mirror of
https://github.com/torvalds/linux.git
synced 2024-11-25 13:41:51 +00:00
84bfcc0b69
-----BEGIN PGP SIGNATURE----- iIoEABYIADIWIQQdXVVFGN5XqKr1Hj7LwZzRsCrn5QUCYdxh3xQcem9oYXJAbGlu dXguaWJtLmNvbQAKCRDLwZzRsCrn5bXsAP9xioC+sDpA+KgicrTxLQp2HBHVdkdj hnsSw7KE6d1YFwD/Zu1BPi/iX1HHcEvTm34x9jKWeU54VCyqsXJG+zArDA0= =/eFf -----END PGP SIGNATURE----- Merge tag 'integrity-v5.17' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity Pull integrity subsystem updates from Mimi Zohar: "The few changes are all kexec related: - The MOK keys are loaded onto the .platform keyring in order to verify the kexec kernel image signature. However, the MOK keys should only be trusted when secure boot is enabled. Before loading the MOK keys onto the .platform keyring, make sure the system is booted in secure boot mode. - When carrying the IMA measurement list across kexec, limit dumping the measurement list to when dynamic debug or CONFIG_DEBUG is enabled. - kselftest: add kexec_file_load selftest support for PowerNV and other cleanup" * tag 'integrity-v5.17' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: selftests/kexec: Enable secureboot tests for PowerPC ima: silence measurement list hexdump during kexec selftests/kexec: update searching for the Kconfig selftest/kexec: fix "ignored null byte in input" warning integrity: Do not load MOK and MOKx when secure boot be disabled ima: Fix undefined arch_ima_get_secureboot() and co |
||
---|---|---|
.. | ||
evm | ||
ima | ||
platform_certs | ||
digsig_asymmetric.c | ||
digsig.c | ||
iint.c | ||
integrity_audit.c | ||
integrity.h | ||
Kconfig | ||
Makefile |