Stefan Metzmacher [Mon, 24 Oct 2022 05:51:33 +0000 (07:51 +0200)]
config-6.1.0-rc2-metze.01 rebased on v6.1-rc2
Stefan Metzmacher [Fri, 21 Oct 2022 13:47:54 +0000 (15:47 +0200)]
config-6.1.0-rc1-metze.01
e35184f321518acadb681928a016da21a9a20c13 origin/master disabled CONFIG_OVERLAY_FS CONFIG_SHIFT_FS CONFIG_DELL_UART_BACKLIGHT
-CONFIG_OVERLAY_FS=m
-# CONFIG_OVERLAY_FS_REDIRECT_DIR is not set
-CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW=y
-# CONFIG_OVERLAY_FS_INDEX is not set
-CONFIG_OVERLAY_FS_XINO_AUTO=y
-# CONFIG_OVERLAY_FS_METACOPY is not set
+# CONFIG_OVERLAY_FS is not set
-CONFIG_SHIFT_FS=m
-CONFIG_SHIFT_FS_POSIX_ACL=y
+# CONFIG_SHIFT_FS is not set
Stefan Metzmacher [Fri, 21 Oct 2022 13:45:28 +0000 (15:45 +0200)]
IORING_SEND_ZC_REPORT_USAGE
Stefan Metzmacher [Thu, 29 Sep 2022 06:43:54 +0000 (08:43 +0200)]
config-6.0.0-rc7-metze.01 rebased on v6.0-rc7 + origin/master
c3e0e1e23c70455916ff3472072437b3605c6cfe
Stefan Metzmacher [Thu, 29 Sep 2022 07:22:20 +0000 (09:22 +0200)]
io_ring_ctx->__spare_list
Stefan Metzmacher [Sat, 24 Sep 2022 13:33:57 +0000 (15:33 +0200)]
config-6.0.0-rc6-metze.02 rebase on kernel-dk-block/for-6.1/io_uring
Stefan Metzmacher [Thu, 22 Sep 2022 09:46:42 +0000 (11:46 +0200)]
config-6.0.0-rc6-metze.01
Stefan Metzmacher [Fri, 16 Sep 2022 06:20:57 +0000 (08:20 +0200)]
config-6.0.0-rc5-metze.08
Stefan Metzmacher [Thu, 1 Sep 2022 12:21:12 +0000 (14:21 +0200)]
io_uring: introduce io_uring_probe_op.op_features
This will allow us to specify per operation feature bits,
in order to let userspace figure out addtitional features for
an existing opcode over time.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Fri, 19 Aug 2022 11:56:26 +0000 (13:56 +0200)]
.not_supported
Jens Axboe [Fri, 18 Dec 2020 22:12:46 +0000 (15:12 -0700)]
net: wire up support for file_operations->uring_cmd()
Pass it through the proto_ops->uring_cmd() handler, so we can plumb it
through all the way to the proto->uring_cmd() handler later
as required.
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 25 Mar 2021 10:54:23 +0000 (11:54 +0100)]
TODO io_uring_livepatch io_uring_livepatch_io_nop[_prep]
Build your main kernel with this patch.
Then you should be able to easily modify it.
