summaryrefslogtreecommitdiffstats
path: root/efi-secureboot.patch
Commit message (Collapse)AuthorAgeFilesLines
* kernel-5.7.0-0.rc1.20200414git8632e9b5645b.1Jeremy Cline2020-04-141-334/+0
| | | | | | This is an automated commit generated from the kernel-5.7.0-0.rc1.20200414git8632e9b5645b.1 tag in https://gitlab.com/cki-project/kernel-ark.git
* Linux v5.7-rc1Justin M. Forbes2020-04-131-1/+1
|
* Fix typo in secureboot patchJustin M. Forbes2020-04-011-1/+1
|
* Linux v5.6-5611-g1a323ea5356eJustin M. Forbes2020-04-011-26/+23
|
* Linux v5.6-2405-gcad18da0afb1Justin M. Forbes2020-03-311-3/+3
|
* Switch Secure Boot to lock down in integrity mode (rhbz 1815571)Jeremy Cline2020-03-201-1/+1
|
* Linux v5.5-3996-gb3a608222336Jeremy Cline2020-01-291-27/+27
|
* Convert pr_warning to pr_warnJustin M. Forbes2019-12-101-1/+1
|
* Linux v5.4-5280-g89d57dddd7d3Justin M. Forbes2019-11-271-14/+17
|
* Linux v5.4-rc2-20-geda57a0e4299Jeremy Cline2019-10-081-1/+1
|
* Linux v5.3-13236-g97f9a3c4eee5Jeremy Cline2019-10-011-85/+141
| | | | | | | This is a first pass at getting the secureboot patches working with the upstream lockdown patches that got merged. The final patch from our lockdown set is the sysrq patch which also needs work. For the present it is not applied.
* Linux v5.3-2061-gad062195731bJeremy Cline2019-09-171-14/+14
|
* Linux v5.2-rc3-37-g156c05917e09Justin M. Forbes2019-06-061-4/+4
|
* Linux v5.1-1199-g71ae5fc87c34Justin M. Forbes2019-05-071-3/+3
|
* Linux v5.1-rc6Jeremy Cline2019-04-221-1/+2
|
* Fix up the kexec IMA patchJeremy Cline2019-04-151-1/+1
|
* Rebase the kernel lockdown patch setJeremy Cline2019-04-151-66/+28
| | | | | | | | | | | | | | | | Use the latest version of the kernel lockdown patch set. This includes a few configuration renames: CONFIG_KEXEC_VERIFY_SIG became CONFIG_KEXEC_SIG and CONFIG_KEXEC_SIG_FORCE was added. CONFIG_KEXEC_SIG_FORCE=n because the "kexec_file: Restrict at runtime if the kernel is locked down" patch enforces the signature requirement when the kernel is locked down. CONFIG_LOCK_DOWN_MANDATORY got renamed to CONFIG_LOCK_DOWN_KERNEL_FORCE and remains false as LOCK_DOWN_IN_EFI_SECURE_BOOT covers enabling it for EFI Secure Boot users. Finally, the SysRq patches got dropped for the present.
* Linux v5.0-10360-g12ad143e1b80Jeremy Cline2019-03-111-0/+1
|
* Linux v5.0-rc7Laura Abbott2019-02-171-5/+5
|
* Linux v4.20-9163-g195303136f19Laura Abbott2018-12-301-2/+2
|
* Resolve a conflict in the efi secureboot patch setJeremy Cline2018-11-191-25/+28
|
* Secure Boot updatesJustin M. Forbes2018-06-111-0/+311