[Kernel-packages] [Bug 1643652] Re: [17.04 FEAT] Build IMA and the TPM device drivers into the KVM on POWER host/NV kernel

Mon, 28 Nov 2016 13:01:17 -0800 

** Also affects: linux (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Zesty)
   Importance: High
     Assignee: Canonical Kernel Team (canonical-kernel-team)
       Status: Triaged

** Also affects: linux (Ubuntu Yakkety)
   Importance: Undecided
       Status: New

** Changed in: linux (Ubuntu Xenial)
       Status: New => In Progress

** Changed in: linux (Ubuntu Xenial)
     Assignee: (unassigned) => Tim Gardner (timg-tpi)

** Changed in: linux (Ubuntu Yakkety)
       Status: New => In Progress

** Changed in: linux (Ubuntu Yakkety)
     Assignee: (unassigned) => Tim Gardner (timg-tpi)

** Changed in: linux (Ubuntu Zesty)
       Status: Triaged => Fix Committed

** Changed in: linux (Ubuntu Zesty)
     Assignee: Canonical Kernel Team (canonical-kernel-team) => Tim Gardner 
(timg-tpi)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1643652

Title:
  [17.04 FEAT] Build IMA and the TPM device drivers into the KVM on
  POWER host/NV kernel

Status in linux package in Ubuntu:
  Fix Committed
Status in linux source package in Xenial:
  In Progress
Status in linux source package in Yakkety:
  In Progress
Status in linux source package in Zesty:
  Fix Committed

Bug description:
  Update the kernel config such that the I2C TPM device drivers and
  their dependencies are built into the kernel so that IMA can start
  measuring from the first file the kernel loads from storage:

  CONFIG_TCG_TPM=y
  CONFIG_TCG_TIS_I2C_ATMEL=y
  CONFIG_TCG_TIS_I2C_INFINEON=y
  CONFIG_TCG_TIS_I2C_NUVOTON=y

  Also update IMA and EVM config options and their dependencies such
  that IMA and EVM are enabled:

  CONFIG_IMA=y
  CONFIG_IMA_MEASURE_PCR_IDX=10
  CONFIG_IMA_LSM_RULES=y
  CONFIG_IMA_SIG_TEMPLATE=y
  CONFIG_IMA_DEFAULT_TEMPLATE="ima-sig"
  CONFIG_IMA_DEFAULT_HASH_SHA256=y
  CONFIG_IMA_DEFAULT_HASH="sha256"
  CONFIG_IMA_READ_POLICY=y
  CONFIG_IMA_APPRAISE=y
  CONFIG_IMA_TRUSTED_KEYRING=y
  CONFIG_IMA_LOAD_X509=y
  CONFIG_IMA_X509_PATH="y"
  CONFIG_EVM=y
  CONFIG_EVM_ATTR_FSUUID=y
  CONFIG_EVM_LOAD_X509=y
  CONFIG_EVM_X509_PATH="y"

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1643652/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to