I typically use a script like this:
> cat build-load-linux-io_uring_livepatch.sh
set -x
rsync -a -P --delete-after /root/linux.git/fs/ /root/tmp-io_uring_livepatch-build/fs/
rsync -a -P --delete-after /root/linux.git/include/ /root/tmp-io_uring_livepatch-build/include/
rsync -a -P --delete-after /root/linux.git/io_uring/ /root/tmp-io_uring_livepatch-build/io_uring/
rsync -a -P --delete-after /root/linux.git/io_uring_livepatch/ /root/tmp-io_uring_livepatch-build/io_uring_livepatch/
pushd /root/tmp-io_uring_livepatch-build/io_uring_livepatch/ && {
make rmmod
sleep 1
rmmod io_uring_livepatch
sleep 1
rmmod io_uring_livepatch
sleep 1
rmmod io_uring_livepatch
sleep 1
rmmod io_uring_livepatch
sleep 1
make insmod_unsigned
}
Stefan Metzmacher [Thu, 29 Sep 2022 06:59:36 +0000 (08:59 +0200)]
io_uring: add header gards to internal header files
This is not strictly needed, but it makes it easier to
create livepatches in order to prototype io_uring fixes.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Fri, 16 Sep 2022 04:52:01 +0000 (06:52 +0200)]
scripts/mod/modpost.c MAX_UNRESOLVED_REPORTS»·10000
Stefan Metzmacher [Thu, 15 Sep 2022 23:55:15 +0000 (01:55 +0200)]
config-6.0.0-rc5-metze.07
Stefan Metzmacher [Thu, 15 Sep 2022 23:52:13 +0000 (01:52 +0200)]
config-6.0.0-rc5-metze.06
Stefan Metzmacher [Thu, 15 Sep 2022 12:43:56 +0000 (14:43 +0200)]
git rm debian/rules
Stefan Metzmacher [Thu, 15 Sep 2022 11:53:05 +0000 (13:53 +0200)]
config-6.0.0-rc5-metze.05
Stefan Metzmacher [Thu, 15 Sep 2022 11:13:36 +0000 (13:13 +0200)]
config-6.0.0-rc5-metze.04
Stefan Metzmacher [Thu, 15 Sep 2022 10:07:14 +0000 (12:07 +0200)]
config-6.0.0-rc5-metze.03
Stefan Metzmacher [Thu, 15 Sep 2022 07:19:17 +0000 (09:19 +0200)]
config-6.0.0-rc5-metze.02
Stefan Metzmacher [Mon, 1 Nov 2021 08:28:51 +0000 (09:28 +0100)]
zero_fops generic_file_splice_read???
Stefan Metzmacher [Tue, 13 Sep 2022 04:59:20 +0000 (06:59 +0200)]
config-6.0.0-rc5-metze.01 CONFIG_LOCALVERSION_AUTO=y
Stefan Metzmacher [Tue, 13 Sep 2022 06:05:40 +0000 (06:05 +0000)]
module_param(msg_zerocopy_loopback,...
Stefan Metzmacher [Tue, 13 Sep 2022 05:33:50 +0000 (07:33 +0200)]
net/ipv4/tcp.c SPLICE_F_NONBLOCK SPLICE_F_WAITALL
Stefan Metzmacher [Tue, 13 Sep 2022 04:35:24 +0000 (06:35 +0200)]
config-6.0.0-1003-oem
Stefan Metzmacher [Tue, 13 Sep 2022 04:25:06 +0000 (06:25 +0200)]
$(EXTRAVERSION)-metze.01
Timo Aaltonen [Wed, 21 Sep 2022 15:19:22 +0000 (18:19 +0300)]
UBUNTU: Ubuntu-oem-6.0-6.0.0-1004.4
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Wed, 21 Sep 2022 13:27:11 +0000 (16:27 +0300)]
UBUNTU: [Config] update configs and annotations after rebase to 6.0-rc5
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Wed, 21 Sep 2022 13:24:14 +0000 (16:24 +0300)]
UBUNTU: link-to-tracker: update tracking bug
BugLink: https://bugs.launchpad.net/bugs/1990391
Properties: no-test-build
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Wed, 21 Sep 2022 11:53:52 +0000 (14:53 +0300)]
UBUNTU: Start new release
Ignore: yes
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Gayatri Kammela [Tue, 30 Aug 2022 18:20:01 +0000 (11:20 -0700)]
UBUNTU: SAUCE: platform/x86/intel: pmc/core: Add Raptor Lake support to pmc core driver
BugLink: https://bugs.launchpad.net/bugs/1988461
Add Raptor Lake client parts (both RPL and RPL_S) support to pmc core
driver. Raptor Lake client parts reuse all the Alder Lake PCH IPs.
