]> git.proxmox.com Git - mirror_ubuntu-kernels.git/commit
Merge tag 'integrity-v6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar...
authorLinus Torvalds <torvalds@linux-foundation.org>
Tue, 2 Aug 2022 22:21:18 +0000 (15:21 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Tue, 2 Aug 2022 22:21:18 +0000 (15:21 -0700)
commit043402495deb5ccc3b3479dc69a03f990c41ea8d
treec8f7908efeabd007011a1a0343ff66bdbc807344
parent87fe1adb66a514fa3abbe8bdb4278a5b2f421d8b
parent88b61b130334212f8f05175e291c04adeb2bf30b
Merge tag 'integrity-v6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity

Pull integrity updates from Mimi Zohar:
 "Aside from the one EVM cleanup patch, all the other changes are kexec
  related.

  On different architectures different keyrings are used to verify the
  kexec'ed kernel image signature. Here are a number of preparatory
  cleanup patches and the patches themselves for making the keyrings -
  builtin_trusted_keyring, .machine, .secondary_trusted_keyring, and
  .platform - consistent across the different architectures"

* tag 'integrity-v6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
  kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification
  arm64: kexec_file: use more system keyrings to verify kernel image signature
  kexec, KEYS: make the code in bzImage64_verify_sig generic
  kexec: clean up arch_kexec_kernel_verify_sig
  kexec: drop weak attribute from functions
  kexec_file: drop weak attribute from functions
  evm: Use IS_ENABLED to initialize .enabled
arch/x86/kernel/kexec-bzimage64.c
security/integrity/evm/evm_main.c