From b07f54352e180803ae2820a9d0e800fd070876c4 Mon Sep 17 00:00:00 2001 From: Josh Boyer Date: Wed, 31 Oct 2012 13:38:31 -0400 Subject: [PATCH] Update secure boot hibernate patch to include swsusp --- kernel.spec | 9 +++++--- ...121026.patch => secure-boot-20121031.patch | 22 +++++++++++++++++-- 2 files changed, 26 insertions(+), 5 deletions(-) rename secure-boot-20121026.patch => secure-boot-20121031.patch (98%) diff --git a/kernel.spec b/kernel.spec index 7a463f524..06ffc06a7 100644 --- a/kernel.spec +++ b/kernel.spec @@ -62,7 +62,7 @@ Summary: The Linux kernel # For non-released -rc kernels, this will be appended after the rcX and # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3" # -%global baserelease 1 +%global baserelease 2 %global fedora_build %{baserelease} # base_sublevel is the kernel version we're starting with and patching @@ -688,7 +688,7 @@ Patch800: linux-2.6-crash-driver.patch Patch900: modsign-post-KS-jwb.patch # secure boot -Patch1000: secure-boot-20121026.patch +Patch1000: secure-boot-20121031.patch # Improve PCI support on UEFI Patch1100: handle-efi-roms.patch @@ -1406,7 +1406,7 @@ ApplyPatch linux-2.6-e1000-ich9-montevina.patch ApplyPatch modsign-post-KS-jwb.patch # secure boot -ApplyPatch secure-boot-20121026.patch +ApplyPatch secure-boot-20121031.patch # Improved PCI support for UEFI ApplyPatch handle-efi-roms.patch @@ -2317,6 +2317,9 @@ fi # ||----w | # || || %changelog +* Wed Oct 31 2012 Josh Boyer +- Update secure boot hibernate patch to include swsusp + * Tue Oct 30 2012 Josh Boyer - 3.7.0-0.rc3.git1.1 - Linux v3.7-rc3-8-g35fd3dc - Reenable debugging options. diff --git a/secure-boot-20121026.patch b/secure-boot-20121031.patch similarity index 98% rename from secure-boot-20121026.patch rename to secure-boot-20121031.patch index 1c5059431..0f22b3697 100644 --- a/secure-boot-20121026.patch +++ b/secure-boot-20121031.patch @@ -1306,7 +1306,8 @@ index 0000000..049669d -- 1.7.12.1 -From d037dc552a62b1dd39b457e10c133a4509b0efc3 Mon Sep 17 00:00:00 2001 + +From 924e09f1b267c407ca037171bc6f8f90b09265d6 Mon Sep 17 00:00:00 2001 From: Josh Boyer Date: Fri, 26 Oct 2012 14:02:09 -0400 Subject: [PATCH] hibernate: Disable in a Secure Boot environment @@ -1318,9 +1319,12 @@ a Secure Boot environment. Signed-off-by: Josh Boyer --- + v2: Updated to include swsup after feedback from Jiri Kosina + kernel/power/hibernate.c | 14 +++++++++++++- kernel/power/main.c | 4 +++- - 2 files changed, 16 insertions(+), 2 deletions(-) + kernel/power/user.c | 3 +++ + 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c index b26f5f1..f04343b 100644 @@ -1383,6 +1387,20 @@ index f458238..72580c1 100644 #else if (s != buf) /* convert the last space to a newline */ +diff --git a/kernel/power/user.c b/kernel/power/user.c +index 4ed81e7..b11a0f4 100644 +--- a/kernel/power/user.c ++++ b/kernel/power/user.c +@@ -48,6 +48,9 @@ static int snapshot_open(struct inode *inode, struct file *filp) + struct snapshot_data *data; + int error; + ++ if (!capable(CAP_COMPROMISE_KERNEL)) ++ return -EPERM; ++ + lock_system_sleep(); + + if (!atomic_add_unless(&snapshot_device_available, -1, 0)) { -- 1.7.12.1