Hello!
I trying to add (v)TPM support for the ieee1275/powerpc64 platform to
grub. The issue I have been running into is that the verifier runs out
of memory. At that point it has loaded the (~ 32MB) Linux kernel and now
the verifier is invoked to load the file. Unfortunately it cannot load
On 3/18/20 11:59 AM, Simon Hardy wrote:
The 2020/03/17 13:15, Stefan Berger wrote:
I trying to add (v)TPM support for the ieee1275/powerpc64 platform to grub.
The issue I have been running into is that the verifier runs out of memory.
At that point it has loaded the (~ 32MB) Linux kernel and
On 3/18/20 3:32 PM, Stefan Berger wrote:
On 3/18/20 11:59 AM, Simon Hardy wrote:
The 2020/03/17 13:15, Stefan Berger wrote:
I trying to add (v)TPM support for the ieee1275/powerpc64 platform
to grub.
The issue I have been running into is that the verifier runs out of
memory.
At that point
On 3/18/20 6:17 PM, Simon Hardy wrote:
I was wondering whether it would not be possible to load the raw file
into memory, pass it to the firmware for hashing (and logging) via the
verifier, and if we do not trust that the firmware treated the file data
as a read-only array, load the file again in
On 6/30/21 4:40 AM, Daniel Axtens wrote:
Before adding information about how grub is signed with an appended
signature scheme, it's worth adding some information about how it
can currently be signed for UEFI.
Signed-off-by: Daniel Axtens
Reviewed-by: Stefan Berger
---
docs/grub
g. on powerpc-ieee1275, to the PReP partition)
+@end group
+@end example
+
+As with UEFI secure boot, it is necessary to build in the required modules,
+or sign them separately.
+
+
@node Platform limitations
@chapter Platform limitations
Reviewed-by: Stefan Berger
_
grub with this change under SLOF and PFW.
Signed-off-by: Daniel Axtens
Tested-by: Stefan Berger
---
docs/grub-dev.texi | 6 ++-
grub-core/kern/ieee1275/init.c | 81 +++---
2 files changed, 69 insertions(+), 18 deletions(-)
diff --git a/docs/gru
wer the amount of memory your partition has below
512MB.)
Signed-off-by: Daniel Axtens
Tested-by: Stefan Berger
---
grub-core/kern/ieee1275/cmain.c | 3 +
grub-core/kern/ieee1275/init.c | 144 ++-
include/grub/ieee1275/ieee1275.h | 6 ++
3 files
these patches it runs out of memory. From
what I can see they work fine.
Tested-by: Stefan Berger
---
grub-core/kern/ieee1275/init.c | 17 -
1 file changed, 17 deletions(-)
diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c
index d483e35eed2b..
is just to spin rsa_pad out into its own
PKCS#1 v1.5 module.
Signed-off-by: Daniel Axtens
This an almost straight move of code from one function into another one:
Reviewed-by: Stefan Berger
---
grub-core/Makefile.core.def | 8 +
grub-core/commands/pgp.c| 28 ++
gru
persistent modules)
Signed-off-by: Daniel Axtens
Reviewed-by: Stefan Berger
---
include/grub/dl.h | 11 +++
1 file changed, 11 insertions(+)
diff --git a/include/grub/dl.h b/include/grub/dl.h
index b3753c9ca262..5decbe2f2fb9 100644
--- a/include/grub/dl.h
+++ b/include/grub/dl.h
all to grub_divmod64, preventing
creation of __udivdi3 calls on 32 bit platforms.
Signed-off-by: Daniel Axtens
---
v2: Clean up strcat handling, thanks Stefan Berger.
---
grub-core/lib/libtasn1/lib/decoding.c | 11 ++-
grub-core/lib/libtasn1/lib/element.c| 3 ++-
grub-core/lib
On 6/30/21 4:40 AM, Daniel Axtens wrote:
From: Rashmica Gupta
Add infrastructure to allow firmware to verify the integrity of grub
by use of a Linux-kernel-module-style appended signature. We initially
target powerpc-ieee1275, but the code should be extensible to other
platforms.