Cc: Srinivas Pandruvada <srinivas.pandruvada@intel.com>
Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Cc: David Box <david.e.box@intel.com>
Signed-off-by: Gayatri Kammela <gayatri.kammela@linux.intel.com>
(backported from https://lore.kernel.org/platform-driver-x86/
20220830182001.
3693030-1-gayatri.kammela@linux.intel.com/raw)
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
You-Sheng Yang (vicamo) [Tue, 13 Sep 2022 18:28:14 +0000 (02:28 +0800)]
UBUNTU: SAUCE: platform/x86: int3472: support independent clock and LED GPIOs
BugLink: https://bugs.launchpad.net/bugs/1989046
(backported from https://github.com/intel/ipu6-drivers/blob/
2b8a592dc63e117d8f5af5f32a10d7e0651832d2/patch/int3472-support-independent-clock-and-LED-gpios-5.17+.patch)
Signed-off-by: You-Sheng Yang (vicamo) <vicamo.yang@canonical.com>
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Hui Wang [Wed, 14 Sep 2022 05:16:19 +0000 (13:16 +0800)]
UBUNTU: [Config] Enable audio for AMD PinkSardine
BugLink: https://bugs.launchpad.net/bugs/1989518
Signed-off-by: Hui Wang <hui.wang@canonical.com>
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Tue, 6 Sep 2022 08:33:24 +0000 (11:33 +0300)]
UBUNTU: Ubuntu-oem-6.0-6.0.0-1003.3
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Tue, 6 Sep 2022 08:30:54 +0000 (11:30 +0300)]
UBUNTU: link-to-tracker: update tracking bug
BugLink: https://bugs.launchpad.net/bugs/1988821
Properties: no-test-build
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
You-Sheng Yang (vicamo) [Tue, 6 Sep 2022 08:19:32 +0000 (16:19 +0800)]
UBUNTU: [Config] Disable IWLMEI
BugLink: https://bugs.launchpad.net/bugs/1987312
Signed-off-by: You-Sheng Yang (vicamo) <vicamo.yang@canonical.com>
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Tue, 6 Sep 2022 08:13:32 +0000 (11:13 +0300)]
UBUNTU: Start new release
Ignore: yes
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Tue, 6 Sep 2022 08:20:30 +0000 (11:20 +0300)]
UBUNTU: [Config] Enable CONFIG_AMD_PMF=m.
BugLink: https://bugs.launchpad.net/bugs/1987670
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Tue, 30 Aug 2022 09:09:51 +0000 (12:09 +0300)]
UBUNTU: Ubuntu-oem-6.0-6.0.0-1002.2
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Tue, 30 Aug 2022 09:07:03 +0000 (12:07 +0300)]
UBUNTU: [Config] update configs after rebase to 6.0-rc3
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Tue, 30 Aug 2022 08:59:56 +0000 (11:59 +0300)]
UBUNTU: link-to-tracker: update tracking bug
BugLink: https://bugs.launchpad.net/bugs/1988142
Properties: no-test-build
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Tue, 30 Aug 2022 08:07:44 +0000 (11:07 +0300)]
UBUNTU: Start new release
Ignore: yes
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Wed, 24 Aug 2022 11:43:56 +0000 (14:43 +0300)]
UBUNTU: Ubuntu-oem-6.0-6.0.0-1001.1
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Wed, 24 Aug 2022 08:22:36 +0000 (11:22 +0300)]
UBUNTU: link-to-tracker: update tracking bug
BugLink: https://bugs.launchpad.net/bugs/1987392
Properties: no-test-build
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Tue, 23 Aug 2022 12:41:48 +0000 (15:41 +0300)]
UBUNTU: [Config] Enable CONFIG_HSA_AMD_P2P
BugLink: https://bugs.launchpad.net/bugs/1987394
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Tue, 23 Aug 2022 09:25:07 +0000 (12:25 +0300)]
UBUNTU: [Config] Update after rebase to unstable.
