superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/arch/x86
History
Kairui Song 278311e417 kexec, KEYS: Make use of platform keyring for signature verify 
This patch allows the kexec_file_load syscall to verify the PE signed
kernel image signature based on the preboot keys stored in the .platform
keyring, as fall back, if the signature verification failed due to not
finding the public key in the secondary or builtin keyrings.

This commit adds a VERIFY_USE_PLATFORM_KEYRING similar to previous
VERIFY_USE_SECONDARY_KEYRING indicating that verify_pkcs7_signature
should verify the signature using platform keyring.  Also, decrease
the error message log level when verification failed with -ENOKEY,
so that if called tried multiple time with different keyring it
won't generate extra noises.

Signed-off-by: Kairui Song <kasong@redhat.com>
Cc: David Howells <dhowells@redhat.com>
Acked-by: Dave Young <dyoung@redhat.com> (for kexec_file_load part)
[zohar@linux.ibm.com: tweaked the first paragraph of the patch description,
 and fixed checkpatch warning.]
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
 		2019-02-04 17:34:07 -05:00
..
boot kbuild: remove redundant target cleaning on failure 2019-01-06 09:46:51 +09:00
configs PCI: consolidate PCI config entry in drivers/pci 2018-11-23 11:45:34 +09:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2018-12-27 13:53:32 -08:00
entry jump_label: move 'asm goto' support test to Kconfig 2019-01-06 09:46:51 +09:00
events Merge branch 'x86-cleanups-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-12-26 17:03:51 -08:00
hyperv x86/hyper-v: Add HvFlushGuestAddressList hypercall support 2018-12-21 11:28:39 +01:00
ia32 Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
include x86: uaccess: Inhibit speculation past access_ok() in user_access_begin() 2019-01-20 15:33:22 +12:00
kernel kexec, KEYS: Make use of platform keyring for signature verify 2019-02-04 17:34:07 -05:00
kvm x86/kvm/nVMX: don't skip emulated instruction twice when vmptr address is not backed 2019-01-11 18:41:53 +01:00
lib kbuild: remove redundant target cleaning on failure 2019-01-06 09:46:51 +09:00
math-emu Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
mm Merge branch 'akpm' (patches from Andrew) 2019-01-05 09:16:18 -08:00
net bpf: Add bpf_line_info support 2018-12-09 13:54:38 -08:00
oprofile
pci pci-v4.21-changes 2019-01-05 17:57:34 -08:00
platform Merge branch 'x86-platform-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-12-26 18:42:51 -08:00
power mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
purgatory
ras
realmode
tools x86: Clean up 'sizeof x' => 'sizeof(x)' 2018-10-29 07:13:28 +01:00
um Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
video
xen xen: fixes for 5.0-rc3 2019-01-19 05:53:41 +12:00
.gitignore
Kbuild KVM: x86: Allow Qemu/KVM to use PVH entry point 2018-12-13 13:41:49 -05:00
Kconfig x86/intel/lpss: Make PCI dependency explicit 2019-01-15 23:17:28 +01:00
Kconfig.cpu x86/cpu: Create Hygon Dhyana architecture support file 2018-09-27 16:14:05 +02:00
Kconfig.debug x86/kconfig: Remove redundant 'default n' lines from all x86 Kconfig's 2018-10-17 08:39:42 +02:00
Makefile jump_label: move 'asm goto' support test to Kconfig 2019-01-06 09:46:51 +09:00
Makefile.um x86, powerpc: Remove -funit-at-a-time compiler option entirely 2018-12-09 11:55:32 +01:00
Makefile_32.cpu