Usually thes
etc) use grub_crypto_lookup_cipher_by_name()
to get a cipher handle. That depends on grub_ciphers being populated
by people calling grub_cipher_register. import_gcry.py ensures that the
symmetric ciphers call it.]
Signed-off-by: Daniel Axtens
Reviewed-by: Stefan Berger
---
grub-core/comma
bits on all our platforms, including 64 bit
platforms, so we also use that value.
- Provide strto[u]l[l] preprocessor macros that resolve to
grub_strto[u]l[l]. To avoid gcrypt redefining strtoul, we
also define HAVE_STRTOUL here.
Signed-off-by: Daniel Axtens
Reviewed-by
On 6/30/21 4:40 AM, Daniel Axtens wrote:
Create a wrapper file that specifies the module license.
Set up the makefile so it is built.
Signed-off-by: Daniel Axtens
Reviewed-by: Stefan Berger
---
grub-core/Makefile.core.def| 15 +++
grub-core/lib/libtasn1_wrap
From: Stefan Berger
Add support for trusted boot using a vTPM 2.0 on the IBM ieee1275
platform. With this patch grub now measures text and binary data
into the TPM's PCRs 8 and 9 in the same way as the x86_64 platform
does.
This patch requires Daniel Axtens's patches for claiming m
grub core image in the same way as PGP keys.
Signed-off-by: Alastair D'Silva
Signed-off-by: Daniel Axtens
Reviewed-by: Stefan Berger
---
grub-core/commands/pgp.c| 2 +-
include/grub/kernel.h | 3 ++-
include/grub/util/install.h | 7 +--
util/grub-install-comm
On 7/14/21 12:16 PM, Daniel Kiper wrote:
CC-ing folks CC-ed in Daniel's patch series and Eric.
On Mon, Jul 12, 2021 at 03:02:19PM -0400, Stefan Berger wrote:
From: Stefan Berger
Add support for trusted boot using a vTPM 2.0 on the IBM ieee1275
platform. With this patch grub now mea
/857543cc24114431dd5dde0e83c2c44b9b7e6050/lib/pkix_asn1_tab.c
Reviewed-by: Stefan Berger
---
.../commands/appendedsig/gnutls_asn1_tab.c| 121 +
.../commands/appendedsig/pkix_asn1_tab.c | 484 ++
2 files changed, 605 insertions(+)
create mode 100644 grub-core/commands
rious code and comment cleanups.
Thanks to Nayna Jain and Stefan Berger for their reviews.
revert
Signed-off-by: Daniel Axtens
---
grub-core/commands/appendedsig/appendedsig.h | 118 ++
grub-core/commands/appendedsig/asn1util.c| 103 ++
grub-core/commands/appendedsig/pkcs7.c |
On 6/30/21 4:40 AM, Daniel Axtens wrote:
If the 'ibm,secure-boot' property of the root node is 2 or greater,
enter lockdown.
Signed-off-by: Daniel Axtens
Reviewed-by: Stefan Berger
---
docs/grub.texi | 4 ++--
grub-core/Makefile.core.def| 1 +
grub
On 6/30/21 4:40 AM, Daniel Axtens wrote:
This explains how appended signatures can be used to form part of
a secure boot chain, and documents the commands and variables
introduced.
Signed-off-by: Daniel Axtens
One small thing below.
---
v2: fix a grammar issue, thanks Stefan Berger
signatures
- Support multiple signers
- Use an enum rather than 0, 1 and 2 for various signature
enforcement states.
- Spin out a file reading function that was duplicated.
- Fix some code style and clarity issues.
Thanks to Nayna Jain and Stefan Berger for their reviews.
Revert "f
On 6/30/21 4:40 AM, Daniel Axtens wrote:
These tests are run through all_functional_test and test a range
of commands and behaviours.
