From: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
To: grub-devel@gnu.org
Cc: dja@axtens.net, jan.setjeeilers@oracle.com,
julian.klode@canonical.com, mate.kukri@canonical.com,
pjones@redhat.com, Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Subject: [PATCH v0 0/2] Secure Boot Advanced Targeting (SBAT) support on powerpc
Date: Wed, 17 Apr 2024 01:24:18 +0530 [thread overview]
Message-ID: <20240416195420.3963675-1-sudhakar@linux.ibm.com> (raw)
This patch set contains the v0 for Secure Boot Advanced Targeting (SBAT) support on powerpc secure boot.
In powerpc, PE format Binary are not supported and can't use shim (https://github.com/rhboot/shim/blob/main/SBAT.md).
However, ELF binary are supported. So, we created new ELF note for SBAT in ELF binary which store the SBAT data and
SBAT verifier will be there in firmware to read SBAT data from ELF note and validate it.
this patch series consists of 2 parts:
1) Patch 1: create new ELF Note for SBAT
we add a new ELF note for SBAT which store the SBAT data.
The name field of shall be the string "Secure-Boot-Advanced-Targeting", zero-padded
to 4 byte alignment. The type field shall be 0x41536967 (the ASCII values
for the string "sbat").
2) Patch 2: adding sbat data into sbat ELF Note
it reads the SBAT data from sbat.csv and create the ELF Note for it then
store the SBAT data on it while generate image with -s option
Sudhakar Kuppusamy and Daniel Axtens (2):
mkimage: create new ELF Note for SBAT
mkimage: adding sbat data into sbat ELF Note on powerpc
include/grub/util/mkimage.h | 4 +--
util/grub-mkimagexx.c | 61 ++++++++++++++++++++++++++++++++++---
util/mkimage.c | 21 ++++++++++---
3 files changed, 74 insertions(+), 12 deletions(-)
--
2.39.3
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
next reply other threads:[~2024-04-16 19:56 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-16 19:54 Sudhakar Kuppusamy [this message]
2024-04-16 19:54 ` [PATCH v0 1/2] mkimage: create new ELF Note for SBAT Sudhakar Kuppusamy
-- strict thread matches above, loose matches on Subject: below --
2024-04-16 19:57 [PATCH v0 0/2] Secure Boot Advanced Targeting (SBAT) support on powerpc Sudhakar Kuppusamy
2024-05-10 8:39 ` Michael Chang via Grub-devel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240416195420.3963675-1-sudhakar@linux.ibm.com \
--to=sudhakar@linux.ibm.com \
--cc=dja@axtens.net \
--cc=grub-devel@gnu.org \
--cc=jan.setjeeilers@oracle.com \
--cc=julian.klode@canonical.com \
--cc=mate.kukri@canonical.com \
--cc=pjones@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).