| #
9dc92c45 |
| 08-Dec-2018 |
Nayna Jain <nayna@linux.ibm.com> |
integrity: Define a trusted platform keyring
On secure boot enabled systems, a verified kernel may need to kexec
additional kernels. For example, it may be used as a bootloader needing
to kexec a ta
integrity: Define a trusted platform keyring
On secure boot enabled systems, a verified kernel may need to kexec
additional kernels. For example, it may be used as a bootloader needing
to kexec a target kernel or it may need to kexec a crashdump kernel. In
such cases, it may want to verify the signature of the next kernel
image.
It is further possible that the kernel image is signed with third party
keys which are stored as platform or firmware keys in the 'db' variable.
The kernel, however, can not directly verify these platform keys, and an
administrator may therefore not want to trust them for arbitrary usage.
In order to differentiate platform keys from other keys and provide the
necessary separation of trust, the kernel needs an additional keyring to
store platform keys.
This patch creates the new keyring called ".platform" to isolate keys
provided by platform from keys by kernel. These keys are used to
facilitate signature verification during kexec. Since the scope of this
keyring is only the platform/firmware keys, it cannot be updated from
userspace.
This keyring can be enabled by setting CONFIG_INTEGRITY_PLATFORM_KEYRING.
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Acked-by: Serge Hallyn <serge@hallyn.com>
Reviewed-by: James Morris <james.morris@microsoft.com>
Reviewed-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
show more ...
|
|
Revision tags: v4.19.8, v4.19.7, v4.19.6, v4.19.5, v4.19.4, v4.18.20, v4.19.3, v4.18.19, v4.19.2, v4.18.18, v4.18.17, v4.19.1, v4.19, v4.18.16, v4.18.15, v4.18.14, v4.18.13, v4.18.12, v4.18.11, v4.18.10, v4.18.9, v4.18.7, v4.18.6, v4.18.5, v4.17.18, v4.18.4, v4.18.3, v4.17.17, v4.18.2, v4.17.16, v4.17.15, v4.18.1, v4.18, v4.17.14, v4.17.13, v4.17.12, v4.17.11, v4.17.10, v4.17.9, v4.17.8, v4.17.7, v4.17.6, v4.17.5, v4.17.4, v4.17.3, v4.17.2, v4.17.1, v4.17, v4.16, v4.15, v4.13.16, v4.14, v4.13.5, v4.13, v4.12, v4.10.17, v4.10.16, v4.10.15, v4.10.14, v4.10.13, v4.10.12, v4.10.11, v4.10.10, v4.10.9, v4.10.8, v4.10.7, v4.10.6, v4.10.5, v4.10.4, v4.10.3, v4.10.2, v4.10.1, v4.10 |
|
| #
f26e8817 |
| 16-Dec-2016 |
Dmitry Torokhov <dmitry.torokhov@gmail.com> |
Merge branch 'next' into for-linus
Prepare input updates for 4.10 merge window.
|
|
Revision tags: v4.9, openbmc-4.4-20161121-1, v4.4.33, v4.4.32, v4.4.31, v4.4.30, v4.4.29, v4.4.28, v4.4.27, v4.7.10, openbmc-4.4-20161021-1, v4.7.9, v4.4.26, v4.7.8, v4.4.25 |
|
| #
4a7126a2 |
| 13-Oct-2016 |
Dmitry Torokhov <dmitry.torokhov@gmail.com> |
Merge tag 'v4.8' into next
Sync up with mainline to bring in I2C host notify changes and other
updates.
|
|
Revision tags: v4.4.24, v4.7.7, v4.8, v4.4.23, v4.7.6, v4.7.5, v4.4.22, v4.4.21, v4.7.4, v4.7.3, v4.4.20, v4.7.2, v4.4.19, openbmc-4.4-20160819-1, v4.7.1, v4.4.18, v4.4.17, openbmc-4.4-20160804-1 |
|
| #
e82a82c1 |
| 28-Jul-2016 |
Jiri Kosina <jkosina@suse.cz> |
Merge branches 'for-4.8/alps', 'for-4.8/apple', 'for-4.8/i2c-hid', 'for-4.8/uhid-offload-hid-device-add' and 'for-4.8/upstream' into for-linus
|
|
Revision tags: v4.4.16, v4.7, openbmc-4.4-20160722-1, openbmc-20160722-1 |
|
| #
8c57a5e7 |
| 19-Jul-2016 |
Dmitry Torokhov <dmitry.torokhov@gmail.com> |
Merge branch 'for-linus' into next
Sync up to bring in wacom_w8001 changes to avoid merge conflicts later.
