Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-12-28 16:56:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Linux kernel stable tree
1,201,549 Commits 106 Branches 5,179 Tags 6 GiB
C 97.5%
Assembly 1%
Shell 0.6%
Python 0.3%
Makefile 0.3%
218a268062
Go to file
Eric Snowberg 218a268062 certs: Reference revocation list for all keyrings 
Systems booted with shim have a Forbidden Signature Database called mokx.
During boot, hashes and certs contained within the mokx are loaded into the
blacklist keyring.  When calling verify_pkcs7_message_sig the contents of
the blacklist keyring (or revocation list) are referenced when validating
keys on the platform keyring. Currently, when validating against the
secondary or builtin keyrings, the revocation list is not referenced.  Move
up the check to allow the revocation list to be used with all keyrings,
including the secondary and builtin, allowing the system owner to take
corrective action should a vulnerability be found within keys contained
within either keyring.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
2023-08-17 20:12:41 +00:00
arch parisc: Fix CONFIG_TLB_PTLOCK to work with lightweight spinlock checks 2023-08-14 09:54:49 +02:00
block block-6.5-2023-08-11 2023-08-11 12:14:08 -07:00
certs certs: Reference revocation list for all keyrings 2023-08-17 20:12:41 +00:00
crypto KEYS: DigitalSignature link restriction 2023-08-17 20:12:20 +00:00
Documentation tpm_tis: Revert "tpm_tis: Disable interrupts on ThinkPad T490s" 2023-08-17 15:53:09 +00:00
drivers tpm/tpm_tis_synquacer: Use module_platform_driver macro to simplify the code 2023-08-17 20:12:41 +00:00
fs three smb client fixes, all for stable 2023-08-15 20:00:40 +00:00
include integrity: PowerVM support for loading third party code signing keys 2023-08-17 20:12:35 +00:00
init Kbuild updates for v6.5 2023-07-01 09:24:31 -07:00
io_uring io_uring/parisc: Adjust pgoff in io_uring mmap() for parisc 2023-08-08 12:37:01 -06:00
ipc Merge branch 'work.namespace' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2023-02-24 19:20:07 -08:00
kernel Power management fixes for 6.5-rc6 2023-08-11 12:24:22 -07:00
lib 14 hotfixes. 11 of these are cc:stable and the remainder address post-6.4 2023-08-11 14:19:20 -07:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
mm 14 hotfixes. 11 of these are cc:stable and the remainder address post-6.4 2023-08-11 14:19:20 -07:00
net sunrpc: set the bv_offset of first bvec in svc_tcp_sendmsg 2023-08-14 15:02:25 -04:00
rust rust: fix bindgen build error with UBSAN_BOUNDS_STRICT 2023-08-04 17:10:50 +02:00
samples arm64: ftrace: Add direct call trampoline samples support 2023-07-10 17:51:54 -04:00
scripts Kbuild fixes for v6.5 (2nd) 2023-08-13 08:56:24 -07:00
security KEYS: Replace all non-returning strlcpy with strscpy 2023-08-17 20:12:35 +00:00
sound ASoC: Fixes for v6.5 2023-07-27 14:54:23 +02:00
tools Char/Misc driver fixes for 6.5-rc6 2023-08-12 09:03:15 -07:00
usr initramfs: Encode dependency on KBUILD_BUILD_TIMESTAMP 2023-06-06 17:54:49 +09:00
virt KVM: Grab a reference to KVM for VM and vCPU stats file descriptors 2023-07-29 11:05:28 -04:00
.clang-format iommu: Add for_each_group_device() 2023-05-23 08:15:51 +02:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore Revert ".gitignore: ignore *.cover and *.mbx" 2023-07-04 15:05:12 -07:00
.mailmap mailmap: update remaining active codeaurora.org email addresses 2023-07-27 13:07:05 -07:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS - Address -Wmissing-prototype warnings 2023-06-26 16:43:54 -07:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS virtio: bugfixes 2023-08-15 06:03:44 +00:00
Makefile Linux 6.5-rc6 2023-08-13 11:29:55 -07:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.