[PATCH 0/2] Fix kexec forbidding kernels signed with keys in the secondary keyring to boot

From: Yannik Sembritzki
Date: Wed Aug 15 2018 - 15:42:58 EST

Next message: Yannik Sembritzki: "[PATCH 1/2] Fix kexec forbidding kernels signed with keys in the secondary keyring to boot"
Previous message: Linus Torvalds: "Re: [PATCH 4.9 000/107] 4.9.120-stable review"
In reply to: Linus Torvalds: "Re: [PATCH] Fix kexec forbidding kernels signed with custom platform keys to boot"
Next in thread: Yannik Sembritzki: "[PATCH 1/2] Fix kexec forbidding kernels signed with keys in the secondary keyring to boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I've written two patches for (a) the logical change of allowing kernels
signed with keys in the secondary keyring to be kexec'd (b) the refactoring
of the magic 1UL Linus requested.

Yannik Sembritzki (2):
Fix kexec forbidding kernels signed with keys in the secondary keyring
to boot
Replace magic for trusting the secondary keyring with #define

arch/x86/kernel/kexec-bzimage64.c | 2 +-
certs/system_keyring.c | 3 ++-
crypto/asymmetric_keys/pkcs7_key_type.c | 2 +-
include/linux/verification.h | 4 ++++
4 files changed, 8 insertions(+), 3 deletions(-)

--
2.17.1

Next message: Yannik Sembritzki: "[PATCH 1/2] Fix kexec forbidding kernels signed with keys in the secondary keyring to boot"
Previous message: Linus Torvalds: "Re: [PATCH 4.9 000/107] 4.9.120-stable review"
In reply to: Linus Torvalds: "Re: [PATCH] Fix kexec forbidding kernels signed with custom platform keys to boot"
Next in thread: Yannik Sembritzki: "[PATCH 1/2] Fix kexec forbidding kernels signed with keys in the secondary keyring to boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]