linux

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-01-08 14:23:19 +00:00

History

Jiri Bohac 99d5cadfde kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE This is a preparatory patch for kexec_file_load() lockdown. A locked down kernel needs to prevent unsigned kernel images from being loaded with kexec_file_load(). Currently, the only way to force the signature verification is compiling with KEXEC_VERIFY_SIG. This prevents loading usigned images even when the kernel is not locked down at runtime. This patch splits KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE. Analogous to the MODULE_SIG and MODULE_SIG_FORCE for modules, KEXEC_SIG turns on the signature verification but allows unsigned images to be loaded. KEXEC_SIG_FORCE disallows images without a valid signature. Signed-off-by: Jiri Bohac <jbohac@suse.cz> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> cc: kexec@lists.infradead.org Signed-off-by: James Morris <jmorris@namei.org>		2019-08-19 21:54:15 -07:00
..
acpi	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441	2019-06-05 17:37:17 +02:00
asm-generic	security: Support early LSMs	2019-08-19 21:54:15 -07:00
clocksource	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234	2019-06-19 17:09:07 +02:00
crypto	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
drm	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
dt-bindings	Minor RISC-V fixes and one defconfig update for the v5.2-rc series.	2019-06-29 17:04:21 +08:00
keys	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441	2019-06-05 17:37:17 +02:00
kvm	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234	2019-06-19 17:09:07 +02:00
linux	kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE	2019-08-19 21:54:15 -07:00
math-emu	math-emu: Use statement expressions to fix Wshift-count-overflow warning	2019-05-31 15:23:25 +08:00
media	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
memory	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
misc	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
net	ipv6: constify rt6_nexthop()	2019-06-26 13:26:08 -07:00
pcmcia	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
ras
rdma	SPDX update for 5.2-rc4	2019-06-08 12:52:42 -07:00
scsi	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 335	2019-06-05 17:37:06 +02:00
soc	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
sound	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
target	scsi: target/iscsi: Handle too large immediate data buffers correctly	2019-04-12 20:20:06 -04:00
trace	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 284	2019-06-05 17:36:37 +02:00
uapi	SPDX update for 5.2-rc6	2019-06-21 09:58:42 -07:00
video	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
xen	block: pass page to xen_biovec_phys_mergeable	2019-04-01 12:11:13 -06:00