iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,074,205 Commits 104 Branches 1,843 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Eric Snowberg d19967764b integrity: Introduce a Linux keyring called machine 
Many UEFI Linux distributions boot using shim.  The UEFI shim provides
what is called Machine Owner Keys (MOK). Shim uses both the UEFI Secure
Boot DB and MOK keys to validate the next step in the boot chain.  The
MOK facility can be used to import user generated keys.  These keys can
be used to sign an end-users development kernel build.  When Linux
boots, both UEFI Secure Boot DB and MOK keys get loaded in the Linux
.platform keyring.

Define a new Linux keyring called machine.  This keyring shall contain just
MOK keys and not the remaining keys in the platform keyring. This new
machine keyring will be used in follow on patches.  Unlike keys in the
platform keyring, keys contained in the machine keyring will be trusted
within the kernel if the end-user has chosen to do so.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Tested-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
2022-03-08 13:55:52 +02:00
arch
x86 guest:
2022-03-06 12:08:42 -08:00
block
block: clear iocb->private in blkdev_bio_end_io_async()
2022-02-22 06:59:49 -07:00
certs
certs: Fix build error when CONFIG_MODULE_SIG_KEY is empty
2022-01-23 00:08:44 +09:00
crypto
KEYS: x509: remove dead code that set ->unsupported_sig
2022-03-08 10:33:18 +02:00
Documentation
swiotlb: rework "fix info leak with DMA_FROM_DEVICE"
2022-03-07 11:26:02 -08:00
drivers
tpm: xen-tpmfront: Use struct_size() helper
2022-03-08 10:33:18 +02:00
fs
for-5.17-rc6-tag
2022-03-06 12:19:36 -08:00
include
virtio: last minute fixes
2022-03-07 11:32:17 -08:00
init
lib/stackdepot: allow optional init and stack_table allocation by kvmalloc()
2022-01-22 08:33:37 +02:00
ipc
ipc/sem: do not sleep with a spin lock held
2022-02-04 09:25:05 -08:00
kernel
swiotlb: rework "fix info leak with DMA_FROM_DEVICE"
2022-03-07 11:26:02 -08:00
lib
ARM further fixes for 5.17-rc:
2022-03-02 16:11:56 -08:00
LICENSES
LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid identifiers
2021-12-16 14:33:10 +01:00
mm
memfd: fix F_SEAL_WRITE after shmem huge page allocated
2022-03-05 11:08:32 -08:00
net
ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()
2022-03-03 09:47:06 -08:00
samples
samples/seccomp: Adjust sample to also provide kill option
2022-02-10 19:09:12 -08:00
scripts
kconfig: fix failing to generate auto.conf
2022-02-12 23:24:19 +09:00
security
integrity: Introduce a Linux keyring called machine
2022-03-08 13:55:52 +02:00
sound
ALSA: intel_hdmi: Fix reference to PCM buffer address
2022-03-02 09:25:37 +01:00
tools
selftests: tpm: add async space test with noneexisting handle
2022-03-08 10:33:17 +02:00
usr
kbuild: remove include/linux/cyclades.h from header file check
2022-01-27 08:51:08 +01:00
virt
KVM: Fix lockdep false negative during host resume
2022-02-17 09:52:50 -05:00
.clang-format
genirq/msi: Make interrupt allocation less convoluted
2021-12-16 22:22:20 +01:00
.cocciconfig
.get_maintainer.ignore
Opt out of scripts/get_maintainer.pl
2019-05-16 10:53:40 -07:00
.gitattributes
.gitattributes: use 'dts' diff driver for dts files
2019-12-04 19:44:11 -08:00
.gitignore
.gitignore: ignore only top-level modules.builtin
2021-05-02 00:43:35 +09:00
.mailmap
mailmap: update Roman Gushchin's email
2022-02-26 09:51:17 -08:00
COPYING
COPYING: state that all contributions really are covered by this file
2020-02-10 13:32:20 -08:00
CREDITS
MAINTAINERS: replace a Microchip AT91 maintainer
2022-02-09 11:30:01 +01:00
Kbuild
kbuild: rename hostprogs-y/always to hostprogs/always-y
2020-02-04 01:53:07 +09:00
Kconfig
kbuild: ensure full rebuild when the compiler is updated
2020-05-12 13:28:33 +09:00
MAINTAINERS
MAINTAINERS: Remove dead patchwork link
2022-03-03 12:14:36 -08:00
Makefile
Linux 5.17-rc7
2022-03-06 14:28:31 -08:00
README
Drop all 00-INDEX files from Documentation/
2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.
Description
No description provided
Readme 5.7 GiB
Languages
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%