Commit Graph

10 Commits

Author SHA1 Message Date
Justin M. Forbes
ead55fdbc7 Linux v5.2-rc3-37-g156c05917e09 2019-06-06 11:22:11 -05:00
Justin M. Forbes
2b2a5f0a2e Linux v5.1-1199-g71ae5fc87c34 2019-05-07 12:04:31 -05:00
Jeremy Cline
8f968e6f02 Linux v5.1-rc6 2019-04-22 14:20:15 +00:00
Jeremy Cline
26a34633c2 Fix up the kexec IMA patch 2019-04-15 18:43:41 +00:00
Jeremy Cline
4b5e4234be Rebase the kernel lockdown patch set
Use the latest version of the kernel lockdown patch set. This includes a
few configuration renames:

CONFIG_KEXEC_VERIFY_SIG became CONFIG_KEXEC_SIG and
CONFIG_KEXEC_SIG_FORCE was added. CONFIG_KEXEC_SIG_FORCE=n because the
"kexec_file: Restrict at runtime if the kernel is locked down" patch
enforces the signature requirement when the kernel is locked down.

CONFIG_LOCK_DOWN_MANDATORY got renamed to CONFIG_LOCK_DOWN_KERNEL_FORCE
and remains false as LOCK_DOWN_IN_EFI_SECURE_BOOT covers enabling it for
EFI Secure Boot users.

Finally, the SysRq patches got dropped for the present.
2019-04-15 12:15:16 -04:00
Jeremy Cline
edfbff22b4 Linux v5.0-10360-g12ad143e1b80 2019-03-11 17:30:38 +00:00
Laura Abbott
16332ac6b7 Linux v5.0-rc7 2019-02-17 20:10:42 -08:00
Laura Abbott
c97d3b0f76 Linux v4.20-9163-g195303136f19 2018-12-30 09:30:50 -08:00
Jeremy Cline
c8f9da6523
Resolve a conflict in the efi secureboot patch set 2018-11-19 11:33:38 -05:00
Justin M. Forbes
bbfe8b3016 Secure Boot updates 2018-06-11 15:35:41 -05:00