|
|
Revision tags: openbmc-20160713-1, v4.4.15, v4.6.4 |
|
| #
946e0f6f |
| 08-Jul-2016 |
Ingo Molnar <mingo@kernel.org> |
Merge tag 'v4.7-rc6' into x86/mm, to merge fixes before applying new changes
Signed-off-by: Ingo Molnar <mingo@kernel.org>
|
| #
b6d90158 |
| 07-Jul-2016 |
Rafael J. Wysocki <rafael.j.wysocki@intel.com> |
Merge branches 'acpica-fixes', 'acpi-pci-fixes' and 'acpi-debug-fixes'
* acpica-fixes:
ACPICA: Namespace: Fix namespace/interpreter lock ordering
* acpi-pci-fixes:
ACPI,PCI,IRQ: separate ISA pe
Merge branches 'acpica-fixes', 'acpi-pci-fixes' and 'acpi-debug-fixes'
* acpica-fixes:
ACPICA: Namespace: Fix namespace/interpreter lock ordering
* acpi-pci-fixes:
ACPI,PCI,IRQ: separate ISA penalty calculation
Revert "ACPI, PCI, IRQ: remove redundant code in acpi_irq_penalty_init()"
ACPI,PCI,IRQ: factor in PCI possible
* acpi-debug-fixes:
ACPI / debugger: Fix regression introduced by IS_ERR_VALUE() removal
show more ...
|
| #
ea1a25c3 |
| 06-Jul-2016 |
James Bottomley <James.Bottomley@HansenPartnership.com> |
Merge branch 'jejb-fixes' into fixes
|
|
Revision tags: v4.6.3, v4.4.14 |
|
| #
6ea24cf7 |
| 18-Jun-2016 |
Dmitry Torokhov <dmitry.torokhov@gmail.com> |
Merge branch 'cec-defines' into for-linus
Let's bring in HDMI CEC defines to ease merging CEC support in the next
merge window.
|
| #
9d066a25 |
| 17-Jun-2016 |
Rafael J. Wysocki <rafael.j.wysocki@intel.com> |
Merge branches 'pm-opp' and 'pm-cpufreq-fixes'
* pm-opp:
PM / OPP: Add 'UNKNOWN' status for shared_opp in struct opp_table
* pm-cpufreq-fixes:
cpufreq: intel_pstate: Adjust _PSS[0] freqeuency i
Merge branches 'pm-opp' and 'pm-cpufreq-fixes'
* pm-opp:
PM / OPP: Add 'UNKNOWN' status for shared_opp in struct opp_table
* pm-cpufreq-fixes:
cpufreq: intel_pstate: Adjust _PSS[0] freqeuency if needed
show more ...
|
| #
8e8c6689 |
| 08-Jun-2016 |
Ingo Molnar <mingo@kernel.org> |
Merge branch 'x86/urgent' into x86/cpu, to pick up dependency
Signed-off-by: Ingo Molnar <mingo@kernel.org>
|
| #
616d1c1b |
| 08-Jun-2016 |
Ingo Molnar <mingo@kernel.org> |
Merge branch 'linus' into perf/core, to refresh the branch
Signed-off-by: Ingo Molnar <mingo@kernel.org>
|
|
Revision tags: v4.6.2, v4.4.13 |
|
| #
c853f18b |
| 07-Jun-2016 |
Mauro Carvalho Chehab <mchehab@osg.samsung.com> |
Merge tag 'v4.7-rc2' into v4l_for_linus
Linux 4.7-rc2
* tag 'v4.7-rc2': (10914 commits)
Linux 4.7-rc2
devpts: Make each mount of devpts an independent filesystem.
parisc: Move die_if_kernel()
Merge tag 'v4.7-rc2' into v4l_for_linus
Linux 4.7-rc2
* tag 'v4.7-rc2': (10914 commits)
Linux 4.7-rc2
devpts: Make each mount of devpts an independent filesystem.