Signed-off-by: Daniel Axtens
Reviewed-by: Stefan Berger
---
v2 changes:
- add a test for EKU
- add tests for files signed with multiple signers
On 7/14/21 12:16 PM, Daniel Kiper wrote:
Signed-off-by: Stefan Berger
---
grub-core/Makefile.core.def | 8 ++
grub-core/commands/ieee1275/ibmvtpm.c | 118 ++
grub-core/kern/ieee1275/ibmvtpm.c | 62 ++
include/grub/ieee1275/ibmvtpm.h
potentially override the
HEAP_MAX_ADDR check. It is now unused. Remove it.
Signed-off-by: Daniel Axtens
Tested-by: Stefan Berger
---
grub-core/kern/ieee1275/init.c | 17 -
1 file changed, 17 deletions(-)
diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee12
From: Stefan Berger
Add support for trusted boot using a vTPM 2.0 on the IBM IEEE1275
PowerPC platform. With this patch grub now measures text and binary data
into the TPM's PCRs 8 and 9 in the same way as the x86_64 platform
does.
Cc: Eric Snowberg
Signed-off-by: Stefan Berger
---
oots.
(phyp is super sticky with the RMA size - it persists even on cold boots.
So if you've ever booted Linux in a partition, you'll probably never have
grub call CAS. It'll only ever fire the first time a partition loads grub,
or if you deliberately lower the amount of memory y
ernel. So we can't address memory beyond 4GB. This gives a natural cap
of 1GB for powerpc-ieee1275.
Also apply this 1/4 approach to i386-ieee1275, but keep the 32MB cap.
make check still works for both i386 and powerpc and I've booted
powerpc grub with this change under SLOF and PFW.
Sign
From: Stefan Berger
This series of patches adds support for trusted boot using vTPM on the
IBM IEEE1275 PowerPC platform.
Stefan
v2:
- Prepended Daniel's patches to claim more memory on IBM platform
- Added documentation to vTPM patch and major refactoring following
Daniels&#x
Acked-by: Stefan Berger
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
n the future.
With these exclusions we also avoid the need for minmax.h,
which is convenient because it means we don't have to
import it from gnulib.
Signed-off-by: Daniel Axtens
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-dev
On 7/21/21 10:36 AM, Daniel Kiper wrote:
On Tue, Jul 20, 2021 at 05:14:46PM -0400, Stefan Berger wrote:
From: Daniel Axtens
HEAP_MAX_ADDR is confusing. Currently it is set to 32MB, except
on ieee1275 on x86, where it is 64MB.
There is a comment which purports to explain it:
/* If possible
On 7/21/21 10:45 AM, Daniel Kiper wrote:
On Fri, Jul 16, 2021 at 05:59:20AM +0200, Patrick Steinhardt wrote:
On Thu, Jul 15, 2021 at 11:51:04PM +0200, Daniel Kiper wrote:
CC-in a few people who can be interested in this...
On Wed, Jun 30, 2021 at 06:40:11PM +1000, Daniel Axtens wrote:
On pow
On 7/21/21 10:45 AM, Daniel Kiper wrote:
On Fri, Jul 16, 2021 at 05:59:20AM +0200, Patrick Steinhardt wrote:
I think that my [1] should solve the issue generically. Instead of
bumping any of the static limits we have in place, we just drop them
altogether in favor of dynamically requesting add
On 7/28/21 9:25 AM, Daniel Kiper wrote:
On Tue, Jul 20, 2021 at 05:14:49PM -0400, Stefan Berger wrote:
+#define IEEE1275_CELL_TRUE ((grub_ieee1275_cell_t) -1)
This smells like global constant. Does not it? If yes could you define it
in a global header and use it? Maybe even replace
On 7/30/21 8:44 AM, Daniel Kiper wrote:
On Thu, Jul 29, 2021 at 09:30:49AM -0400, Stefan Berger wrote:
On 7/28/21 9:25 AM, Daniel Kiper wrote:
On Tue, Jul 20, 2021 at 05:14:49PM -0400, Stefan Berger wrote:
+#define IEEE1275_CELL_TRUE ((grub_ieee1275_cell_t) -1)
This smells like global
From: Stefan Berger
Add support for trusted boot using a vTPM 2.0 on the IBM IEEE1275
PowerPC platform. With this patch grub now measures text and binary data
into the TPM's PCRs 8 and 9 in the same way as the x86_64 platform
does.
