Changes in Kconfig

f4b369c6fe0ceaba2da2daff8c9eb415f85926dd - Merge branch 'next' into for-linus

Mon, 20 Apr 2026 03:28:57 +0200

Merge branch 'next' into for-linusPrepare input updates for 7.1 merge window. List of files: /linux/security/keys/trusted-keys/Kconfig

0421ccdfad0d92713a812a5aeb7d07b0ea7213c8 - Merge tag 'v7.0-rc3' into next

Thu, 12 Mar 2026 18:44:42 +0100

Merge tag 'v7.0-rc3' into nextSync up with the mainline to brig up the latest changes, specificallychanges to ALPS driver. List of files: /linux/security/keys/trusted-keys/Kconfig

42d3b66d4cdbacfc9d120d2301b8de89cc29a914 - Merge drm/drm-next into drm-xe-next

Thu, 12 Mar 2026 15:17:56 +0100

Merge drm/drm-next into drm-xe-nextBackmerging to bring in 7.00-rc3. Important ahead GPU SVM merging THPsupport.Signed-off-by: Matthew Brost List of files: /linux/security/keys/trusted-keys/Kconfig

f09812b85fa6f41058bcc46e70ac406bf9b0493a - Merge drm/drm-next into drm-intel-next

Wed, 25 Feb 2026 12:23:04 +0100

Merge drm/drm-next into drm-intel-nextSync with v7.0-rc1 which contains a few treewide changes affecting i915.Signed-off-by: Jani Nikula List of files: /linux/security/keys/trusted-keys/Kconfig

8b85987d3cf50178f67618122d9f3bb202f62f42 - Merge drm/drm-next into drm-misc-next

Mon, 23 Feb 2026 11:48:20 +0100

Merge drm/drm-next into drm-misc-nextLet's merge 7.0-rc1 to start the new drm-misc-next windowSigned-off-by: Maxime Ripard List of files: /linux/security/keys/trusted-keys/Kconfig

c17ee635fd3a482b2ad2bf5e269755c2eae5f25e - Merge drm/drm-fixes into drm-misc-fixes

Mon, 23 Feb 2026 10:09:45 +0100

Merge drm/drm-fixes into drm-misc-fixes7.0-rc1 was just released, let's merge it to kick the new release cycle.Signed-off-by: Maxime Ripard List of files: /linux/security/keys/trusted-keys/Kconfig

192c0159402e6bfbe13de6f8379546943297783d - Merge tag 'powerpc-7.0-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Wed, 11 Feb 2026 06:46:12 +0100

Merge tag 'powerpc-7.0-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linuxPull powerpc updates for 7.0 - Implement masked user access - Add bpf support for internal only per-CPU instructions and inline the bpf_get_smp_processor_id() and bpf_get_current_task() functions - Fix pSeries MSI-X allocation failure when quota is exceeded - Fix recursive pci_lock_rescan_remove locking in EEH event handling - Support tailcalls with subprogs & BPF exceptions on 64bit - Extend "trusted" keys to support the PowerVM Key Wrapping Module (PKWM)Thanks to Abhishek Dubey, Christophe Leroy, Gaurav Batra, Guangshuo Li,Jarkko Sakkinen, Mahesh Salgaonkar, Mimi Zohar, Miquel Sabaté Solà, NamCao, Narayana Murty N, Nayna Jain, Nilay Shroff, Puranjay Mohan, SaketKumar Bhaskar, Sourabh Jain, Srish Srinivasan, and Venkat Rao Bagalkote.* tag 'powerpc-7.0-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux: (27 commits) powerpc/pseries: plpks: export plpks_wrapping_is_supported docs: trusted-encryped: add PKWM as a new trust source keys/trusted_keys: establish PKWM as a trusted source pseries/plpks: add HCALLs for PowerVM Key Wrapping Module pseries/plpks: expose PowerVM wrapping features via the sysfs powerpc/pseries: move the PLPKS config inside its own sysfs directory pseries/plpks: fix kernel-doc comment inconsistencies powerpc/smp: Add check for kcalloc() failure in parse_thread_groups() powerpc: kgdb: Remove OUTBUFMAX constant powerpc64/bpf: Additional NVR handling for bpf_throw powerpc64/bpf: Support exceptions powerpc64/bpf: Add arch_bpf_stack_walk() for BPF JIT powerpc64/bpf: Avoid tailcall restore from trampoline powerpc64/bpf: Support tailcalls with subprogs powerpc64/bpf: Moving tail_call_cnt to bottom of frame powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling powerpc/pseries: Fix MSI-X allocation failure when quota is exceeded powerpc/iommu: bypass DMA APIs for coherent allocations for pre-mapped memory powerpc64/bpf: Inline bpf_get_smp_processor_id() and bpf_get_current_task/_btf() powerpc64/bpf: Support internal-only MOV instruction to resolve per-CPU addrs ... List of files: /linux/security/keys/trusted-keys/Kconfig

