kernel

Commit Graph

Author	SHA1	Message	Date
Jeremy Cline	e21e52b608	Linux v5.3-13236-g97f9a3c4eee5 This is a first pass at getting the secureboot patches working with the upstream lockdown patches that got merged. The final patch from our lockdown set is the sysrq patch which also needs work. For the present it is not applied.	2019-10-01 14:20:23 +00:00
Jeremy Cline	3313b2c332	Check module signatures with the platform keyring (if enabled) Upstream has made a keyring to the platform keys. The "KEYS: Allow unrestricted boot-time addition of keys to secondary keyring" is available upstream for the platform keyring. The only issue is that module signatures aren't checked with the platform keyring, so this introduces a patch to add that which has been sent upstream. At least our carried-patch count hasn't gone up.	2019-04-23 14:21:09 +00:00

Author

SHA1

Message

Date

Jeremy Cline

e21e52b608

Linux v5.3-13236-g97f9a3c4eee5

This is a first pass at getting the secureboot patches working with the
upstream lockdown patches that got merged. The final patch from our
lockdown set is the sysrq patch which also needs work. For the present
it is not applied.

2019-10-01 14:20:23 +00:00

Jeremy Cline

3313b2c332

Check module signatures with the platform keyring (if enabled)

Upstream has made a keyring to the platform keys. The "KEYS: Allow
unrestricted boot-time addition of keys to secondary keyring" is
available upstream for the platform keyring.

The only issue is that module signatures aren't checked with the
platform keyring, so this introduces a patch to add that which has been
sent upstream. At least our carried-patch count hasn't gone up.

2019-04-23 14:21:09 +00:00

2 Commits