This patch requires Daniel Axtens's patches for cla
oots.
(phyp is super sticky with the RMA size - it persists even on cold boots.
So if you've ever booted Linux in a partition, you'll probably never have
grub call CAS. It'll only ever fire the first time a partition loads grub,
or if you deliberately lower the amount of memory y
ernel. So we can't address memory beyond 4GB. This gives a natural cap
of 1GB for powerpc-ieee1275.
Also apply this 1/4 approach to i386-ieee1275, but keep the 32MB cap.
make check still works for both i386 and powerpc and I've booted
powerpc grub with this change under SLOF and PFW.
Sign
From: Stefan Berger
This series of patches adds support for trusted boot using vTPM on the
IBM IEEE1275 PowerPC platform.
Stefan
v3:
- Rebased on latest master
- Moving #defines from ieee1275.c to ieee1275.h
- More refactoring in patch 4
v2:
- Prepended Daniel's patches to
From: Stefan Berger
Move some #defines from ieee1275.c into the common ieee1275.h
header file. Adjust the case used in IHANDLE_INVALID to use
proper ihandle_t.
Signed-off-by: Stefan Berger
---
grub-core/kern/ieee1275/ieee1275.c | 29 -
include/grub/ieee1275
On 8/4/21 7:19 AM, Daniel Kiper wrote:
CC-ing Patrick.
On Fri, Jul 30, 2021 at 11:45:38AM -0400, Stefan Berger wrote:
From: Daniel Axtens
On powerpc-ieee1275, we are running out of memory trying to verify
anything. This is because:
- we have to load an entire file into memory to verify
On 7/30/21 11:45 AM, Stefan Berger wrote:
From: Stefan Berger
Move some #defines from ieee1275.c into the common ieee1275.h
header file. Adjust the case used in IHANDLE_INVALID to use
proper ihandle_t.
Signed-off-by: Stefan Berger
---
grub-core/kern/ieee1275/ieee1275.c | 29
On 4/14/22 11:30, Daniel Kiper wrote:
On Thu, Apr 07, 2022 at 04:41:04PM +0200, Daniel Kiper wrote:
On Mon, Mar 28, 2022 at 05:22:25PM +1100, Daniel Axtens wrote:
Hi all,
This is, at long last, an updated version of my series extending Patrick's
dynamic memory regions to ieee1275.
Noteworth
On 3/15/24 00:06, Michael Chang via Grub-devel wrote:
On Mon, May 08, 2023 at 01:58:36PM +, Avnish Chouhan wrote:
From: Diego Domingos
This patch enables the device mapper discovery on ofpath.c. Currently,
when we are dealing with a device like /dev/dm-* the ofpath returns null
since the
On 4/9/24 04:30, Gary Lin via Grub-devel wrote:
From: Hernan Gatta
A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to
compose, submit, and parse TPM commands and responses.
A limited number of TPM commands may be accessed via the EFI TCG2
protocol. This protocol exposes f
On 4/12/24 04:39, Gary Lin wrote:
From: Hernan Gatta
A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to
compose, submit, and parse TPM commands and responses.
compose and submit TPM commands and parse reponses.
A limited number of TPM commands may be accessed via the E
On 4/9/24 04:30, Gary Lin via Grub-devel wrote:
For the tpm2 module, the TCG2 command submission function is the only
difference between the a QEMU instance and grub-emu. To test TPM key
unsealing with a QEMU instance, it requires an extra OS image to invoke
grub-protect to seal the LUKS key, r
,gpt1)/boot/grub2/sealed.tpm
cryptomount -u -P tpm2
For any change in the boot components, just run the 'sign' command again
to update the signature in sealed.tpm, and TPM can unseal the key file
with the updated PCR policy.
