iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/arch/x86/kernel
History
Coiby Xu 6871b2590a kexec, KEYS: make the code in bzImage64_verify_sig generic 
commit c903dae8941deb55043ee46ded29e84e97cd84bb upstream.

commit 278311e417be ("kexec, KEYS: Make use of platform keyring for
signature verify") adds platform keyring support on x86 kexec but not
arm64.

The code in bzImage64_verify_sig uses the keys on the
.builtin_trusted_keys, .machine, if configured and enabled,
.secondary_trusted_keys, also if configured, and .platform keyrings
to verify the signed kernel image as PE file.

Cc: kexec@lists.infradead.org
Cc: keyrings@vger.kernel.org
Cc: linux-security-module@vger.kernel.org
Reviewed-by: Michal Suchanek <msuchanek@suse.de>
Signed-off-by: Coiby Xu <coxu@redhat.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-08-21 15:20:08 +02:00
..
acpi
ACPI: CPPC: Fix enabling CPPC on AMD systems with shared memory
2022-07-13 21:13:14 +02:00
apic
- A gargen variety of fixes which don't fit any other tip bucket:
2022-05-23 19:32:59 -07:00
cpu
x86/bugs: Enable STIBP for IBPB mitigated RETBleed
2022-08-17 15:16:05 +02:00
fpu
This set of changes updates init and user mode helper tasks to be
2022-06-03 16:03:05 -07:00
kprobes
x86/kprobes: Update kcb status flag after singlestepping
2022-08-17 15:16:05 +02:00
.gitignore
alternative.c
x86/alternative: Report missing return thunk details
2022-07-20 19:24:53 +02:00
amd_gart_64.c
x86: remove the IOMMU table infrastructure
2022-04-18 07:21:10 +02:00
amd_nb.c
x86/amd_nb: Unexport amd_cache_northbridges()
2022-04-05 19:22:27 +02:00
aperture_64.c
x86: remove the IOMMU table infrastructure
2022-04-18 07:21:10 +02:00
apm_32.c
x86/ibt: Disable IBT around firmware
2022-03-15 10:32:40 +01:00
asm-offsets_32.c
asm-offsets_64.c
KVM: x86: Support the vCPU preemption check with nopvspin and realtime hint
2022-04-02 05:41:21 -04:00
asm-offsets.c
KVM: VMX: Prevent RSB underflow before vmenter
2022-06-27 10:34:00 +02:00
audit_64.c
audit: add support for the openat2 syscall
2021-10-01 16:52:48 -04:00
bootflag.c
check.c
cpuid.c
crash_core_32.c
crash_core_64.c
crash_dump_32.c
vmcore: convert copy_oldmem_page() to take an iov_iter
2022-04-29 14:37:59 -07:00
crash_dump_64.c
vmcore: convert read_from_oldmem() to take an iov_iter
2022-04-29 14:37:59 -07:00
crash.c
x86/crash: Fix minor typo/bug in debug message
2022-04-13 19:39:54 +02:00
devicetree.c
Devicetree updates for v5.16:
2021-11-02 22:22:13 -07:00
doublefault_32.c
exit/doublefault: Remove apparently bogus comment about rewind_stack_do_exit
2021-10-20 13:09:43 -05:00
dumpstack_32.c
dumpstack_64.c
x86/mm/64: Improve stack overflow warnings
2021-09-21 13:57:43 +02:00
dumpstack.c
x86: remove __range_not_ok()
2022-02-25 09:36:05 +01:00
e820.c
x86/boot: Fix memremap of setup_indirect structures
2022-03-09 12:49:44 +01:00
early_printk.c
usb: early: xhci-dbc: Remove duplicate keep parsing
2022-03-15 18:20:34 +01:00
early-quirks.c
drm/i915/rpl-p: Add PCI IDs
2022-04-19 17:14:09 -07:00
ebda.c
eisa.c
espfix_64.c
ftrace_32.S
x86: Prepare asm files for straight-line-speculation
2021-12-08 12:25:37 +01:00
ftrace_64.S
x86/ftrace: Remove OBJECT_FILES_NON_STANDARD usage
