mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-05-02 18:04:38 -04:00
Code Issues Packages Projects Releases Wiki Activity
796,970 Commits 1 Branch 928 Tags
b5ca117365d960fe5e4fe272bcc8142c28769383
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Nayna Jain b5ca117365 ima: prevent kexec_load syscall based on runtime secureboot flag 
When CONFIG_KEXEC_VERIFY_SIG is enabled, the kexec_file_load syscall
requires the kexec'd kernel image to be signed. Distros are concerned
about totally disabling the kexec_load syscall. As a compromise, the
kexec_load syscall will only be disabled when CONFIG_KEXEC_VERIFY_SIG
is configured and the system is booted with secureboot enabled.

This patch disables the kexec_load syscall only for systems booted with
secureboot enabled.

[zohar@linux.ibm.com: add missing mesage on kexec_load failure]
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Eric Biederman <ebiederm@xmission.com>
Cc: Peter Jones <pjones@redhat.com>
Cc: Vivek Goyal <vgoyal@redhat.com>
Cc: Dave Young <dyoung@redhat.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2018-12-11 07:10:33 -05:00
arch
x86/ima: define arch_ima_get_secureboot
2018-11-13 07:38:45 -05:00
block
Merge tag 'for-linus-20181109' of git://git.kernel.dk/linux-block
2018-11-09 16:31:51 -06:00
certs
export.h: remove VMLINUX_SYMBOL() and VMLINUX_SYMBOL_STR()
2018-08-22 23:21:44 +09:00
crypto
KEYS: asym_tpm: Add support for the sign operation [ver #2]
2018-10-26 09:30:47 +01:00
Documentation
Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-11-11 16:41:50 -06:00
drivers
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-11-11 17:09:48 -06:00
firmware
kbuild: remove all dummy assignments to obj-
2017-11-18 11:46:06 +09:00
fs
Merge tag 'for-4.20-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux
2018-11-11 16:54:38 -06:00
include
x86/ima: define arch_ima_get_secureboot
2018-11-13 07:38:45 -05:00
init
memblock: stop using implicit alignment to SMP_CACHE_BYTES
2018-10-31 08:54:16 -07:00
ipc
ipc: IPCMNI limit check for semmni
2018-10-31 08:54:14 -07:00
kernel
Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-11-11 16:37:41 -06:00
lib
lib/raid6: Fix arm64 test build
2018-11-06 17:12:44 +00:00
LICENSES
Merge tag 'docs-4.20' of git://git.lwn.net/linux
2018-10-24 18:01:11 +01:00
mm
memory_hotplug: cond_resched in __remove_pages
2018-11-03 10:09:38 -07:00
net
act_mirred: clear skb->tstamp on redirect
2018-11-11 10:21:31 -08:00
samples
Merge tag 'vfio-v4.20-rc1.v2' of git://github.com/awilliam/linux-vfio
2018-10-31 11:01:38 -07:00
scripts
builddeb: Fix inclusion of dtbs in debian package
2018-11-11 23:04:53 +09:00
security
ima: prevent kexec_load syscall based on runtime secureboot flag
2018-12-11 07:10:33 -05:00
sound
ALSA: hda - Fix incorrect clearance of thinkpad_acpi hooks
2018-11-06 16:33:53 +01:00
tools
Merge tag 'perf-urgent-for-mingo-4.20-20181106' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux into perf/urgent
2018-11-06 20:03:11 +01:00
usr
initramfs: move gen_initramfs_list.sh from scripts/ to usr/
2018-08-22 23:21:44 +09:00
virt
Revert "mm, mmu_notifier: annotate mmu notifiers with blockable invalidate callbacks"
2018-10-26 16:25:19 -07:00
.clang-format
page cache: Convert find_get_pages_contig to XArray
2018-10-21 10:46:34 -04:00
.cocciconfig
scripts: add Linux .cocciconfig for coccinelle
2016-07-22 12:13:39 +02:00
.get_maintainer.ignore
Add hch to .get_maintainer.ignore
2015-08-21 14:30:10 -07:00
.gitattributes
.gitattributes: set git diff driver for C source code files
2016-10-07 18:46:30 -07:00
.gitignore
Merge tag 'kbuild-v4.17-2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
2018-04-15 17:21:30 -07:00
.mailmap
mailmap: Update email for Punit Agrawal
2018-11-05 10:02:11 +00:00
COPYING
COPYING: use the new text with points to the license files
2018-03-23 12:41:45 -06:00
CREDITS
9p: remove Ron Minnich from MAINTAINERS
2018-08-17 16:20:26 -07:00
Kbuild
Merge tag 'kbuild-v4.15' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
2017-11-17 17:45:29 -08:00
Kconfig
kconfig: move the "Executable file formats" menu to fs/Kconfig.binfmt
2018-08-02 08:06:55 +09:00
MAINTAINERS
Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux
2018-11-10 06:57:34 -06:00
Makefile
Linux 4.20-rc2
2018-11-11 17:12:31 -06:00
README
Drop all 00-INDEX files from Documentation/
2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.
Description
No description provided
Readme 3.4 GiB
Languages
C 97%
Assembly 1%
Shell 0.6%
Rust 0.5%
Python 0.4%
Other 0.3%