Linus Torvalds bf2431021c EFI updates for v5.19 ... - Allow runtime services to be re-enabled at boot on RT kernels. - Provide access to secrets injected into the boot image by CoCo hypervisors (COnfidential COmputing) - Use DXE services on x86 to make the boot image executable after relocation, if needed. - Prefer mirrored memory for randomized allocations. - Only randomize the placement of the kernel image on arm64 if the loader has not already done so. - Add support for obtaining the boot hartid from EFI on RISC-V. -----BEGIN PGP SIGNATURE----- iQGzBAABCgAdFiEE+9lifEBpyUIVN1cpw08iOZLZjyQFAmKHRF4ACgkQw08iOZLZ jyTAlQv9GSctgp3ItPEG7/dF90f2u/ezaqiyLt1ug3cnOrzZL6cbaQPJt/XtxeMY XA4eO8aNrMyioClKu2+KEqQgIiNc30HgwOWMxfZpWBWLVlrx5PhvTbwJB6Wfb8r3 WFze5lc6X2Yttp3jxUU9jLUTPVTJx8SjyhGwBXbzN63aiGv8+bGjD5e4pPg1axP/ HvUwVpRzK5uU0ju1IM7BPvIjjAOiciwC+KbLjj8Hm++LIbwju7QHlJWy9oMKD1X5 yuZsIan2dTM+4OclTji7HlSg6c4IFlhMj7GHGJD62aWNyM0/tZokOCIVY1wITXyS KRsxag4gjtkVBRNvAHsRsYe3aZ+jQ5DzhGEGTipNGnj3b8FOecuWFSn5a/aMdNkV kMSOAbdjZu8xGllroFWS199BamCb6SHijnbv8EzeWNgJXofwxn8vumdgxXZuHIe9 md1gP2QIuo3/R15zcgy54buB11JD4PeDV7NuovuTQUzFuvsIyIKbEkLMBwEl3j4N TIlijEyI =xqxQ -----END PGP SIGNATURE----- Merge tag 'efi-next-for-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi Pull EFI updates from Ard Biesheuvel: - Allow runtime services to be re-enabled at boot on RT kernels. - Provide access to secrets injected into the boot image by CoCo hypervisors (COnfidential COmputing) - Use DXE services on x86 to make the boot image executable after relocation, if needed. - Prefer mirrored memory for randomized allocations. - Only randomize the placement of the kernel image on arm64 if the loader has not already done so. - Add support for obtaining the boot hartid from EFI on RISC-V. * tag 'efi-next-for-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi: riscv/efi_stub: Add support for RISCV_EFI_BOOT_PROTOCOL efi: stub: prefer mirrored memory for randomized allocations efi/arm64: libstub: run image in place if randomized by the loader efi: libstub: pass image handle to handle_kernel_image() efi: x86: Set the NX-compatibility flag in the PE header efi: libstub: ensure allocated memory to be executable efi: libstub: declare DXE services table efi: Add missing prototype for efi_capsule_setup_info docs: security: Add secrets/coco documentation efi: Register efi_secret platform device if EFI secret area is declared virt: Add efi_secret module to expose confidential computing secrets efi: Save location of EFI confidential computing area efi: Allow to enable EFI runtime services by default on RT		2022-05-23 11:27:24 -07:00
..
keys	KEYS: encrypted: Instantiate key with user-provided decrypted data	2022-02-21 19:47:45 -05:00
secrets	docs: security: Add secrets/coco documentation	2022-04-13 19:11:20 +02:00
tpm	Documentation: drop optional BOMs	2021-05-10 15:17:34 -06:00
credentials.rst	Documentation: remove current_security() reference	2020-09-09 11:33:59 -06:00
digsig.rst	docs: move digsig docs to the security book	2020-05-15 12:03:48 -06:00
IMA-templates.rst	doc: Fix warning in Documentation/security/IMA-templates.rst	2021-06-08 16:29:10 -04:00
index.rst	docs: security: Add secrets/coco documentation	2022-04-13 19:11:20 +02:00
landlock.rst	docs: security: landlock.rst: avoid using ReST :doc:foo markup	2021-06-17 13:24:39 -06:00
lsm-development.rst	Documentation: Replace lkml.org links with lore	2021-01-11 12:47:38 -07:00
lsm.rst	Documentation: LSM: Correct the basic LSM description	2020-05-25 18:59:59 -06:00
sak.rst	docs: security: move some books to it and update	2019-07-15 11:03:01 -03:00
SCTP.rst	docs: fix 'make htmldocs' warning in SCTP.rst	2022-02-28 11:09:10 -05:00
self-protection.rst	docs: update self-protection __ro_after_init status	2021-12-10 14:02:06 -07:00
siphash.rst	Documentation: siphash: disambiguate HalfSipHash algorithm from hsiphash functions	2022-04-25 17:26:40 +02:00