EFI changes for v5.5:
- Change my email address to @kernel.org so I am no longer at the mercy of useless corporate email infrastructure - Wire up the EFI RNG code for x86. This enables an additional source of entropy during early boot. - Enable the TPM event log code on ARM platforms. -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEnNKg2mrY9zMBdeK7wjcgfpV0+n0FAl3D4YgACgkQwjcgfpV0 +n1TvggAtpy7Op+3RspGk380uaDWwNx40rEP8NULaqJldnqdIKIiKaUnIf1bgbwp ForCSV5PfhqZeVqhrpyRL8GSDrWdkbvt9tSWgqWTVDhMEPZoTnEM52XZ5IdFrW6e JmCaJmCfAeMT8TcCifF4MCCdJMutom9f8eb7wj1VAbH9fVMBUQxjxt6kClYD7hX/ /nHhdFzW+ptxnf1Ckos4ZEo5srQ0KA5Vb8cX+u5N086THsfsLz4LFB918gWrlUnF LpVI20f9tsvVZ7uvqsIK6sU77Hg3Ysl+bLZzxFa1/9u2CAijwlOiXhKT2IAnpT0K lfVNCt0JDBvvCtouj8NZgN6LyWyqww== =gn4S -----END PGP SIGNATURE----- Merge tag 'efi-next' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi into efi/core Pull EFI changes for v5.5 from Ard Biesheuvel: - Change my email address to @kernel.org so I am no longer at the mercy of useless corporate email infrastructure - Wire up the EFI RNG code for x86. This enables an additional source of entropy during early boot. - Enable the TPM event log code on ARM platforms.
This commit is contained in:
commit
2278f452a1
1
.mailmap
1
.mailmap
@ -32,6 +32,7 @@ Andy Adamson <andros@citi.umich.edu>
|
||||
Antoine Tenart <antoine.tenart@free-electrons.com>
|
||||
Antonio Ospite <ao2@ao2.it> <ao2@amarulasolutions.com>
|
||||
Archit Taneja <archit@ti.com>
|
||||
Ard Biesheuvel <ardb@kernel.org> <ard.biesheuvel@linaro.org>
|
||||
Arnaud Patard <arnaud.patard@rtp-net.org>
|
||||
Arnd Bergmann <arnd@arndb.de>
|
||||
Axel Dyks <xl@xlsigned.net>
|
||||
|
@ -6003,14 +6003,14 @@ F: sound/usb/misc/ua101.c
|
||||
EFI TEST DRIVER
|
||||
L: linux-efi@vger.kernel.org
|
||||
M: Ivan Hu <ivan.hu@canonical.com>
|
||||
M: Ard Biesheuvel <ard.biesheuvel@linaro.org>
|
||||
M: Ard Biesheuvel <ardb@kernel.org>
|
||||
S: Maintained
|
||||
F: drivers/firmware/efi/test/
|
||||
|
||||
EFI VARIABLE FILESYSTEM
|
||||
M: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
M: Jeremy Kerr <jk@ozlabs.org>
|
||||
M: Ard Biesheuvel <ard.biesheuvel@linaro.org>
|
||||
M: Ard Biesheuvel <ardb@kernel.org>
|
||||
T: git git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git
|
||||
L: linux-efi@vger.kernel.org
|
||||
S: Maintained
|
||||
@ -6189,7 +6189,7 @@ S: Supported
|
||||
F: security/integrity/evm/
|
||||
|
||||
EXTENSIBLE FIRMWARE INTERFACE (EFI)
|
||||
M: Ard Biesheuvel <ard.biesheuvel@linaro.org>
|
||||
M: Ard Biesheuvel <ardb@kernel.org>
|
||||
L: linux-efi@vger.kernel.org
|
||||
T: git git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git
|
||||
S: Maintained
|
||||
@ -15006,7 +15006,7 @@ F: include/media/soc_camera.h
|
||||
F: drivers/staging/media/soc_camera/
|
||||
|
||||
SOCIONEXT SYNQUACER I2C DRIVER
|
||||
M: Ard Biesheuvel <ard.biesheuvel@linaro.org>
|
||||
M: Ard Biesheuvel <ardb@kernel.org>
|
||||
L: linux-i2c@vger.kernel.org
|
||||
S: Maintained
|
||||
F: drivers/i2c/busses/i2c-synquacer.c
|
||||
|
@ -782,6 +782,9 @@ efi_main(struct efi_config *c, struct boot_params *boot_params)
|
||||
|
||||
/* Ask the firmware to clear memory on unclean shutdown */
|
||||
efi_enable_reset_attack_mitigation(sys_table);
|
||||
|
||||
efi_random_get_seed(sys_table);
|
||||
|
||||
efi_retrieve_tpm2_eventlog(sys_table);
|
||||
|
||||
setup_graphics(boot_params);
