© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
f33e652
(Get the code!)
I had a first glimpse at the patches/commits, and found out that:
The following commits are already in 'focal' aka 20.04 (even in master, hence they are in the current focal kernel):
8c655784e2cf "integrity: Define a trusted platform keyring"
f218a29c25ad "ima: Support platform keyring for kernel appraisal"
467d27824920 "ima: carry the measurement list across kexec"
So these can be considered as done.
The following commits are yet neither in the linux tree, nor in linux-next:
"ima: arch specific policy support"
"Appended signatures support for IMA appraisal"
"TPM 2.0 Multibank extend support"
"TPM 2.0 Eventlog support"
"kexec_file_load system call support"
I assume they are currently on a staging tree?!
And the two TBDs are not ready, yet, but probably in the works.
Please notice that the patches need to be upstream (accepted) for Canonical to be able to pick them up.
And they need to apply cleanly on top of the target kernel's master-next tree (in this case 'focal' master-next):
git clone https:/
Due to the fact that there seems to be still some work needed,
and because the patches look pretty significant and touch common-code
and that we are already quite late in the 'focal' development cycle,
I'm not sure if it will be possible to get them into the initial release version of 20.04.
But at the end it depends on the (upstream) availability and the Canonical kernel team.
As soon as all commits/patches are available and apply cleanly,
I'll submit a request to the Canonical kernel team's mailing list and a decision will finally be made by the kernel team.
For now I'm setting the status to Incomplete.