/19] i386/txt: Add Intel TXT definitions header file

From: Ross Philipson Signed-off-by: Ross Philipson Signed-off-by: Daniel Kiper Signed-off-by: Sergii Dmytruk --- include/grub/i386/txt.h | 673 1 file changed, 673 insertions(+) create mode 100644 include/grub/i386/txt.h diff --git a/include/grub/i38

[PATCH v3 04/19] commands/tpm: Rename tpm module to tpm_verifier

From: Aleksandr Burmashev This avoids naming collision with TPM TIS and CRB driver introduced by subsequent patch and characterizes the functionality of the module better. Signed-off-by: Daniel Kiper Signed-off-by: Sergii Dmytruk --- docs/grub.texi| 21 +++--- grub-core/M

[PATCH v3 08/19] slaunch: Add SLR table setup support module

From: Ross Philipson Signed-off-by: Ross Philipson Signed-off-by: Sergii Dmytruk --- grub-core/loader/slaunch/slrt.c | 285 1 file changed, 285 insertions(+) create mode 100644 grub-core/loader/slaunch/slrt.c diff --git a/grub-core/loader/slaunch/slrt.c b/gru

[PATCH v3 02/19] i386: Add CRx, MMIO, MSR and extend CPUID definitions

From: Ross Philipson The definitions are going to be used by new Secure Launch feature and a TPM driver. Control registers and flags: - CR0 read/write and flags (PE, MP, EM, TS, PG, NE, WP, AM, NW, CD) - CR4 read/write and flags (VME, PVI, TSD, DE, PSE, PAE, MCE, PGE, PCE, FXSR, XMM, VMXE,

[PATCH v3 07/19] slaunch: Add main Secure Launch definitions header

From: Ross Philipson Signed-off-by: Ross Philipson Signed-off-by: Sergii Dmytruk --- grub-core/Makefile.am | 3 ++ include/grub/slaunch.h | 96 ++ 2 files changed, 99 insertions(+) create mode 100644 include/grub/slaunch.h diff --git a/grub-core/Make

[PATCH v3 19/19] multiboot2: Support TXT Secure Launch

From: Michał Żygowski The code makes sure the order of policy entries is correct: - MBI entry goes first, so the payload can measure it first on launch - then goes SLRT and other typical entries - MB2 modules are appended last Signed-off-by: Michał Żygowski Signed-off-by: Tomasz Żyjewski Si

[PATCH v3 03/19] efi/tpm: Replace tpm command

From: Ross Philipson Replace UEFI tpm measuring command with TPM logging function, allowing the removal of the tpm command file. Signed-off-by: Ross Philipson Signed-off-by: Sergii Dmytruk --- grub-core/Makefile.core.def | 1 - grub-core/commands/efi/tpm.c | 2 +- grub-core/commands/tpm.

[PATCH v3 00/19] x86: Trenchboot Secure Launch DRTM for Intel TXT (GRUB)

Hello, Continuing upstreaming [TrenchBoot] code changes. More context can be found in the cover letter for [v1]. This set targets v11 of Linux patches [linux-v11]. How the patches look now: 1. [01-02] Various additions in preparation for later commits 2. [03-05] TPM-related part (`tpm` modul

[PATCH v3 15/19] efi: Add Secure Launch support for efi/linux boot through EFI stub

From: Ross Philipson Signed-off-by: Ross Philipson Signed-off-by: Sergii Dmytruk --- grub-core/Makefile.core.def | 1 + grub-core/loader/efi/linux.c | 16 ++ grub-core/loader/slaunch/x86_efi_linux.c | 212 +++ include/grub/slaunch.h

[PATCH v3 01/19] mmap: Add grub_mmap_get_lowest() and grub_mmap_get_highest()

From: Daniel Kiper The functions find the lowest and highest values with regard to the passed in limit. Passing a low limit of 0 or a high limit of ~0 calculates lowest and highest available RAM addresses respectively. Signed-off-by: Daniel Kiper Signed-off-by: Sergii Dmytruk Reviewed-by: Ros