[GIT PULL] EFI updates for v6.9

Ard Biesheuvel <ardb+git@xxxxxxxxxx> · Tue, 12 Mar 2024 18:51:32 +0100

From: Ard Biesheuvel <ardb@xxxxxxxxxx>

Hello Linus,

Please pull the EFI changes below.

The following changes since commit 841c35169323cd833294798e58b9bf63fa4fa1de:

  Linux 6.8-rc4 (2024-02-11 12:18:13 -0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git tags/efi-next-for-v6.9

for you to fetch changes up to 021bc4b9d7ed8dcc90dc288e59f120fa6e3087dc:

  virt: efi_secret: Convert to platform remove callback returning void (2024-03-09 11:37:18 +0100)

----------------------------------------------------------------
EFI updates for v6.9:

- Measure initrd and command line using the CC protocol if the ordinary
  TCG2 protocol is not implemented, typically on TDX confidential VMs

- Avoid creating mappings that are both writable and executable while
  running in the EFI boot services. This is a prerequisite for getting
  the x86 shim loader signed by MicroSoft again, which allows the
  distros to install on x86 PCs that ship with EFI secure boot enabled.

- API update for struct platform_driver::remove()

----------------------------------------------------------------
Ard Biesheuvel (4):
      efi/libstub: Use TPM event typedefs from the TCG PC Client spec
      efi/tpm: Use symbolic GUID name from spec for final events table
      efi/libstub: Measure into CC protocol if TCG2 protocol is absent
      x86/efistub: Remap kernel text read-only before dropping NX attribute

Kuppuswamy Sathyanarayanan (2):
      efi/libstub: Add Confidential Computing (CC) measurement typedefs
      efi/libstub: Add get_event_log() support for CC platforms

Uwe Kleine-König (1):
      virt: efi_secret: Convert to platform remove callback returning void

 arch/x86/boot/compressed/Makefile              |  2 +-
 arch/x86/boot/compressed/misc.c                |  1 +
 arch/x86/include/asm/boot.h                    |  1 +
 drivers/firmware/efi/efi.c                     |  3 +-
 drivers/firmware/efi/libstub/efi-stub-helper.c | 98 ++++++++++++++++++--------
 drivers/firmware/efi/libstub/efi-stub.c        |  2 +-
 drivers/firmware/efi/libstub/efistub.h         | 95 +++++++++++++++++++++++--
 drivers/firmware/efi/libstub/tpm.c             | 82 +++++++++++++--------
 drivers/firmware/efi/libstub/x86-stub.c        | 13 +++-
 drivers/virt/coco/efi_secret/efi_secret.c      |  5 +-
 include/linux/efi.h                            |  4 +-
 11 files changed, 234 insertions(+), 72 deletions(-)