| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180815194244.29564-1-yannik@sembritzki.me>
Date: Wed, 15 Aug 2018 21:42:42 +0200
From: Yannik Sembritzki <yannik@...britzki.me>
To: Linus Torvalds <torvalds@...ux-foundation.org>,
David Howells <dhowells@...hat.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Peter Anvin <hpa@...or.com>,
the arch/x86 maintainers <x86@...nel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Dave Young <dyoung@...hat.com>, Baoquan He <bhe@...hat.com>,
"Justin M. Forbes" <jforbes@...hat.com>,
Peter Jones <pjones@...hat.com>,
James Bottomley <James.Bottomley@...senPartnership.com>,
Matthew Garrett <mjg59@...gle.com>,
Vivek Goyal <vgoyal@...hat.com>
Cc: Yannik Sembritzki <yannik@...britzki.me>
Subject: [PATCH 0/2] Fix kexec forbidding kernels signed with keys in the secondary keyring to boot
I've written two patches for (a) the logical change of allowing kernels
signed with keys in the secondary keyring to be kexec'd (b) the refactoring
of the magic 1UL Linus requested.
Yannik Sembritzki (2):
Fix kexec forbidding kernels signed with keys in the secondary keyring
to boot
Replace magic for trusting the secondary keyring with #define
arch/x86/kernel/kexec-bzimage64.c | 2 +-
certs/system_keyring.c | 3 ++-
crypto/asymmetric_keys/pkcs7_key_type.c | 2 +-
include/linux/verification.h | 4 ++++
4 files changed, 8 insertions(+), 3 deletions(-)
--
2.17.1
Powered by blists - more mailing lists