(*1) https://www.hansenpartnership.com/draft-bottomley-tpm2-keys.html
ibtasn1: compile into asn1 module
-: - > 7: 24c129e64 asn1_test: test module for libtasn1
-: - > 8: 7a1aced55 libtasn1: Add the documentation
-: - > 9: 957b048f2 key_protector: Add key protectors framework
1: ca024f496 ! 10: cbeaf8472 tpm2: Add TPM Software St
t
+grub_key_protector_unregister (struct grub_key_protector *protector);
+
+grub_err_t
+grub_key_protector_recover_key (const char *protector,
+ grub_uint8_t **key,
+ grub_size_t *key_size);
+
+#endif /* ! GRUB_PROTECTOR_HEADER */
with nit fixed:
R
On 4/12/24 04:39, Gary Lin via Grub-devel wrote:
From: Hernan Gatta
The TPM2 key protector is a module that enables the automatic retrieval
of a fully-encrypted disk's unlocking key from a TPM 2.0.
A few minor finds/comments below.
The theory of operation is such that the module accepts
"
+ "failed to unlock %s%s%s (%s)\n",
+cargs->protectors[i], source->name,
+source->partition != NULL ? "," : "",
+part != NULL ? part : N_("UNKNO
On 4/12/24 04:39, Gary Lin via Grub-devel wrote:
From: Hernan Gatta
To utilize the key protectors framework, there must be a way to protect
full-disk encryption keys in the first place. The grub-protect tool
includes support for the TPM2 key protector but other protectors that
require setup a
-by: Patrick Colp
Signed-off-by: Gary Lin
Reviewed-by: Stefan Berger
---
grub-core/tpm2/module.c | 25 -
1 file changed, 20 insertions(+), 5 deletions(-)
diff --git a/grub-core/tpm2/module.c b/grub-core/tpm2/module.c
index 0ed8f2682..b4d588b0c 100644
--- a/grub-core/t
the device node on host, it's easy to
implement the essential TCG2 command submission function with the
read/write functions and enable tpm2 module for grub-emu, so that we can
further test TPM key unsealing with grub-emu.
Signed-off-by: Gary Lin
Reviewed-by: Stefan Berger
---
grub
emory to retrieve the secret key. To defend
such attack, wipe out the cached key when we don't need it.
Signed-off-by: Gary Lin
Cc: Fabian Vogt
Reviewed-by: Stefan Berger
---
grub-core/disk/cryptodisk.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/grub
On 4/12/24 04:39, Gary Lin via Grub-devel wrote:
From: Patrick Colp
If a protector is specified, but it fails to unlock the disk, fall back
to asking for the passphrase. However, an error was set indicating that
the protector(s) failed. Later code (e.g., LUKS code) fails as
`grub_errno` is no
On 4/15/24 05:45, Gary Lin wrote:
On Fri, Apr 12, 2024 at 12:24:36PM -0400, Stefan Berger wrote:
On 4/12/24 04:39, Gary Lin via Grub-devel wrote:
GIT repo for v11: https://github.com/lcp/grub2/tree/tpm2-unlock-v11
This patch series is based on "Automatic TPM Disk Unlock"(*1)
now set. Print the existing errors out first, before
proceeding with the passphrase.
Cc: Stefan Berger
Signed-off-by: Patrick Colp
Signed-off-by: Gary Lin
Reviewed-by: Stefan Berger
---
grub-core/disk/cryptodisk.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a
image,
try to mount the image with tpm2_key_protector_init and cryptomount, and
verify the result.
Based on the idea from Michael Chang.
Cc: Michael Chang
Cc: Stefan Berger
Signed-off-by: Gary Lin
---
Makefile.util.def| 6 +
tests/tpm2_test.in | 311
d then others, so
that the auto-unlocked disk will be found first, not the attacker's disk.