Ignore: yes
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Wed, 17 Aug 2022 17:53:06 +0000 (20:53 +0300)]
UBUNTU: Start new release
Ignore: yes
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Wed, 17 Aug 2022 17:44:40 +0000 (20:44 +0300)]
UBUNTU: Packaging changes for oem flavour
Do the other changes, then
sed -i 's/amd64-generic/amd64-oem/' debian.oem/config/annotations
and finally run updateconfigs.
Ignore: yes
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Timo Aaltonen [Wed, 17 Aug 2022 17:19:53 +0000 (20:19 +0300)]
UBUNTU: Stub oem packaging
cp -r debian.master debian.oem
find debian.oem \
-name '*armhf*' \
-o -name '*arm64*' \
-o -name '*i386*' \
-o -name '*ppc64el*' \
-o -name '*x32*' \
-o -name '*riscv64*' \
-o -name '*s390x*' \
-o -name '*lowlatency*' \
-o -name '*lpae*' \
-o -name '*64k*' \
| xargs rm -r
find debian.oem | xargs rename 's/generic/oem/'
git add debian.oem
Ignore: yes
Signed-off-by: Timo Aaltonen <timo.aaltonen@canonical.com>
Andrea Righi [Tue, 20 Sep 2022 08:22:14 +0000 (10:22 +0200)]
UBUNTU: Ubuntu-unstable-6.0.0-8.8
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Tue, 20 Sep 2022 08:21:08 +0000 (10:21 +0200)]
UBUNTU: link-to-tracker: update tracking bug
BugLink: https://bugs.launchpad.net/bugs/1990101
Properties: no-test-build
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Tue, 20 Sep 2022 08:17:31 +0000 (10:17 +0200)]
UBUNTU: Rebase to v6.0-rc6
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Tue, 20 Sep 2022 08:16:27 +0000 (10:16 +0200)]
UBUNTU: Start new release
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 12 Sep 2022 12:03:55 +0000 (14:03 +0200)]
UBUNTU: Ubuntu-unstable-6.0.0-7.7
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 12 Sep 2022 11:57:34 +0000 (13:57 +0200)]
UBUNTU: [Config] update configs and annotations after rebase to 6.0-rc5
In particular drop CONFIG_ARM64_BTI_KERNEL that is not supported anymore
if the kernel is built with gcc, see:
c0a454b9044f ("arm64/bti: Disable in kernel BTI when cross section thunks are broken")
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 12 Sep 2022 11:59:05 +0000 (13:59 +0200)]
UBUNTU: [Packaging[ get rid of unnecessary 'set -x'
Drop a 'set -x' previously added for debugging purposes by commit
7339f2ad00dc ("UBUNTU: [Packaging]: always use fully qualified <triplet>-gcc-VER toolchain")
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 12 Sep 2022 11:56:32 +0000 (13:56 +0200)]
UBUNTU: debian/dkms-versions -- update from kernel-versions (main/master)
BugLink: https://bugs.launchpad.net/bugs/1786013
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 12 Sep 2022 09:53:29 +0000 (11:53 +0200)]
UBUNTU: link-to-tracker: update tracking bug
BugLink: https://bugs.launchpad.net/bugs/1989331
Properties: no-test-build
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 12 Sep 2022 09:51:44 +0000 (11:51 +0200)]
UBUNTU: Rebase to v6.0-rc5
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 12 Sep 2022 09:38:26 +0000 (11:38 +0200)]
UBUNTU: Start new release
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 12 Sep 2022 09:26:33 +0000 (11:26 +0200)]
UBUNTU: [Packaging] resync getabis
BugLink: https://bugs.launchpad.net/bugs/1786013
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Dimitri John Ledkov [Wed, 7 Sep 2022 11:23:43 +0000 (12:23 +0100)]
UBUNTU: debian/dkms-versions -- update from kernel-versions (main/master)
BugLink: https://bugs.launchpad.net/bugs/1786013
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Dimitri John Ledkov [Wed, 7 Sep 2022 11:21:15 +0000 (12:21 +0100)]
UBUNTU: [Packaging] Pass kernel build_arch to dkms
This enables dkms-build script to cross-compile dkms modules, for
example zfs during cross-build.
