crypto: ccp: Implement CSV_HGSC_CERT_IMPORT ioctl command #342
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hygon inclusion category: feature CVE: NA --------------------------- The CSV_HGSC_CERT_IMPORT command can be used to import hygon general secure cert to the Secure Proccessor, to enable Hygon Secure Functions, such as CSV, TPM, TPCM, TDM. Signed-off-by: fangbaoshun <fangbaoshun@hygon.cn> Signed-off-by: hanliyang <hanliyang@hygon.cn>
deepin pr auto review关键摘要:
是否建议立即修改: |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Avenger-285714
merged commit eb71f89
into
deepin-community:linux-6.6.y
4 of 5 checks passed
opsiff
pushed a commit
to opsiff/UOS-kernel
that referenced
this pull request
Jul 29, 2024
[ Upstream commit 5f1d18de79180deac2822c93e431bbe547f7d3ce ] Add a test case which replaces an active ingress qdisc while keeping the miniq in-tact during the transition period to the new clsact qdisc. # ./vmtest.sh -- ./test_progs -t tc_link [...] ./test_progs -t tc_link [ 3.412871] bpf_testmod: loading out-of-tree module taints kernel. [ 3.413343] bpf_testmod: module verification failed: signature and/or required key missing - tainting kernel deepin-community#332 tc_links_after:OK deepin-community#333 tc_links_append:OK deepin-community#334 tc_links_basic:OK deepin-community#335 tc_links_before:OK deepin-community#336 tc_links_chain_classic:OK deepin-community#337 tc_links_chain_mixed:OK deepin-community#338 tc_links_dev_chain0:OK deepin-community#339 tc_links_dev_cleanup:OK deepin-community#340 tc_links_dev_mixed:OK deepin-community#341 tc_links_ingress:OK deepin-community#342 tc_links_invalid:OK deepin-community#343 tc_links_prepend:OK deepin-community#344 tc_links_replace:OK deepin-community#345 tc_links_revision:OK Summary: 14/0 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Cc: Martin KaFai Lau <martin.lau@kernel.org> Link: https://lore.kernel.org/r/20240708133130.11609-2-daniel@iogearbox.net Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> (cherry picked from commit e41db26543ef24b6906a832f73119cfadcd99f35)
Avenger-285714
pushed a commit
that referenced
this pull request
Aug 12, 2024
[ Upstream commit 5f1d18de79180deac2822c93e431bbe547f7d3ce ] Add a test case which replaces an active ingress qdisc while keeping the miniq in-tact during the transition period to the new clsact qdisc. # ./vmtest.sh -- ./test_progs -t tc_link [...] ./test_progs -t tc_link [ 3.412871] bpf_testmod: loading out-of-tree module taints kernel. [ 3.413343] bpf_testmod: module verification failed: signature and/or required key missing - tainting kernel #332 tc_links_after:OK #333 tc_links_append:OK #334 tc_links_basic:OK #335 tc_links_before:OK #336 tc_links_chain_classic:OK #337 tc_links_chain_mixed:OK #338 tc_links_dev_chain0:OK #339 tc_links_dev_cleanup:OK #340 tc_links_dev_mixed:OK #341 tc_links_ingress:OK #342 tc_links_invalid:OK #343 tc_links_prepend:OK #344 tc_links_replace:OK #345 tc_links_revision:OK Summary: 14/0 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Cc: Martin KaFai Lau <martin.lau@kernel.org> Link: https://lore.kernel.org/r/20240708133130.11609-2-daniel@iogearbox.net Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> (cherry picked from commit e41db26543ef24b6906a832f73119cfadcd99f35)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hygon General Security Certificates (HGSC) are the basic certificates that enable Hygon CPUs' security functions. The security functions, such as CSV, will not work until the HGSC is imported.
Test reference: see the comments in https://gitee.com/openeuler/kernel/issues/I98M2W
hygon inclusion
category: feature
CVE: NA
The CSV_HGSC_CERT_IMPORT command can be used to import hygon general secure cert to the Secure Proccessor, to enable Hygon Secure Functions, such as CSV, TPM, TPCM, TDM.
Link: https://gitee.com/deepin-kernelsig/kernel/pulls/3