summaryrefslogtreecommitdiffstats
path: root/efi-lockdown.patch
Commit message (Collapse)AuthorAgeFilesLines
* Linux v5.3-13236-g97f9a3c4eee5Jeremy Cline2019-10-011-1883/+0
| | | | | | | This is a first pass at getting the secureboot patches working with the upstream lockdown patches that got merged. The final patch from our lockdown set is the sysrq patch which also needs work. For the present it is not applied.
* Linux v5.2-10808-g9637d517347eLaura Abbott2019-07-161-165/+194
|
* Fix rbhz 1658675 againJeremy Cline2019-06-061-0/+58
| | | | | This patch got dropped with the latest rebase to upstream's version of the lockdown patches.
* Linux v5.2-rc3-37-g156c05917e09Justin M. Forbes2019-06-061-0/+286
|
* Fix up the kexec IMA patchJeremy Cline2019-04-151-4/+4
|
* Rebase the kernel lockdown patch setJeremy Cline2019-04-151-551/+797
| | | | | | | | | | | | | | | | Use the latest version of the kernel lockdown patch set. This includes a few configuration renames: CONFIG_KEXEC_VERIFY_SIG became CONFIG_KEXEC_SIG and CONFIG_KEXEC_SIG_FORCE was added. CONFIG_KEXEC_SIG_FORCE=n because the "kexec_file: Restrict at runtime if the kernel is locked down" patch enforces the signature requirement when the kernel is locked down. CONFIG_LOCK_DOWN_MANDATORY got renamed to CONFIG_LOCK_DOWN_KERNEL_FORCE and remains false as LOCK_DOWN_IN_EFI_SECURE_BOOT covers enabling it for EFI Secure Boot users. Finally, the SysRq patches got dropped for the present.
* Linux v5.0-7001-g610cd4eadec4Jeremy Cline2019-03-081-291/+205
|
* Linux v5.0-6399-gf90d64483ebdJeremy Cline2019-03-071-1/+1
|
* lockdown update for S390Justin M. Forbes2019-01-101-0/+146
|
* Linux v4.20-10911-g645ff1e8e704Laura Abbott2019-01-031-233/+0
| | | | | Dropped part of the efi-lockdown patchset for IMA until conflicts get resolved.
* Linux v4.20-9163-g195303136f19Laura Abbott2018-12-301-6/+6
|
* Remove bpf restriction for now, revisit (rhbz 1622986)Justin M. Forbes2018-08-281-39/+0
|
* Linux v4.18-8895-g1f7a4c73a739Jeremy Cline2018-08-181-25/+27
|
* Linux v4.18-7873-gf91e654474d4Jeremy Cline2018-08-161-20/+21
|
* Linux v4.18-rc1Laura Abbott2018-06-181-1/+1
|
* Linux v4.17-11782-gbe779f03d563Laura Abbott2018-06-131-3/+3
|
* Linux v4.17-7997-g68abbe729567Laura Abbott2018-06-081-10/+8
|
* Linux v4.17-6625-g1c8c5a9d38f6Laura Abbott2018-06-071-2/+2
|
* Linux v4.17-3754-g135c5504a600Laura Abbott2018-06-061-4/+4
|
* Linux v4.17-rc1Justin M. Forbes2018-04-161-785/+237
|
* Linux v4.16-11766-ge241e3f2bf97Justin M. Forbes2018-04-121-2/+2
|
* Linux v4.16-9576-g38c23685b273Justin M. Forbes2018-04-061-45/+0
|
* Linux v4.16-2520-g642e7fd23353Justin M. Forbes2018-04-031-2/+2
|
* Fix efi-lockdown.patch for upstream BPF changeJeremy Cline2018-03-231-1/+1
| | | | | | | Commit 0fa4fe85f472 ("bpf: skip unnecessary capability check") switched the if statement around. Signed-off-by: Jeremy Cline <jeremy@jcline.org>
* Update efi-lockdown patch with current.Justin M. Forbes2018-03-121-337/+978
|
* Linux v4.15-11704-ga2e5790d8416Justin M. Forbes2018-02-071-1/+1
|
* Linux v4.14-12375-g2dcd9c71c1ffLaura Abbott2017-11-171-14/+15
|
* Linux v4.14-4050-g37cb8e1f8e10Laura Abbott2017-11-151-8/+8
|
* Linux v4.14-rc6-50-g567825502730Justin M. Forbes2017-10-261-135/+129
|
* Linux v4.14-rc5-94-g9a27ded2195aJustin M. Forbes2017-10-201-609/+319
|
* Linux v4.14-rc5-31-g73d3393ada4fJustin M. Forbes2017-10-191-589/+1188
|
* Linux v4.13-11197-gf007cad159e9Justin M. Forbes2017-09-111-1/+1
|
* Linux v4.13-4257-ge7d0c41ecc2eJustin M. Forbes2017-09-061-6/+6
|
* Linux v4.11-11413-g2868b25Justin M. Forbes2017-05-091-7/+7
|
* Linux v4.11-1464-gd3b5d35Justin M. Forbes2017-05-021-76/+2
|
* Linux v4.10-6476-gbc49a78Laura Abbott2017-02-231-201/+201
|
* Update efi-lockdown for 4.11 mergeJustin M. Forbes2017-02-211-696/+20
|
* Linux v4.10-rc4Justin M. Forbes2017-01-161-2/+2
|
* Linux v4.9-7150-gcdb98c2Justin M. Forbes2016-12-141-0/+2159
generated by cgit (git 2.34.1) at 2024-06-19 02:47:38 +0000