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Dimitri John Ledkov [Tue, 6 Sep 2022 14:14:47 +0000 (15:14 +0100)]
UBUNTU: debian/dkms-versions -- update from kernel-versions (main/master)
BugLink: https://bugs.launchpad.net/bugs/1786013
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Dimitri John Ledkov [Fri, 26 Aug 2022 14:31:28 +0000 (15:31 +0100)]
UBUNTU: [Config] Switch from DECOMP_SINGLE to DECOMP_MULTI_PERCPU
BugLink: https://bugs.launchpad.net/bugs/1980861
Overall MULTI_PERCPU has similar or better performance on the wide
range of instance types and squashfs filesystems.
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 5 Sep 2022 14:59:41 +0000 (16:59 +0200)]
UBUNTU: Ubuntu-unstable-6.0.0-6.6
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 5 Sep 2022 14:57:19 +0000 (16:57 +0200)]
UBUNTU: link-to-tracker: update tracking bug
BugLink: https://bugs.launchpad.net/bugs/1988706
Properties: no-test-build
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 5 Sep 2022 14:59:06 +0000 (16:59 +0200)]
UBUNTU: Rebase to v6.0-rc4
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 5 Sep 2022 14:55:12 +0000 (16:55 +0200)]
UBUNTU: Start new release
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 5 Sep 2022 14:54:21 +0000 (16:54 +0200)]
UBUNTU: [Packaging] fix URLs used to retrieve kernel ABI
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 5 Sep 2022 14:53:42 +0000 (16:53 +0200)]
UBUNTU: [Config] update toolchain versions
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 5 Sep 2022 13:48:10 +0000 (15:48 +0200)]
UBUNTU: [Config] enable security-related configs
Make sure that the following config options are enabled to provide an
additional level of security:
- CONFIG_ZERO_CALL_USED_REGS: automatically zero local registers on
function exit
- CONFIG_INIT_STACK_ALL_ZERO: automatically initialize variables
defined in the stack to zero
- CONFIG_SHADOW_CALL_STACK: enables compiler's Shadow Call Stack (see
https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html#Instrumentation-Options)
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 5 Sep 2022 05:58:35 +0000 (07:58 +0200)]
UBUNTU: [Packaging] temporarily disable signing for ppc64el and s390x
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Kuppuswamy Sathyanarayanan [Fri, 1 Jul 2022 03:10:56 +0000 (03:10 +0000)]
UBUNTU: SAUCE: selftests: tdx: Test GetReport TDX attestation feature
BugLink: https://bugs.launchpad.net/bugs/1988120
In TDX guest, attestation is used to verify the trustworthiness of a
TD. During the TD bring-up, Intel TDX module measures and records the
initial contents and configuration of TD, and at runtime, TD software
uses runtime measurement registers (RMTRs) to measure and record
details related to kernel image, command line params, ACPI tables,
initrd, etc. At TD runtime, Intel SGX attestation infrastructure is
re-used to attest to these measurement data.
First step in the TDX attestation process is to get the TDREPORT data.
It is a fixed size data structure generated by the TDX module which
includes the above mentioned measurements data, a MAC to protect the
integerity of the TDREPORT, and a 64-Byte of user specified data passed
during TDREPORT request which can uniquely identify the TDREPORT.
Intel's TDX guest driver exposes TDX_CMD_GET_REPORT IOCTL interface to
get the TDREPORT from the user space.
Add a kernel selftest module to test this ABI and verify the validity
of generated TDREPORT.