2022-06-06 11:50:22 -07:00
ftrace.c
ftrace/x86: Add back ftrace_expected assignment
2022-08-17 15:16:05 +02:00
head32.c
head64.c
x86: Clear .brk area at early boot
2022-07-01 11:11:34 +02:00
head_32.S
x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
2022-07-13 12:43:26 +02:00
head_64.S
objtool: Add entry UNRET validation
2022-06-27 10:34:00 +02:00
hpet.c
rtc: Check return value from mc146818_get_time()
2021-12-16 21:50:06 +01:00
hw_breakpoint.c
i8237.c
i8253.c
i8259.c
x86: Avoid magic number with ELCR register accesses
2021-08-10 23:31:43 +02:00
idt.c
x86/traps: Add #VE support for TDX guest
2022-04-07 08:27:51 -07:00
io_delay.c
ioport.c
irq_32.c
x86/softirq: Disable softirq stacks on PREEMPT_RT
2021-09-27 12:28:32 +02:00
irq_64.c
irq_work.c
irq.c
x86/irq: Ensure PI wakeup handler is unregistered before module unload
2021-10-22 12:45:35 -04:00
irqflags.S
x86: Prepare asm files for straight-line-speculation
2021-12-08 12:25:37 +01:00
irqinit.c
itmt.c
x86/sched: Decrease further the priorities of SMT siblings
2021-10-05 15:51:59 +02:00
jailhouse.c
jump_label.c
jump_labels: Mark __jump_label_transform() as __always_inlined to work around aggressive compiler un-inlining
2021-07-13 06:32:05 +02:00
kdebugfs.c
x86/boot: Fix memremap of setup_indirect structures
2022-03-09 12:49:44 +01:00
kexec-bzimage64.c
kexec, KEYS: make the code in bzImage64_verify_sig generic
2022-08-21 15:20:08 +02:00
kgdb.c
ksysfs.c
x86/boot: Fix memremap of setup_indirect structures
2022-03-09 12:49:44 +01:00
kvm.c
x86, kvm: use correct GFP flags for preemption disabled
2022-05-25 05:13:40 -04:00
kvmclock.c
x86/kvm: Don't waste kvmclock memory if there is nopv parameter
2022-04-13 13:37:19 -04:00
ldt.c
memcg: enable accounting for ldt_struct objects
2021-09-03 09:58:13 -07:00
machine_kexec_32.c
x86/kexec: Set_[gi]dt() -> native_[gi]dt_invalidate() in machine_kexec_*.c
2021-05-21 12:36:45 +02:00
machine_kexec_64.c
x86/kexec: fix memory leak of elf header buffer
2022-06-01 15:57:16 -07:00
Makefile
x86/ftrace: Remove OBJECT_FILES_NON_STANDARD usage
2022-06-06 11:50:22 -07:00
mmconf-fam10h_64.c
x86/msr: Rename MSR_K8_SYSCFG to MSR_AMD64_SYSCFG
2021-05-10 07:51:38 +02:00
module.c
x86: Undo return-thunk damage
2022-06-27 10:33:58 +02:00
mpparse.c
x86: Avoid magic number with ELCR register accesses
2021-08-10 23:31:43 +02:00
msr.c
nmi_selftest.c
nmi.c
x86/nmi: Make register_nmi_handler() more robust
2022-05-17 09:25:25 +02:00
paravirt-spinlocks.c
paravirt.c
x86/ibt,paravirt: Sprinkle ENDBR
2022-03-15 10:32:36 +01:00
pci-dma.c
swiotlb: merge swiotlb-xen initialization into swiotlb
2022-04-18 07:21:13 +02:00
pcspeaker.c
perf_regs.c
platform-quirks.c
pmem.c
x86/pmem: Fix platform-device leak in error path
2022-08-17 15:14:09 +02:00
probe_roms.c
x86/kernel: Validate ROM memory before accessing when SEV-SNP is active
2022-04-06 13:23:09 +02:00
process_32.c
- Remove all the code around GS switching on 32-bit now that it is not
2022-05-23 18:42:07 -07:00
process_64.c
x86/prctl: Remove pointless task argument
2022-05-13 12:56:28 +02:00
process.c
x86: Handle idle=nomwait cmdline properly for x86_idle
2022-08-17 15:13:59 +02:00
process.h
x86: Snapshot thread flags