Signed-off-by: Gary Lin
Cc: Fabian Vogt
Reviewed-by: Stefan Berger
---
grub-core/disk/diskfilter.c | 35 ++-
1 file changed, 26 insertions(+), 9 deletions(-)
di
ten in the key file, so there is no need to specify PCRs when
invoking tpm2_key_protector_init.
Cc: Stefan Berger
Signed-off-by: Hernan Gatta
Signed-off-by: Gary Lin
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-devel@gnu
yAuthorize, TPM2_TestParms
Cc: Stefan Berger
Signed-off-by: Hernan Gatta
Signed-off-by: Gary Lin
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
Reviewed-by: Stefan Berger
---
grub-core/lib/libtasn1/lib/decoding.c | 8
grub-core/lib/libtasn1/lib/element.c| 2 +-
grub-core/lib/libtasn1/lib/gstr.c | 2 +-
grub-core/lib/libtasn1/lib/int.h| 3 +--
grub-core/lib/libtasn1/lib/parser_aux.c | 2 +-
in
On 9/6/24 5:11 AM, Gary Lin wrote:
Update the user manual to address TPM2 key protector including the two
related commands, tpm2_key_protector_init and tpm2_key_protector_clear,
and the user-space utility: grub-protect.
Signed-off-by: Gary Lin
---
docs/grub.texi | 507 ++
On 9/6/24 5:10 AM, Gary Lin wrote:
GIT repo for v19: https://github.com/lcp/grub2/tree/tpm2-unlock-v19
This patch series is based on "Automatic TPM Disk Unlock"(*1) posted by
Hernan Gatta to introduce the key protector framework and TPM2 stack
to GRUB2, and this could be a useful feature for t
On 9/15/24 11:35 PM, Gary Lin wrote:
On Mon, Sep 16, 2024 at 10:24:03AM +0800, Gary Lin wrote:
On Fri, Sep 13, 2024 at 10:32:39AM -0400, Stefan Berger wrote:
On 9/6/24 5:10 AM, Gary Lin wrote:
GIT repo for v19: https://github.com/lcp/grub2/tree/tpm2-unlock-v19
This patch series is based
Daniel K.,
were you going to push the last 4 patches of this series into the
repo as well now that the first 10 are checked in?
Regards,
Stefan
On 4/21/22 01:24, Daniel Axtens wrote:
On PowerVM, the first time we boot a Linux partition, we may only get
256MB of real memory area, even if
00644
--- a/include/grub/tpm.h
+++ b/include/grub/tpm.h
@@ -36,4 +36,5 @@
grub_err_t grub_tpm_measure (unsigned char *buf, grub_size_t size,
grub_uint8_t pcr, const char *description);
+int grub_tpm_present (void);
#endif
Reviewed-by: Stefan Berger
Axtens (4):
ieee1275: request memory with ibm,client-architecture-support
ieee1275: drop len -= 1 quirk in heap_init
ieee1275: support runtime memory claiming
[RFC] Add memtool module with memory allocation stress-test
Stefan Berger (1):
ibmvtpm: Add support for trusted boot using a vT
On 11/30/22 14:47, Stefan Berger wrote:
On 11/24/22 12:56, Daniel Kiper wrote:
Hi,
Adding Sudhakar and Glenn...
On Thu, Aug 11, 2022 at 02:40:58PM -0300, Diego Domingos wrote:
Hello,
This is an addition to the series sent from Daniel Axtens
(https://lists.gnu.org/archive/html/grub
On 11/30/22 16:24, Stefan Berger wrote:
On 11/30/22 14:47, Stefan Berger wrote:
On 11/24/22 12:56, Daniel Kiper wrote:
Hi,
Adding Sudhakar and Glenn...
On Thu, Aug 11, 2022 at 02:40:58PM -0300, Diego Domingos wrote:
Hello,
This is an addition to the series sent from Daniel Axtens
On 12/1/22 00:19, Glenn Washburn wrote:
On Wed, 30 Nov 2022 17:42:40 -0500
Stefan Berger wrote:
On 11/30/22 16:24, Stefan Berger wrote:
On 11/30/22 14:47, Stefan Berger wrote:
On 11/24/22 12:56, Daniel Kiper wrote:
Hi,
Adding Sudhakar and Glenn...
