rpms
/
kernel
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
5,490 Commits 69 Branches 0 Tags 274 MiB
Commit Graph

21 Commits

Author SHA1 Message Date
Justin M. Forbes 48b75e92d6 Linux v5.7-rc1 2020-04-13 09:05:29 -05:00
Justin M. Forbes 4c49e1a1c3 Fix typo in secureboot patch 2020-04-01 17:02:45 -05:00
Justin M. Forbes 661a43444c Linux v5.6-5611-g1a323ea5356e 2020-04-01 16:38:37 -05:00
Justin M. Forbes 9949db6070 Linux v5.6-2405-gcad18da0afb1 2020-03-31 16:16:04 -05:00
Jeremy Cline aca1c25ebf Switch Secure Boot to lock down in integrity mode (rhbz 1815571) 2020-03-20 17:56:53 -04:00
Jeremy Cline f15fea450f Linux v5.5-3996-gb3a608222336 2020-01-29 12:22:59 -05:00
Justin M. Forbes 3cdb1db179 Convert pr_warning to pr_warn 2019-12-10 11:42:32 -06:00
Justin M. Forbes fa3a43c8e6 Linux v5.4-5280-g89d57dddd7d3 2019-11-27 13:03:10 -06:00
Jeremy Cline 391323a40e Linux v5.4-rc2-20-geda57a0e4299 2019-10-08 17:00:22 +00:00
Jeremy Cline e21e52b608 Linux v5.3-13236-g97f9a3c4eee5 
This is a first pass at getting the secureboot patches working with the
upstream lockdown patches that got merged. The final patch from our
lockdown set is the sysrq patch which also needs work. For the present
it is not applied.
 2019-10-01 14:20:23 +00:00
Jeremy Cline 021611765e Linux v5.3-2061-gad062195731b 2019-09-17 21:22:39 +00:00
Justin M. Forbes ead55fdbc7 Linux v5.2-rc3-37-g156c05917e09 2019-06-06 11:22:11 -05:00
Justin M. Forbes 2b2a5f0a2e Linux v5.1-1199-g71ae5fc87c34 2019-05-07 12:04:31 -05:00
Jeremy Cline 8f968e6f02 Linux v5.1-rc6 2019-04-22 14:20:15 +00:00
Jeremy Cline 26a34633c2 Fix up the kexec IMA patch 2019-04-15 18:43:41 +00:00
Jeremy Cline 4b5e4234be Rebase the kernel lockdown patch set 
Use the latest version of the kernel lockdown patch set. This includes a
few configuration renames:

CONFIG_KEXEC_VERIFY_SIG became CONFIG_KEXEC_SIG and
CONFIG_KEXEC_SIG_FORCE was added. CONFIG_KEXEC_SIG_FORCE=n because the
"kexec_file: Restrict at runtime if the kernel is locked down" patch
enforces the signature requirement when the kernel is locked down.

CONFIG_LOCK_DOWN_MANDATORY got renamed to CONFIG_LOCK_DOWN_KERNEL_FORCE
and remains false as LOCK_DOWN_IN_EFI_SECURE_BOOT covers enabling it for
EFI Secure Boot users.

Finally, the SysRq patches got dropped for the present.
 2019-04-15 12:15:16 -04:00
Jeremy Cline edfbff22b4 Linux v5.0-10360-g12ad143e1b80 2019-03-11 17:30:38 +00:00
Laura Abbott 16332ac6b7 Linux v5.0-rc7 2019-02-17 20:10:42 -08:00
Laura Abbott c97d3b0f76 Linux v4.20-9163-g195303136f19 2018-12-30 09:30:50 -08:00
Jeremy Cline c8f9da6523
Resolve a conflict in the efi secureboot patch set 2018-11-19 11:33:38 -05:00
Justin M. Forbes bbfe8b3016 Secure Boot updates 2018-06-11 15:35:41 -05:00