I had a look at our 'Ubuntu unstable' 5.10 tree: https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/unstable
(that will once become the hirsute/21.04 kernel)
And found that the commit 61f879d97ce4 "powerpc/pseries: Detect secure and trusted boot state of the system" is already in (like expected, since it was upstream accepted with 5.9).
So that's good.
The CONFIG_IMA_X509_PATH is set to "/etc/keys/x509_ima.der" and CONFIG_IMA_LOAD_X509 is active ('y') for ppc64el - both was done based on LP 1643652.
And the CONFIG_SYSTEM_TRUSTED_KEYS is currently set to "".
That let's me think that there is not much to do on this particular ticket. right now.
I had a look at our 'Ubuntu unstable' 5.10 tree: /git.launchpad. net/~ubuntu- kernel/ ubuntu/ +source/ linux/+ git/unstable
https:/
(that will once become the hirsute/21.04 kernel)
And found that the commit 61f879d97ce4 "powerpc/pseries: Detect secure and trusted boot state of the system" is already in (like expected, since it was upstream accepted with 5.9).
So that's good.
The CONFIG_ IMA_X509_ PATH is set to "/etc/keys/ x509_ima. der" and CONFIG_ IMA_LOAD_ X509 is active ('y') for ppc64el - both was done based on LP 1643652.
And the CONFIG_ SYSTEM_ TRUSTED_ KEYS is currently set to "".
That let's me think that there is not much to do on this particular ticket. right now.