On Thu, Aug 11, 2022 at 02:40
On 12/1/22 09:02, Daniel Kiper wrote:
On Thu, Dec 01, 2022 at 08:43:56AM -0500, Stefan Berger wrote:
On 12/1/22 00:19, Glenn Washburn wrote:
On Wed, 30 Nov 2022 17:42:40 -0500
Stefan Berger wrote:
On 11/30/22 16:24, Stefan Berger wrote:
On 11/30/22 14:47, Stefan Berger wrote:
On 11/24/22
On 12/1/22 09:47, Daniel Kiper wrote:
On Thu, Dec 01, 2022 at 09:22:42AM -0500, Stefan Berger wrote:
On 12/1/22 09:02, Daniel Kiper wrote:
[...]
./configure --target=i386 --with-platform=ieee1275 ...
I had to adjust the created symlist.h like this to make it compile at least
On 12/1/22 10:51, Daniel Kiper wrote:
On Thu, Dec 01, 2022 at 09:58:45AM -0500, Stefan Berger wrote:
On 12/1/22 09:47, Daniel Kiper wrote:
On Thu, Dec 01, 2022 at 09:22:42AM -0500, Stefan Berger wrote:
On 12/1/22 09:02, Daniel Kiper wrote:
[...]
./configure --target=i386 --with-platform
Diego Domingos (1):
ieee1275: implement vec5 for cas negotiation
Stefan Berger (1):
ibmvtpm: Add support for trusted boot using a vTPM 2.0
configure.ac | 1 +
docs/grub-dev.texi| 7 +-
docs/grub.texi| 3 +-
grub-core
nux
with space to satisfy its early allocations.
Allow other space to be allocated at runtime.
Tested-by: Stefan Berger
Signed-off-by: Daniel Axtens
---
docs/grub-dev.texi | 7 +-
grub-core/kern/ieee1275/init.c | 268 ++---
2 files changed, 255 in
values to 0 (default).
Signed-off-by: Diego Domingos
Acked-by: Daniel Axtens
Signed-off-by: Stefan Berger
---
grub-core/kern/ieee1275/init.c | 21 -
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c
gions
* stress_big_allocs - stress test large allocations:
- how much memory can we allocate in one chunk?
- how many 1MB chunks can we allocate?
- check that gap-filling works with a 1MB aligned 900kB alloc + a
100kB alloc.
Signed-off-by: Daniel Axtens
Signed-off-by: Stefan Berger
---
configu
splayed in the Linux kernel log. Those users will
have to update their machines to the firmware levels mentioned
above.
Cc: Eric Snowberg
Signed-off-by: Stefan Berger
Signed-off-by: Daniel Axtens
---
docs/grub.texi| 3 +-
grub-core/Makefile.core.def | 7 ++
From: Daniel Axtens
This was apparently 'required by some firmware': commit dc9468500919
("2007-02-12 Hollis Blanchard ").
It's not clear what firmware that was, and what platform from 14 years ago
which exhibited the bug then is still both in use and buggy now.
It doesn't cause issues on qem
nly
ever fire the first time a partition loads grub, or if you deliberately lower
the amount of memory your partition has below 512MB.)