Reviewed-by: Tony Luck <tony.luck@intel.com>
Reviewed-by: Andi Kleen <ak@linux.intel.com>
Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
(cherry picked from https://lore.kernel.org/lkml/YwZbcpvmJt50YDa%2F@zn.tnic/T/#mcab45a43d062ba98e2c768c9667d965e34ee64e7)
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Kuppuswamy Sathyanarayanan [Tue, 17 Nov 2020 04:17:05 +0000 (04:17 +0000)]
UBUNTU: SAUCE: x86/tdx: Add TDX Guest attestation interface driver
BugLink: https://bugs.launchpad.net/bugs/1988120
In TDX guest, attestation is used to verify the trustworthiness of a TD
to other entities before provisioning secrets to the TD. Such attestation
process is required by 3rd party servers before sending sensitive
information to TD guests. One usage example is to get encryption keys
from the key server for mounting the encrypted rootfs or secondary drive.
During the TD launch, the initial contents and configuration of the TD
are recorded by the Intel TDX module in build time measurement register
(MRTD). It is a SHA384 digest created using data from TD private pages(
including TD firmware) and the configuration of the TD.
After TD build, run-time measurement registers (RTMRs) can be used by
the guest TD software to extend the TD measurements. TDX supports 4
RTMR registers, and TDG.MR.RTMR.EXTEND TDCALL is used to update the
RTMR registers securely. RTMRs are mainly used to record measurements
related to sections like the kernel image, command line parameters,
initrd, ACPI tables, firmware data, configuration firmware volume (CFV)
of TDVF, etc. For more details, please refer to TDX Virtual Firmware
design specification, sec titled "TD Measurement".
At TD runtime, the Intel TDX module reuses the Intel SGX attestation
infrastructure to provide support for attesting to these measurements
as described below.
The attestation process consists of two steps: TDREPORT generation and
Quote generation.
TDREPORT (TDREPORT_STRUCT) is a fixed-size data structure generated by
the TDX module which contains TD-specific information (such as TD
measurements), platform security version, and the MAC to protect the
integrity of the TDREPORT. The TD kernel uses TDCALL[TDG.MR.REPORT] to
get the TDREPORT from the TDX module. A user-provided 64-Byte
REPORTDATA is used as input and included in the TDREPORT. Typically it
can be some nonce provided by attestation service so the TDREPORT can
be verified uniquely. More details about TDREPORT can be found in
Intel TDX Module specification, section titled "TDG.MR.REPORT Leaf".
TDREPORT by design can only be verified on local platform as the MAC
key is bound to the platform. To support remote verification of the
TDREPORT, TDX leverages Intel SGX Quote Enclave (QE) to verify the
TDREPORT locally and convert it to a remote verifiable Quote.
After getting the TDREPORT, the second step of the attestation process
is to send it to the QE to generate the Quote. TDX doesn't support SGX
inside the TD, so the QE can be deployed in the host, or in another
legacy VM with SGX support. QE uses EVERIFYREPORT2 instruction to help
check the integrity of TDREPORT and if it is valid, a certified quote
signing key is used to sign the Quote. How to send the TDREPORT to QE
and receive the Quote is implementation and deployment specific.
Implement a basic TD guest misc driver to allow TD userspace to get the
TDREPORT. The TD userspace attestation software can get the TDREPORT
and then choose whatever communication channel available (i.e. vsock
or hypercall) to send the TDREPORT to QE and receive the Quote.
Also note that explicit access permissions are not enforced in this
driver because the quote and measurements are not a secret. However
the access permissions of the device node can be used to set any
desired access policy. The udev default is usually root access
only.
Operations like getting TDREPORT or Quote generation involves sending
a blob of data as input and getting another blob of data as output. It
was considered to use a sysfs interface for this, but it doesn't fit
well into the standard sysfs model for configuring values. It would be
possible to do read/write on files, but it would need multiple file
descriptors, which would be somewhat messy. IOCTLs seems to be the best
fitting and simplest model for this use case. This is similar to AMD
SEV platform, which also uses IOCTL interface to support attestation.
Any distribution enabling TDX is also expected to need attestation. So
enable it by default with TDX guest support.