parisc: Move die_if_kernel() prototype into traps.h header
parisc: Fix pagefault crash in unaligned __get_user() call
parisc: Fix printk time during boot
parisc: Fix backtrace on PA-RISC
mm, page_alloc: recalculate the preferred zoneref if the context can ignore memory policies
mm, page_alloc: reset zonelist iterator after resetting fair zone allocation policy
mm, oom_reaper: do not use siglock in try_oom_reaper()
mm, page_alloc: prevent infinite loop in buffered_rmqueue()
checkpatch: reduce git commit description style false positives
mm/z3fold.c: avoid modifying HEADLESS page and minor cleanup
memcg: add RCU locking around css_for_each_descendant_pre() in memcg_offline_kmem()
mm: check the return value of lookup_page_ext for all call sites
kdump: fix dmesg gdbmacro to work with record based printk
mm: fix overflow in vm_map_ram()
Btrfs: deal with duplciates during extent_map insertion in btrfs_get_extent
arm64: fix alignment when RANDOMIZE_TEXT_OFFSET is enabled
arm64: move {PAGE,CONT}_SHIFT into Kconfig
arm64: mm: dump: log span level
...
show more ...
|
|
Revision tags: openbmc-20160606-1 |
|
| #
60c07f80 |
| 03-Jun-2016 |
Rafael J. Wysocki <rafael.j.wysocki@intel.com> |
Merge branches 'acpica-fixes', 'acpi-video' and 'acpi-processor'
* acpica-fixes:
ACPICA / Hardware: Fix old register check in acpi_hw_get_access_bit_width()
* acpi-video:
ACPI / Thermal / video
Merge branches 'acpica-fixes', 'acpi-video' and 'acpi-processor'
* acpica-fixes:
ACPICA / Hardware: Fix old register check in acpi_hw_get_access_bit_width()
* acpi-video:
ACPI / Thermal / video: fix max_level incorrect value
* acpi-processor:
ACPI / processor: Avoid reserving IO regions too early
show more ...
|
| #
2eec3707 |
| 03-Jun-2016 |
Thomas Gleixner <tglx@linutronix.de> |
Merge tag 'irqchip-4.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms into irq/urgent
Merge irqchip updates from Marc Zyngier:
- A number of embarassing buglets (GICv3, PIC
Merge tag 'irqchip-4.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms into irq/urgent
Merge irqchip updates from Marc Zyngier:
- A number of embarassing buglets (GICv3, PIC32)
- A more substential errata workaround for Cavium's GICv3 ITS
(kept for post-rc1 due to its dependency on NUMA)
show more ...
|
| #
5599617e |
| 02-Jun-2016 |
Daniel Vetter <daniel.vetter@ffwll.ch> |
Merge remote-tracking branch 'airlied/drm-next' into drm-intel-next-queued
Git got absolutely destroyed with all our cherry-picking from
drm-intel-next-queued to various branches. It ended up insert
Merge remote-tracking branch 'airlied/drm-next' into drm-intel-next-queued
Git got absolutely destroyed with all our cherry-picking from
drm-intel-next-queued to various branches. It ended up inserting
intel_crtc_page_flip 2x even in intel_display.c.
Backmerge to get back to sanity.
Signed-off-by: Daniel Vetter <daniel.vetter@intel.com>
show more ...
|
|
Revision tags: v4.6.1, v4.4.12 |
|
| #
6a2cf60b |
| 30-May-2016 |
Mauro Carvalho Chehab <mchehab@osg.samsung.com> |
Merge tag 'v4.7-rc1' into patchwork
Linux 4.7-rc1
* tag 'v4.7-rc1': (10534 commits)
Linux 4.7-rc1
hash_string: Fix zero-length case for !DCACHE_WORD_ACCESS
Rename other copy of hash_string to
Merge tag 'v4.7-rc1' into patchwork
Linux 4.7-rc1
* tag 'v4.7-rc1': (10534 commits)
Linux 4.7-rc1
hash_string: Fix zero-length case for !DCACHE_WORD_ACCESS
Rename other copy of hash_string to hashlen_string
hpfs: implement the show_options method
affs: fix remount failure when there are no options changed
hpfs: fix remount failure when there are no options changed
fs: fix binfmt_aout.c build error
h8300: Add <asm/hash.h>
microblaze: Add <asm/hash.h>
m68k: Add <asm/hash.h>
<linux/hash.h>: Add support for architecture-specific functions
fs/namei.c: Improve dcache hash function
Eliminate bad hash multipliers from hash_32() and hash_64()
Change hash_64() return value to 32 bits
<linux/sunrpc/svcauth.h>: Define hash_str() in terms of hashlen_string()
fs/namei.c: Add hashlen_string() function
Pull out string hash to <linux/stringhash.h>
Revert "platform/chrome: chromeos_laptop: Add Leon Touch"
i2c: dev: use after free in detach
MIPS: Add missing FROZEN hotplug notifier transitions
...
show more ...
|
|
Revision tags: openbmc-20160521-1 |
|
| #
f4f27d00 |
| 19-May-2016 |
Linus Torvalds <torvalds@linux-foundation.org> |
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
"Highlights:
- A new LSM, "LoadPin", from Kees Coo
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
"Highlights:
- A new LSM, "LoadPin", from Kees Cook is added, which allows forcing
of modules and firmware to be loaded from a specific device (this
is from ChromeOS, where the device as a whole is verified
cryptographically via dm-verity).
