]> git.proxmox.com Git - mirror_ubuntu-hirsute-kernel.git/commit
projects / mirror_ubuntu-hirsute-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5e1050a) | patch
UBUNTU: SAUCE: (lockdown) arm64: Allow locking down the kernel under EFI secure boot
authorSeth Forshee <seth.forshee@canonical.com>
Thu, 10 Oct 2019 15:57:25 +0000 (10:57 -0500)
committerAndrea Righi <andrea.righi@canonical.com>
Mon, 15 Feb 2021 07:25:55 +0000 (08:25 +0100)
commitd1034ba1794685718b75629bf86fffcf95e552c4
tree5f63ff56fcda714be5dee1b9d3c29a7824718eeetree
parent5e1050a7490f67cf657d85387b2f90b3b7977f54commit | diff
UBUNTU: SAUCE: (lockdown) arm64: Allow locking down the kernel under EFI secure boot

Add support to arm64 for the CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT
option. When enabled the lockdown LSM will be enabled with
maximum confidentiality when booted under EFI secure boot.

Based on an earlier patch by Linn Crosetto.

Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
[v2: ported to 5.7-rc1 and adapted to the new fdt parsing mechanism]
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
drivers/firmware/efi/efi-init.c diff | blob | blame | history
drivers/firmware/efi/fdtparams.c diff | blob | blame | history
drivers/firmware/efi/libstub/fdt.c diff | blob | blame | history
include/linux/efi.h diff | blob | blame | history
Ubuntu Hirsute Linux kernel mirror