Signed-off-by: Daniel Axtens
Signed-off-by: Stefan Berger
---
grub-core/kern/ieee1275/cmain.c | 3 +
grub-core/kern/ieee1275/init.c | 165 +++
On 12/13/22 11:35, Daniel Kiper wrote:
On Thu, Dec 01, 2022 at 04:12:01PM -0500, Stefan Berger wrote:
Add support for trusted boot using a vTPM 2.0 on the IBM IEEE1275
PowerPC platform. With this patch grub now measures text and binary data
into the TPM's PCRs 8 and 9 in the same way a
On 12/13/22 11:14, Daniel Kiper wrote:
On Thu, Dec 01, 2022 at 04:11:58PM -0500, Stefan Berger wrote:
From: Daniel Axtens
On powerpc-ieee1275, we are running out of memory trying to verify
anything. This is because:
- we have to load an entire file into memory to verify it. This is
On 12/14/22 09:20, Daniel Kiper wrote:
On Tue, Dec 13, 2022 at 01:18:34PM -0500, Stefan Berger wrote:
On 12/13/22 11:35, Daniel Kiper wrote:
On Thu, Dec 01, 2022 at 04:12:01PM -0500, Stefan Berger wrote:
Add support for trusted boot using a vTPM 2.0 on the IBM IEEE1275
PowerPC platform
ieee1275: request memory with ibm, client-architecture-support
ieee1275: drop len -= 1 quirk in heap_init
ieee1275: support runtime memory claiming
Add memtool module with memory allocation stress-test
Diego Domingos (1):
ieee1275: implement vec5 for cas negotiation
Stefan Berger (1):
ib
nly
ever fire the first time a partition loads grub, or if you deliberately lower
the amount of memory your partition has below 512MB.)
Signed-off-by: Daniel Axtens
Signed-off-by: Stefan Berger
Reviewed-by: Daniel Kiper
---
grub-core/kern/ieee1275/cmain.c | 5 +
grub-core/kern/ieee1275/i
From: Daniel Axtens
This was apparently 'required by some firmware': commit dc9468500919
("2007-02-12 Hollis Blanchard ").
It's not clear what firmware that was, and what platform from 14 years ago
which exhibited the bug then is still both in use and buggy now.
It doesn't cause issues on qem
e firmware levels mentioned
above.
Cc: Eric Snowberg
Signed-off-by: Stefan Berger
Signed-off-by: Daniel Axtens
Reviewed-by: Daniel Kiper
---
docs/grub.texi| 3 +-
grub-core/Makefile.core.def | 7 ++
grub-core/commands/ieee1275/ibmvt
values to 0 (default).
Signed-off-by: Diego Domingos
Acked-by: Daniel Axtens
Signed-off-by: Stefan Berger
---
grub-core/kern/ieee1275/init.c | 21 -
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c
nux
with space to satisfy its early allocations.
Allow other space to be allocated at runtime.
Tested-by: Stefan Berger
Signed-off-by: Daniel Axtens
---
docs/grub-dev.texi | 7 +-
grub-core/kern/ieee1275/init.c | 270 ++---
2 files changed, 257 in
gions
* stress_big_allocs - stress test large allocations:
- how much memory can we allocate in one chunk?
- how many 1MB chunks can we allocate?
- check that gap-filling works with a 1MB aligned 900kB alloc + a
100kB alloc.
Signed-off-by: Daniel Axtens
Signed-off-by: Stefan Berger
Reviewed-by: D
ieee1275: request memory with ibm, client-architecture-support
ieee1275: drop len -= 1 quirk in heap_init
ieee1275: support runtime memory claiming
Add memtool module with memory allocation stress-test
Diego Domingos (1):
ieee1275: implement vec5 for cas negotiation
Stefan Berger (1):
ib
values to 0 (default).
Signed-off-by: Diego Domingos
Acked-by: Daniel Axtens
Signed-off-by: Stefan Berger
---
grub-core/kern/ieee1275/init.c | 21 -
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c
nux
with space to satisfy its early allocations.
Allow other space to be allocated at runtime.
Tested-by: Stefan Berger
Signed-off-by: Daniel Axtens
---
docs/grub-dev.texi | 7 +-
grub-core/kern/ieee1275/init.c | 270 ++---
2 files changed, 257 in
nly
ever fire the first time a partition loads grub, or if you deliberately lower
the amount of memory your partition has below 512MB.)
Signed-off-by: Daniel Axtens
Signed-off-by: Stefan Berger
Reviewed-by: Daniel Kiper
---
grub-core/kern/ieee1275/cmain.c | 5 +
grub-core/kern/ieee1275/i
1 - 100 of 292 matches
Mail list logo
