Linux v4.2-11142-gb0a1ea51bda4
This commit is contained in:
Josh Boyer
parent
c369ee79aa
commit
d6943bfa1c
|
|
@ -1,4 +1,4 @@
|
||||||
From b890a85619bee4262876ad131eb0565014ae82b0 Mon Sep 17 00:00:00 2001
|
From 2246a781c8dbb1207a0b0abbfae201f998c3954b Mon Sep 17 00:00:00 2001
|
||||||
From: Josh Boyer <jwboyer@fedoraproject.org>
|
From: Josh Boyer <jwboyer@fedoraproject.org>
|
||||||
Date: Fri, 26 Oct 2012 12:42:16 -0400
|
Date: Fri, 26 Oct 2012 12:42:16 -0400
|
||||||
Subject: [PATCH] MODSIGN: Import certificates from UEFI Secure Boot
|
Subject: [PATCH] MODSIGN: Import certificates from UEFI Secure Boot
|
||||||
|
|
@ -26,12 +26,12 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
|
||||||
create mode 100644 kernel/modsign_uefi.c
|
create mode 100644 kernel/modsign_uefi.c
|
||||||
|
|
||||||
diff --git a/include/linux/efi.h b/include/linux/efi.h
|
diff --git a/include/linux/efi.h b/include/linux/efi.h
|
||||||
index 414c3c3d988d..d920a6be6c8b 100644
|
index 85ef051ac6fb..a042b2ece788 100644
|
||||||
--- a/include/linux/efi.h
|
--- a/include/linux/efi.h
|
||||||
+++ b/include/linux/efi.h
|
+++ b/include/linux/efi.h
|
||||||
@@ -601,6 +601,12 @@ void efi_native_runtime_setup(void);
|
@@ -600,6 +600,12 @@ typedef struct {
|
||||||
#define EFI_CERT_X509_GUID \
|
u64 table;
|
||||||
EFI_GUID( 0xa5c059a1, 0x94e4, 0x4aa7, 0x87, 0xb5, 0xab, 0x15, 0x5c, 0x2b, 0xf0, 0x72 )
|
} efi_config_table_64_t;
|
||||||
|
|
||||||
+#define EFI_IMAGE_SECURITY_DATABASE_GUID \
|
+#define EFI_IMAGE_SECURITY_DATABASE_GUID \
|
||||||
+ EFI_GUID( 0xd719b2cb, 0x3d3a, 0x4596, 0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f )
|
+ EFI_GUID( 0xd719b2cb, 0x3d3a, 0x4596, 0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f )
|
||||||
|
|
@ -41,12 +41,12 @@ index 414c3c3d988d..d920a6be6c8b 100644
|
||||||
+
|
+
|
||||||
typedef struct {
|
typedef struct {
|
||||||
efi_guid_t guid;
|
efi_guid_t guid;
|
||||||
u64 table;
|
u32 table;
|
||||||
diff --git a/init/Kconfig b/init/Kconfig
|
diff --git a/init/Kconfig b/init/Kconfig
|
||||||
index 782d26f02885..bcc71c2f4b80 100644
|
index 02da9f1fd9df..90c73a0564b1 100644
|
||||||
--- a/init/Kconfig
|
--- a/init/Kconfig
|
||||||
+++ b/init/Kconfig
|
+++ b/init/Kconfig
|
||||||
@@ -1933,6 +1933,15 @@ config MODULE_SIG_ALL
|
@@ -1924,6 +1924,15 @@ config MODULE_SIG_ALL
|
||||||
comment "Do not forget to sign required modules with scripts/sign-file"
|
comment "Do not forget to sign required modules with scripts/sign-file"
|
||||||
depends on MODULE_SIG_FORCE && !MODULE_SIG_ALL
|
depends on MODULE_SIG_FORCE && !MODULE_SIG_ALL
|
||||||
|
|
||||||
|
|
@ -63,7 +63,7 @@ index 782d26f02885..bcc71c2f4b80 100644
|
||||||
prompt "Which hash algorithm should modules be signed with?"
|
prompt "Which hash algorithm should modules be signed with?"