c99fcb0d735bdb6f06dfe6eb7134d5d988d32dae - keys/trusted_keys: establish PKWM as a trusted source

Tue, 27 Jan 2026 15:52:27 +0100

keys/trusted_keys: establish PKWM as a trusted sourceThe wrapping key does not exist by default and is generated by thehypervisor as a part of PKWM initialization. This key is then persisted bythe hypervisor and is used to wrap trusted keys. These are variable lengthsymmetric keys, which in the case of PowerVM Key Wrapping Module (PKWM) aregenerated using the kernel RNG. PKWM can be used as a trust source throughthe following example keyctl commands:keyctl add trusted my_trusted_key "new 32" @uUse the wrap_flags command option to set the secure boot requirement forthe wrapping request through the following keyctl commandscase1: no secure boot requirement. (default)keyctl usage: keyctl add trusted my_trusted_key "new 32" @u OR keyctl add trusted my_trusted_key "new 32 wrap_flags=0x00" @ucase2: secure boot required to in either audit or enforce mode. set bit 0keyctl usage: keyctl add trusted my_trusted_key "new 32 wrap_flags=0x01" @ucase3: secure boot required to be in enforce mode. set bit 1keyctl usage: keyctl add trusted my_trusted_key "new 32 wrap_flags=0x02" @uNOTE:-> Setting the secure boot requirement is NOT a must.-> Only either of the secure boot requirement options should be set. Notboth.-> All the other bits are required to be not set.-> Set the kernel parameter trusted.source=pkwm to choose PKWM as thebackend for trusted keys implementation.-> CONFIG_PSERIES_PLPKS must be enabled to build PKWM.Add PKWM, which is a combination of IBM PowerVM and Power LPAR PlatformKeyStore, as a new trust source for trusted keys.Signed-off-by: Srish Srinivasan Tested-by: Nayna Jain Reviewed-by: Mimi Zohar Reviewed-by: Nayna Jain Reviewed-by: Jarkko Sakkinen Signed-off-by: Madhavan Srinivasan Link: https://patch.msgid.link/20260127145228.48320-6-ssrish@linux.ibm.com List of files: /linux/security/keys/trusted-keys/Kconfig

a4a508df2aa34f8650afde54ea804321c618f45f - Merge tag 'v6.18' into next

Sat, 13 Dec 2025 10:18:20 +0100

Merge tag 'v6.18' into nextSync up with the mainline to bring in the latest APIs. List of files: /linux/security/keys/trusted-keys/Kconfig

cb9f145f638d7afa633632a9290d6ad06caeb8ee - Merge remote-tracking branch 'drm/drm-next' into msm-next-robclark

Sat, 01 Nov 2025 13:47:30 +0100

Merge remote-tracking branch 'drm/drm-next' into msm-next-robclarkBack-merge drm-next to get caught up.Signed-off-by: Rob Clark List of files: /linux/security/keys/trusted-keys/Kconfig

82ee50252dc891e3f3b32d923bb4f656d300b772 - Merge drm/drm-next into drm-xe-next

Tue, 14 Oct 2025 11:31:49 +0200

Merge drm/drm-next into drm-xe-nextBackmerging to bring in 6.18-rc1.Signed-off-by: Thomas Hellström List of files: /linux/security/keys/trusted-keys/Kconfig