|
||||
|
@ -38,7 +38,8 @@ OBJECT_FILES_NON_STANDARD := y
|
||||
# Prevents link failures: __sanitizer_cov_trace_pc() is not linked in.
|
||||
KCOV_INSTRUMENT := n
|
||||
|
||||
lib-y := efi-stub-helper.o gop.o secureboot.o tpm.o
|
||||
lib-y := efi-stub-helper.o gop.o secureboot.o tpm.o \
|
||||
random.o
|
||||
|
||||
# include the stub's generic dependencies from lib/ when building for ARM/arm64
|
||||
arm-deps-y := fdt_rw.c fdt_ro.c fdt_wip.c fdt.c fdt_empty_tree.c fdt_sw.c
|
||||
@ -47,7 +48,7 @@ arm-deps-$(CONFIG_ARM64) += sort.c
|
||||
$(obj)/lib-%.o: $(srctree)/lib/%.c FORCE
|
||||
$(call if_changed_rule,cc_o_c)
|
||||
|
||||
lib-$(CONFIG_EFI_ARMSTUB) += arm-stub.o fdt.o string.o random.o \
|
||||
lib-$(CONFIG_EFI_ARMSTUB) += arm-stub.o fdt.o string.o \
|
||||
$(patsubst %.c,lib-%.o,$(arm-deps-y))
|
||||
|
||||
lib-$(CONFIG_ARM) += arm32-stub.o
|
||||
|
@ -189,6 +189,8 @@ unsigned long efi_entry(void *handle, efi_system_table_t *sys_table,
|
||||
goto fail_free_cmdline;
|
||||
}
|
||||
|
||||
efi_retrieve_tpm2_eventlog(sys_table);
|
||||
|
||||
/* Ask the firmware to clear memory on unclean shutdown */
|
||||
efi_enable_reset_attack_mitigation(sys_table);
|
||||
|
||||
|
@ -63,8 +63,6 @@ efi_status_t efi_random_alloc(efi_system_table_t *sys_table_arg,
|
||||
|
||||
efi_status_t check_platform_features(efi_system_table_t *sys_table_arg);
|
||||
|
||||
efi_status_t efi_random_get_seed(efi_system_table_t *sys_table_arg);
|
||||
|
||||
void *get_efi_config_table(efi_system_table_t *sys_table, efi_guid_t guid);
|
||||
|
||||
/* Helper macros for the usual case of using simple C variables: */
|
||||
|
@ -9,6 +9,18 @@
|
||||
|
||||
#include "efistub.h"
|
||||
|
||||
typedef struct efi_rng_protocol efi_rng_protocol_t;
|
||||
|
||||
typedef struct {
|
||||
u32 get_info;
|
||||
u32 get_rng;
|
||||
} efi_rng_protocol_32_t;
|
||||
|
||||
typedef struct {
|
||||
u64 get_info;
|
||||
u64 get_rng;
|
||||
} efi_rng_protocol_64_t;
|
||||
|
||||
struct efi_rng_protocol {
|
||||
efi_status_t (*get_info)(struct efi_rng_protocol *,
|
||||
unsigned long *, efi_guid_t *);
|
||||
@ -28,7 +40,7 @@ efi_status_t efi_get_random_bytes(efi_system_table_t *sys_table_arg,
|
||||
if (status != EFI_SUCCESS)
|
||||
return status;
|
||||
|
||||
return rng->get_rng(rng, NULL, size, out);
|
||||
return efi_call_proto(efi_rng_protocol, get_rng, rng, NULL, size, out);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -161,15 +173,16 @@ efi_status_t efi_random_get_seed(efi_system_table_t *sys_table_arg)
|
||||
if (status != EFI_SUCCESS)
|
||||
return status;
|
||||
|
||||
status = rng->get_rng(rng, &rng_algo_raw, EFI_RANDOM_SEED_SIZE,
|
||||
seed->bits);
|
||||
status = efi_call_proto(efi_rng_protocol, get_rng, rng, &rng_algo_raw,
|
||||
EFI_RANDOM_SEED_SIZE, seed->bits);
|
||||
|
||||
if (status == EFI_UNSUPPORTED)
|
||||
/*
|
||||
* Use whatever algorithm we have available if the raw algorithm
|
||||
* is not implemented.
|
||||
*/
|
||||
status = rng->get_rng(rng, NULL, EFI_RANDOM_SEED_SIZE,
|
||||
seed->bits);
|
||||
status = efi_call_proto(efi_rng_protocol, get_rng, rng, NULL,
|
||||
EFI_RANDOM_SEED_SIZE, seed->bits);
|
||||
|
||||
if (status != EFI_SUCCESS)
|
||||
goto err_freepool;
|
||||
|
@ -1645,6 +1645,8 @@ static inline void
|
||||
efi_enable_reset_attack_mitigation(efi_system_table_t *sys_table_arg) { }
|
||||
#endif
|
||||
|
||||
efi_status_t efi_random_get_seed(efi_system_table_t *sys_table_arg);
|
||||
|
||||
void efi_retrieve_tpm2_eventlog(efi_system_table_t *sys_table);
|
||||
|
||||
/*
|
||||
|
Loading…
x
Reference in New Issue
Block a user