Ubuntu
linux package

  1. Bug #1903288
  2. Comment #7

Comment 7 for bug 1903288

Revision history for this message
Frank Heimes (fheimes) wrote : Re: Power guest secure boot with static keys: kernel portion

I had a look at our 'Ubuntu unstable' 5.10 tree:
https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/unstable
(that will once become the hirsute/21.04 kernel)
And found that the commit 61f879d97ce4 "powerpc/pseries: Detect secure and trusted boot state of the system" is already in (like expected, since it was upstream accepted with 5.9).
So that's good.

The CONFIG_IMA_X509_PATH is set to "/etc/keys/x509_ima.der" and CONFIG_IMA_LOAD_X509 is active ('y') for ppc64el - both was done based on LP 1643652.

And the CONFIG_SYSTEM_TRUSTED_KEYS is currently set to "".

That let's me think that there is not much to do on this particular ticket. right now.