2acee98fcc61052d63fab4539fcb6ee677555645 - Merge drm/drm-next into drm-intel-next

Tue, 14 Oct 2025 09:37:11 +0200

Merge drm/drm-next into drm-intel-nextSync to v6.18-rc1.Signed-off-by: Jani Nikula List of files: /linux/security/keys/trusted-keys/Kconfig

9b966ae42235a88eaea714be09ff3d698535bdfe - Merge drm/drm-next into drm-misc-next

Mon, 13 Oct 2025 09:19:19 +0200

Merge drm/drm-next into drm-misc-nextUpdating drm-misc-next to the state of v6.18-rc1.Signed-off-by: Thomas Zimmermann List of files: /linux/security/keys/trusted-keys/Kconfig

39e9d5f63075f4d54e3b59b8238478c32af92755 - Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf before 6.18-rc1

Sun, 12 Oct 2025 03:27:47 +0200

Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf before 6.18-rc1Cross-merge BPF and other fixes after downstream PR.No conflicts.Signed-off-by: Alexei Starovoitov List of files: /linux/security/keys/trusted-keys/Kconfig

2ace52718376fdb56aca863da2eebe70d7e2ddb1 - Merge branch 'objtool/core'

Fri, 21 Nov 2025 11:21:20 +0100

Merge branch 'objtool/core'Bring in the UDB and objtool data annotations to avoid conflicts while further extending the bug exceptions.Signed-off-by: Peter Zijlstra List of files: /linux/security/keys/trusted-keys/Kconfig

f39b6c468c52745dbca9a842d91c8373fda208ab - Merge tag 'v6.18-rc6' into for-linus

Tue, 18 Nov 2025 08:16:55 +0100

Merge tag 'v6.18-rc6' into for-linusSync up with the mainline to bring in definition ofINPUT_PROP_HAPTIC_TOUCHPAD. List of files: /linux/security/keys/trusted-keys/Kconfig

4f38da1f027ea2c9f01bb71daa7a299c191b6940 - spi: Merge up v6.18-rc1

Mon, 13 Oct 2025 14:32:13 +0200

spi: Merge up v6.18-rc1Ensure my CI has a sensible baseline. List of files: /linux/security/keys/trusted-keys/Kconfig

ec2e0fb07d789976c601bec19ecced7a501c3705 - Merge tag 'asoc-fix-v6.18-rc1' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus

Thu, 16 Oct 2025 20:14:24 +0200

Merge tag 'asoc-fix-v6.18-rc1' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linusASoC: Fixes for v6.18A moderately large collection of driver specific fixes, plus a few newquirks and device IDs. The NAU8821 changes are a little large but morein mechanical ways than in ways that are complex. List of files: /linux/security/keys/trusted-keys/Kconfig

48a710760e10a4f36e11233a21860796ba204b1e - Merge drm/drm-fixes into drm-misc-fixes

Tue, 14 Oct 2025 10:59:58 +0200

Merge drm/drm-fixes into drm-misc-fixesUpdating drm-misc-fixes to the state of v6.18-rc1.Signed-off-by: Thomas Zimmermann List of files: /linux/security/keys/trusted-keys/Kconfig

b4e5bb555594826bb98aaf8bcd9f957f0428cb07 - Merge tag 'keys-next-6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd

Sun, 05 Oct 2025 00:23:29 +0200

Merge tag 'keys-next-6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmddPull keys updates from Jarkko Sakkinen: "A few minor updates/fixes for keys"* tag 'keys-next-6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd: security: keys: use menuconfig for KEYS symbol KEYS: encrypted: Use SHA-256 library instead of crypto_shash KEYS: trusted_tpm1: Move private functionality out of public header KEYS: trusted_tpm1: Use SHA-1 library instead of crypto_shash KEYS: trusted_tpm1: Compare HMAC values in constant time List of files: /linux/security/keys/trusted-keys/Kconfig