This is disabled by default but can be configured to be enabled by
default (don't do this if you don't know what you're doing).
- Keys: allow authentication data to be stored in an asymmetric key.
Lots of general fixes and updates.
- SELinux: add restrictions for loading of kernel modules via
finit_module(). Distinguish non-init user namespace capability
checks. Apply execstack check on thread stacks"
* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (48 commits)
LSM: LoadPin: provide enablement CONFIG
Yama: use atomic allocations when reporting
seccomp: Fix comment typo
ima: add support for creating files using the mknodat syscall
ima: fix ima_inode_post_setattr
vfs: forbid write access when reading a file into memory
fs: fix over-zealous use of "const"
selinux: apply execstack check on thread stacks
selinux: distinguish non-init user namespace capability checks
LSM: LoadPin for kernel file loading restrictions
fs: define a string representation of the kernel_read_file_id enumeration
Yama: consolidate error reporting
string_helpers: add kstrdup_quotable_file
string_helpers: add kstrdup_quotable_cmdline
string_helpers: add kstrdup_quotable
selinux: check ss_initialized before revalidating an inode label
selinux: delay inode label lookup as long as possible
selinux: don't revalidate an inode's label when explicitly setting it
selinux: Change bool variable name to index.
KEYS: Add KEYCTL_DH_COMPUTE command
...
show more ...
|
|
Revision tags: v4.4.11, openbmc-20160518-1, v4.6, v4.4.10, openbmc-20160511-1 |
|
| #
0250abcd |
| 05-May-2016 |
James Morris <james.l.morris@oracle.com> |
Merge tag 'keys-next-20160505' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs into next
|
|
Revision tags: openbmc-20160505-1, v4.4.9 |
|
| #
bc0868c6 |
| 03-May-2016 |
Mark Brown <broonie@kernel.org> |
Merge branch 'for-4.7/pwm-regulator' of git://git.kernel.org/pub/scm/linux/kernel/git/thierry.reding/linux-pwm into regulator-pwm
|
| #
1cbc99df |
| 25-Apr-2016 |
Rafael J. Wysocki <rafael.j.wysocki@intel.com> |
Merge back cpufreq changes for v4.7.
|
|
Revision tags: v4.4.8 |
|
| #
9938b044 |
| 18-Apr-2016 |
Jiri Kosina <jkosina@suse.cz> |
Merge branch 'master' into for-next
Sync with Linus' tree so that patches against newer codebase can be applied.
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
|
| #
889fac6d |
| 13-Apr-2016 |
Ingo Molnar <mingo@kernel.org> |
Merge tag 'v4.6-rc3' into perf/core, to refresh the tree
Signed-off-by: Ingo Molnar <mingo@kernel.org>
|
| #
6e007f31 |
| 12-Apr-2016 |
David Howells <dhowells@redhat.com> |
Merge branch 'keys-misc' into keys-next
Miscellaneous keyrings changes.
Signed-off-by: David Howells <dhowells@redhat.com>
|
| #
93da17b1 |
| 12-Apr-2016 |
Andreas Ziegler <andreas.ziegler@fau.de> |
security: integrity: Remove select to deleted option PUBLIC_KEY_ALGO_RSA
Commit d43de6c780a8 ("akcipher: Move the RSA DER encoding check to
the crypto layer") removed the Kconfig option PUBLIC_KEY_A
security: integrity: Remove select to deleted option PUBLIC_KEY_ALGO_RSA
Commit d43de6c780a8 ("akcipher: Move the RSA DER encoding check to
the crypto layer") removed the Kconfig option PUBLIC_KEY_ALGO_RSA,
but forgot to remove a 'select' to this option in the definition of
INTEGRITY_ASYMMETRIC_KEYS.
Let's remove the select, as it's ineffective now.
Signed-off-by: Andreas Ziegler <andreas.ziegler@fau.de>
Signed-off-by: David Howells <dhowells@redhat.com>
show more ...
|