lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20230725094013.2dfb0168@canb.auug.org.au>
Date:   Tue, 25 Jul 2023 09:40:13 +1000
From:   Stephen Rothwell <sfr@...b.auug.org.au>
To:     Heiko Carstens <hca@...ux.ibm.com>,
        Vasily Gorbik <gor@...ux.ibm.com>,
        Christian Borntraeger <borntraeger@...ibm.com>,
        Andrew Morton <akpm@...ux-foundation.org>
Cc:     Anastasia Eskova <anastasia.eskova@....com>,
        Costa Shulyupin <costa.shul@...hat.com>,
        Eric DeVolder <eric.devolder@...cle.com>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Linux Next Mailing List <linux-next@...r.kernel.org>
Subject: linux-next: manual merge of the s390 tree with the mm tree

Hi all,

Today's linux-next merge of the s390 tree got a conflict in:

  arch/s390/Kconfig

between commit:

  b2d2d291f588 ("s390/kexec: refactor for kernel/Kconfig.kexec")

from the mm tree and commits:

  8cf57d7217c3 ("s390: add support for user-defined certificates")
  37002bc6b603 ("docs: move s390 under arch")

from the s390 tree.

I fixed it up (see below) and can carry the fix as necessary. This
is now fixed as far as linux-next is concerned, but any non trivial
conflicts should be mentioned to your upstream maintainer when your tree
is submitted for merging.  You may also want to consider cooperating
with the maintainer of the conflicting tree to minimise any particularly
complex conflicts.

-- 
Cheers,
Stephen Rothwell

diff --cc arch/s390/Kconfig
index 736548e4163e,d9d50a7a2016..000000000000
--- a/arch/s390/Kconfig
+++ b/arch/s390/Kconfig
@@@ -246,28 -245,6 +247,28 @@@ config PGTABLE_LEVEL
  
  source "kernel/livepatch/Kconfig"
  
 +config ARCH_DEFAULT_KEXEC
 +	def_bool y
 +
 +config ARCH_SUPPORTS_KEXEC
 +	def_bool y
 +
 +config ARCH_SUPPORTS_KEXEC_FILE
 +	def_bool CRYPTO && CRYPTO_SHA256 && CRYPTO_SHA256_S390
 +
 +config ARCH_SUPPORTS_KEXEC_SIG
 +	def_bool MODULE_SIG_FORMAT
 +
 +config ARCH_SUPPORTS_KEXEC_PURGATORY
 +	def_bool KEXEC_FILE
 +
 +config ARCH_SUPPORTS_CRASH_DUMP
 +	def_bool y
 +	help
- 	  Refer to <file:Documentation/s390/zfcpdump.rst> for more details on this.
++	  Refer to <file:Documentation/arch/s390/zfcpdump.rst> for more details on this.
 +	  This option also enables s390 zfcpdump.
- 	  See also <file:Documentation/s390/zfcpdump.rst>
++	  See also <file:Documentation/arch/s390/zfcpdump.rst>
 +
  menu "Processor type and features"
  
  config HAVE_MARCH_Z10_FEATURES
@@@ -506,6 -483,46 +507,16 @@@ config SCHED_TOPOLOG
  
  source "kernel/Kconfig.hz"
  
 -config KEXEC
 -	def_bool y
 -	select KEXEC_CORE
 -
 -config KEXEC_FILE
 -	bool "kexec file based system call"
 -	select KEXEC_CORE
 -	depends on CRYPTO
 -	depends on CRYPTO_SHA256
 -	depends on CRYPTO_SHA256_S390
 -	help
 -	  Enable the kexec file based system call. In contrast to the normal
 -	  kexec system call this system call takes file descriptors for the
 -	  kernel and initramfs as arguments.
 -
 -config ARCH_HAS_KEXEC_PURGATORY
 -	def_bool y
 -	depends on KEXEC_FILE
 -
 -config KEXEC_SIG
 -	bool "Verify kernel signature during kexec_file_load() syscall"
 -	depends on KEXEC_FILE && MODULE_SIG_FORMAT
 -	help
 -	  This option makes kernel signature verification mandatory for
 -	  the kexec_file_load() syscall.
 -
 -	  In addition to that option, you need to enable signature
 -	  verification for the corresponding kernel image type being
 -	  loaded in order for this to work.
 -
+ config CERT_STORE
+ 	bool "Get user certificates via DIAG320"
+ 	depends on KEYS
+ 	help
+ 	  Enable this option if you want to access user-provided secure boot
+ 	  certificates via DIAG 0x320.
+ 
+ 	  These certificates will be made available via the keyring named
+ 	  'cert_store'.
+ 
  config KERNEL_NOBP
  	def_bool n
  	prompt "Enable modified branch prediction for the kernel by default"

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