Reviewed-by: Tony Luck <tony.luck@intel.com>
Reviewed-by: Andi Kleen <ak@linux.intel.com>
Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Kai Huang <kai.huang@intel.com>
Acked-by: Wander Lairson Costa <wander@redhat.com>
Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
(cherry picked from https://lore.kernel.org/lkml/YwZbcpvmJt50YDa%2F@zn.tnic/T/#mcab45a43d062ba98e2c768c9667d965e34ee64e7)
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 29 Aug 2022 07:18:39 +0000 (09:18 +0200)]
UBUNTU: Ubuntu-unstable-6.0.0-5.5
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 29 Aug 2022 07:18:03 +0000 (09:18 +0200)]
UBUNTU: [Config] update configs after rebase to 6.0-rc3
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 29 Aug 2022 07:16:57 +0000 (09:16 +0200)]
UBUNTU: link-to-tracker: update tracking bug
BugLink: https://bugs.launchpad.net/bugs/1988019
Properties: no-test-build
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 29 Aug 2022 07:14:44 +0000 (09:14 +0200)]
UBUNTU: Rebase to v6.0-rc3
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 29 Aug 2022 07:14:11 +0000 (09:14 +0200)]
UBUNTU: Start new release
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Dimitri John Ledkov [Thu, 25 Aug 2022 22:21:34 +0000 (23:21 +0100)]
UBUNTU: [Packaging] Remove circular dependency between image & modules
Currently we have circular dependencies between
linux-image-[unsigned]-ABI and linux-modules[-extra] packages.
Debian policy point of view this is bad and does lead to worse
dependency resolution cycles in apt upon kernel installs and upgrades,
but mostly harmless as apt has learned to deal with that a long time
ago.
It is harmful for kernels that have additional types of debs or snaps
that deliver vmlinux.
In addition to regular linux-image[-unsigned] we produce various FDE
linux-images like things with builtin initrds, i.e. linux-fde,
linux-uc22, FIT images etc. All of them vendor in vmlinuz, and do not
need to have linux-image[-unsigned] installed. They also often do not
want to pull in any of the bootloaders listed as recommends by the
linux-image-ABI package either, as they use alternative methods to
boot (i.e. gadget snap, nullboot, flashkernel, weird cloud firmware
provided stuff, etc).
Remove linux-modules[-extra] -> linux-image[-unsigned] dependency. Add
linux-modules-extra -> linux-modules dependency (because extra modules
use symbols from the regular modules package).
This will enable us to build clean meta-packages that pull in
appropriate image, fde, uc22, FIT kernel image with matching modules,
without installing redudant copies of vmlinux or bootloaders.
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Emil Renner Berthing [Wed, 24 Aug 2022 10:18:26 +0000 (12:18 +0200)]
UBUNTU: [Config] Set CONFIG_MTD_RAW_NAND=m for riscv64
BugLink: https://bugs.launchpad.net/bugs/1981437
These modules are built for all other architectures but s390x.
Let's build them for riscv64 too.
Signed-off-by: Emil Renner Berthing <emil.renner.berthing@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Emil Renner Berthing [Wed, 24 Aug 2022 10:18:25 +0000 (12:18 +0200)]
UBUNTU: [Config] Enable CONFIG_DTPM for riscv64
BugLink: https://bugs.launchpad.net/bugs/1981437
Enable power capping for the dynamic thermal power management for
riscv64. This option is not annotated, but let's enable it just like
all the other architectures.
Signed-off-by: Emil Renner Berthing <emil.renner.berthing@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Emil Renner Berthing [Wed, 24 Aug 2022 10:18:24 +0000 (12:18 +0200)]
UBUNTU: [Config] Enable CONFIG_DRM_RCAR_USE_LVDS for riscv64
BugLink: https://bugs.launchpad.net/bugs/1981437
This option is not annotated, but let's enable this feature for riscv64
like all the other architectures have.
Signed-off-by: Emil Renner Berthing <emil.renner.berthing@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Emil Renner Berthing [Wed, 24 Aug 2022 10:18:23 +0000 (12:18 +0200)]
UBUNTU: [Config] Align riscv64 CONFIG_LSM with other architectures
BugLink: https://bugs.launchpad.net/bugs/1981437
The CONFIG_LSM option for riscv64 is doesn't enable the landlock module
at boot. Add it and align riscv64 with all the other archituctures.