|
||||||
depends on MODULE_SIG
|
depends on MODULE_SIG
|
||||||
diff --git a/kernel/Makefile b/kernel/Makefile
|
diff --git a/kernel/Makefile b/kernel/Makefile
|
||||||
index e0d7587e7684..566ac6bb720c 100644
|
index d4988410b410..55e886239e7e 100644
|
||||||
--- a/kernel/Makefile
|
--- a/kernel/Makefile
|
||||||
+++ b/kernel/Makefile
|
+++ b/kernel/Makefile
|
||||||
@@ -47,6 +47,7 @@ endif
|
@@ -47,6 +47,7 @@ endif
|
||||||
|
|
@ -73,8 +73,8 @@ index e0d7587e7684..566ac6bb720c 100644
|
||||||
+obj-$(CONFIG_MODULE_SIG_UEFI) += modsign_uefi.o
|
+obj-$(CONFIG_MODULE_SIG_UEFI) += modsign_uefi.o
|
||||||
obj-$(CONFIG_KALLSYMS) += kallsyms.o
|
obj-$(CONFIG_KALLSYMS) += kallsyms.o
|
||||||
obj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o
|
obj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o
|
||||||
obj-$(CONFIG_KEXEC) += kexec.o
|
obj-$(CONFIG_KEXEC_CORE) += kexec_core.o
|
||||||
@@ -101,6 +102,8 @@ obj-$(CONFIG_TORTURE_TEST) += torture.o
|
@@ -103,6 +104,8 @@ obj-$(CONFIG_TORTURE_TEST) += torture.o
|
||||||
|
|
||||||
obj-$(CONFIG_HAS_IOMEM) += memremap.o
|
obj-$(CONFIG_HAS_IOMEM) += memremap.o
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -5543,6 +5543,8 @@ CONFIG_ZSMALLOC=y
|
||||||
# CONFIG_ZSMALLOC_STAT is not set
|
# CONFIG_ZSMALLOC_STAT is not set
|
||||||
# CONFIG_PGTABLE_MAPPING is not set
|
# CONFIG_PGTABLE_MAPPING is not set
|
||||||
|
|
||||||
|
# CONFIG_IDLE_PAGE_TRACKING is not set
|
||||||
|
|
||||||
# CONFIG_MDIO_GPIO is not set
|
# CONFIG_MDIO_GPIO is not set
|
||||||
# CONFIG_KEYBOARD_GPIO is not set
|
# CONFIG_KEYBOARD_GPIO is not set
|
||||||
# CONFIG_KEYBOARD_GPIO_POLLED is not set
|
# CONFIG_KEYBOARD_GPIO_POLLED is not set
|
||||||
|
|
|
||||||
|
|
@ -67,7 +67,7 @@ Summary: The Linux kernel
|
||||||
# The rc snapshot level
|
# The rc snapshot level
|
||||||
%define rcrev 0
|
%define rcrev 0
|
||||||
# The git snapshot level
|
# The git snapshot level
|
||||||
%define gitrev 12
|
%define gitrev 13
|
||||||
# Set rpm version accordingly
|
# Set rpm version accordingly
|
||||||
%define rpmversion 4.%{upstream_sublevel}.0
|
%define rpmversion 4.%{upstream_sublevel}.0
|
||||||
%endif
|
%endif
|
||||||
|
|
@ -2044,6 +2044,9 @@ fi
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Sep 11 2015 Josh Boyer <jwboyer@fedoraproject.org> - 4.3.0-0.rc0.git13.1
|
||||||
|
- Linux v4.2-11142-gb0a1ea51bda4
|
||||||
|
|
||||||
* Fri Sep 11 2015 Josh Boyer <jwboyer@fedoraproject.org> - 4.3.0-0.rc0.git12.1
|
* Fri Sep 11 2015 Josh Boyer <jwboyer@fedoraproject.org> - 4.3.0-0.rc0.git12.1
|
||||||
- Linux v4.2-10963-g519f526d391b
|
- Linux v4.2-10963-g519f526d391b
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
From 1fc498d024c07e39105c060603e40cb7bc6bd5b8 Mon Sep 17 00:00:00 2001
|
From 6306cad6e5663424c08e5ebdfdcfd799c5537bfe Mon Sep 17 00:00:00 2001
|
||||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||||
Date: Fri, 9 Aug 2013 03:33:56 -0400
|
Date: Fri, 9 Aug 2013 03:33:56 -0400
|
||||||
Subject: [PATCH 08/20] kexec: Disable at runtime if the kernel enforces module
|
Subject: [PATCH] kexec: Disable at runtime if the kernel enforces module
|
||||||
loading restrictions
|
loading restrictions
|
||||||
|
|
||||||
kexec permits the loading and execution of arbitrary code in ring 0, which
|
kexec permits the loading and execution of arbitrary code in ring 0, which
|
||||||
|
|
@ -14,18 +14,18 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
||||||
1 file changed, 8 insertions(+)
|
1 file changed, 8 insertions(+)
|
||||||
|
|
||||||
diff --git a/kernel/kexec.c b/kernel/kexec.c
|
diff --git a/kernel/kexec.c b/kernel/kexec.c
|
||||||
index a785c1015e25..81d6b404f33c 100644
|
index 4c5edc357923..db431971dbd4 100644
|
||||||
--- a/kernel/kexec.c
|
--- a/kernel/kexec.c
|
||||||
+++ b/kernel/kexec.c
|
+++ b/kernel/kexec.c
|
||||||
@@ -36,6 +36,7 @@
|
@@ -10,6 +10,7 @@
|
||||||
#include <linux/syscore_ops.h>
|
#include <linux/mm.h>
|
||||||
#include <linux/compiler.h>
|
#include <linux/file.h>
|
||||||
#include <linux/hugetlb.h>
|
#include <linux/kexec.h>
|
||||||
+#include <linux/module.h>
|
+#include <linux/module.h>
|
||||||
|
#include <linux/mutex.h>
|
||||||
#include <asm/page.h>
|
#include <linux/list.h>
|
||||||
#include <asm/uaccess.h>
|
#include <linux/syscalls.h>
|
||||||
@@ -1258,6 +1259,13 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
|
@@ -133,6 +134,13 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
|
||||||
return -EPERM;
|
return -EPERM;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
||||||
2
sources
2
sources
|
|
@ -1,3 +1,3 @@
|
||||||
3d5ea06d767e2f35c999eeadafc76523 linux-4.2.tar.xz
|
3d5ea06d767e2f35c999eeadafc76523 linux-4.2.tar.xz
|
||||||
4c964bfba54d65b5b54cc898baddecad perf-man-4.2.tar.gz
|
4c964bfba54d65b5b54cc898baddecad perf-man-4.2.tar.gz
|
||||||
7a96be9e875ddaa706c969d7d7c5e4db patch-4.2-git12.xz
|
1682b6f2a10f97fee392d0ab40b17632 patch-4.2-git13.xz
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue