git.baikalelectronics.ru Git - kernel.git/commit

Merge tag 'integrity-v6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity

Pull integrity updates from Mimi Zohar:
"Aside from the one EVM cleanup patch, all the other changes are kexec
  related.

  On different architectures different keyrings are used to verify the
  kexec'ed kernel image signature. Here are a number of preparatory
  cleanup patches and the patches themselves for making the keyrings -
  builtin_trusted_keyring, .machine, .secondary_trusted_keyring, and
  .platform - consistent across the different architectures"

* tag 'integrity-v6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
  kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification
  arm64: kexec_file: use more system keyrings to verify kernel image signature
  kexec, KEYS: make the code in bzImage64_verify_sig generic
  kexec: clean up arch_kexec_kernel_verify_sig
  kexec: drop weak attribute from functions
  kexec_file: drop weak attribute from functions
  evm: Use IS_ENABLED to initialize .enabled

author	Linus Torvalds <torvalds@linux-foundation.org>
	Tue, 2 Aug 2022 22:21:18 +0000 (15:21 -0700)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Tue, 2 Aug 2022 22:21:18 +0000 (15:21 -0700)
commit	5ea0e3bde95fd6c6b72d8dc4731207420f97959c
tree	c8f7908efeabd007011a1a0343ff66bdbc807344	tree \| snapshot
parent	38db39f7fb791b0cb1276710a285405a77544481	commit \| diff
parent	878db1016d6b1c8d0d90c917668425ce8dec27a5	commit \| diff

arch/x86/kernel/kexec-bzimage64.c	diff1 \|	diff2 \|	blob \| history
security/integrity/evm/evm_main.c	diff1 \|	diff2 \|	blob \| history