Signed-off-by: Emil Renner Berthing <emil.renner.berthing@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Dimitri John Ledkov [Thu, 25 Aug 2022 14:46:10 +0000 (15:46 +0100)]
UBUNTU: [Packaging] use unversioned default gcc
Whilst cbd/dkms/etc cannot yet dynamically install desired
build-dependencies, simply use the default gcc compiler without an
explicit features.
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Dimitri John Ledkov [Mon, 25 Jul 2022 17:15:13 +0000 (18:15 +0100)]
UBUNTU: [Packaging]: always use fully qualified <triplet>-gcc-VER toolchain
Always define $(gcc) variable and export it. Always use fully
qualified <triplet>-gcc-VER toolchains for native (GNU build) and
cross (GNU host) compilation. Generate matching build-dependencies for
native and cross builds.
This ensures that native and cross builds use the same fully qualified
toolchain binary, fixed in time, irrespective of gcc-defaults updates.
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Wed, 24 Aug 2022 13:10:24 +0000 (15:10 +0200)]
UBUNTU: Ubuntu-unstable-6.0.0-4.4
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Wed, 24 Aug 2022 12:55:53 +0000 (14:55 +0200)]
UBUNTU: link-to-tracker: update tracking bug
BugLink: https://bugs.launchpad.net/bugs/1987517
Properties: no-test-build
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Wed, 24 Aug 2022 11:44:33 +0000 (13:44 +0200)]
UBUNTU: Start new release
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Juerg Haefliger [Wed, 24 Aug 2022 11:09:06 +0000 (13:09 +0200)]
UBUNTU: [Packaging] getabis: Add modules.builtin to the ABI
Newer buildinfo packages provide a modules.builtin file. Process that file
when downloading the ABIs.
Signed-off-by: Juerg Haefliger <juerg.haefliger@canonical.com>
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Aaron Ma [Wed, 3 Aug 2022 07:55:00 +0000 (09:55 +0200)]
UBUNTU: SAUCE: igc: wait for the MAC copy when enabled MAC passthrough
BugLink: https://bugs.launchpad.net/bugs/1942999
Such as dock hot plug event when runtime, for hardware implementation,
the MAC copy takes less than one second when BIOS enabled MAC passthrough.
After test on Lenovo TBT4 dock, 600ms is enough to update the
MAC address.
Otherwise ethernet fails to work.
Link: https://lore.kernel.org/lkml/20210702045120.22855-2-aaron.ma@canonical.com/
Signed-off-by: Aaron Ma <aaron.ma@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
[note: this is a non-upstream work-around since upstream does not seem to be to hard
at work to do a proper fix]
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
Andrea Righi [Mon, 22 Aug 2022 07:09:27 +0000 (09:09 +0200)]
UBUNTU: Ubuntu-unstable-6.0.0-3.3
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 22 Aug 2022 06:51:17 +0000 (08:51 +0200)]
UBUNTU: link-to-tracker: update tracking bug
BugLink: https://bugs.launchpad.net/bugs/1987241
Properties: no-test-build
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 22 Aug 2022 06:40:21 +0000 (08:40 +0200)]
UBUNTU: [Config] update toolchain version
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 22 Aug 2022 07:05:40 +0000 (09:05 +0200)]
UBUNTU: [Config] disable CONFIG_QETH_OSX on s390x
BugLink: https://bugs.launchpad.net/bugs/1959890
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 22 Aug 2022 06:39:45 +0000 (08:39 +0200)]
UBUNTU: Rebase to v6.0-rc2
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 22 Aug 2022 06:39:20 +0000 (08:39 +0200)]
UBUNTU: Start new release
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Andrea Righi [Mon, 22 Aug 2022 06:35:10 +0000 (08:35 +0200)]
UBUNTU: [Packaging] update variants
BugLink: https://bugs.launchpad.net/bugs/1786013
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>