2021-12-01 00:06:43 +01:00
ptrace.c
x86/32: Remove lazy GS macros
2022-04-14 14:09:43 +02:00
pvclock.c
quirks.c
reboot_fixups_32.c
reboot.c
x86: Use do_kernel_power_off()
2022-05-19 19:30:31 +02:00
relocate_kernel_32.S
x86/kexec: Disable RET on kexec
2022-07-09 13:12:32 +02:00
relocate_kernel_64.S
x86/kexec: Disable RET on kexec
2022-07-09 13:12:32 +02:00
resource.c
x86/PCI: Revert "x86/PCI: Clip only host bridge windows for E820 regions"
2022-06-17 14:24:14 -05:00
rethook.c
x86,rethook: Fix arch_rethook_trampoline() to generate a complete pt_regs
2022-03-28 19:38:51 -07:00
rtc.c
setup_percpu.c
mm: percpu: add generic pcpu_populate_pte() function
2022-01-20 08:52:52 +02:00
setup.c
x86/mm: Fix RESERVE_BRK() for older binutils
2022-06-13 10:15:04 +02:00
sev_verify_cbit.S
x86: Prepare asm files for straight-line-speculation
2021-12-08 12:25:37 +01:00
sev-shared.c
Revert "x86/sev: Expose sev_es_ghcb_hv_call() for use by HyperV"
2022-07-27 18:09:13 +02:00
sev.c
Revert "x86/sev: Expose sev_es_ghcb_hv_call() for use by HyperV"
2022-07-27 18:09:13 +02:00
signal_compat.c
signal: Deliver SIGTRAP on perf event asynchronously if blocked
2022-04-22 12:14:05 +02:00
signal.c
x86/32: Remove lazy GS macros
2022-04-14 14:09:43 +02:00
smp.c
smpboot.c
- Serious sanitization and cleanup of the whole APERF/MPERF and
2022-05-23 18:17:09 -07:00
stacktrace.c
x86: remove __range_not_ok()
2022-02-25 09:36:05 +01:00
static_call.c
x86/static_call: Serialize __static_call_fixup() properly
2022-07-12 14:23:32 +02:00
step.c
ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
2022-05-11 14:34:28 -05:00
sys_ia32.c
sys_x86_64.c
x86/mm: Cleanup the control_va_addr_alignment() __setup handler
2022-05-04 18:20:42 +02:00
tboot.c
x86: remove the IOMMU table infrastructure
2022-04-18 07:21:10 +02:00
time.c
tls.c
tls.h
topology.c
drivers/base/node: consolidate node device subsystem initialization in node_dev_init()
2022-03-22 15:57:10 -07:00
trace_clock.c
trace.c
trace/osnoise: Fix an ifdef comment
2021-10-25 23:02:36 -04:00
tracepoint.c
x86/traceponit: Fix comment about irq vector tracepoints
2022-05-26 22:03:52 -04:00
traps.c
- A bunch of changes towards streamlining low level asm helpers' calling
2022-05-23 18:08:46 -07:00
tsc_msr.c
tsc_sync.c
x86/tsc: Add a timer to make sure TSC_adjust is always checked
2021-12-02 00:40:35 +01:00
tsc.c
x86/tsc: Be consistent about use_tsc_delay()
2022-03-15 18:20:33 +01:00
umip.c
x86/umip: Downgrade warning messages to debug loglevel
2021-09-25 13:23:28 +02:00
unwind_frame.c
x86/unwind: Recover kretprobe trampoline entry
2021-09-30 21:24:07 -04:00
unwind_guess.c
x86/unwind: Recover kretprobe trampoline entry
2021-09-30 21:24:07 -04:00
unwind_orc.c
x86/unwind/orc: Recheck address range after stack info was updated
2022-04-19 21:58:46 +02:00
uprobes.c
verify_cpu.S
x86: Prepare asm files for straight-line-speculation
2021-12-08 12:25:37 +01:00
vm86_32.c
x86/32: Remove lazy GS macros
2022-04-14 14:09:43 +02:00
vmlinux.lds.S
Just when you thought that all the speculation bugs were addressed and
2022-07-11 18:15:25 -07:00
vsmp_64.c
x86_init.c
x86/mm/cpa: Generalize __set_memory_enc_pgtable()
2022-02-23 19:14:29 +01:00