projects / linux-4.9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: efd7543) | patch
Add option to automatically set securelevel when in Secure Boot mode
authorMatthew Garrett <mjg59@srcf.ucam.org>
Fri, 9 Aug 2013 22:36:30 +0000 (18:36 -0400)
committerYves-Alexis Perez <corsac@debian.org>
Fri, 9 Feb 2018 12:58:52 +0000 (12:58 +0000)
commit5ce4764238d31cd0b40e01044f396edc7578fb0a
tree9d8acc8ae2155e3af83654287b79a4955a7036dftree | snapshot
parentefd7543d012d9e39f7cef6ff47bd59be4ad9b701commit | diff
Add option to automatically set securelevel when in Secure Boot mode

UEFI Secure Boot provides a mechanism for ensuring that the firmware will
only load signed bootloaders and kernels. Certain use cases may also
require that the kernel prevent userspace from inserting untrusted kernel
code at runtime. Add a configuration option that enforces this automatically
when enabled.

Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
Gbp-Pq: Topic features/all/securelevel
Gbp-Pq: Name add-option-to-automatically-set-securelevel-when-in-.patch
Documentation/x86/zero-page.txt diff | blob | history
arch/x86/Kconfig diff | blob | history
arch/x86/boot/compressed/eboot.c diff | blob | history
arch/x86/include/uapi/asm/bootparam.h diff | blob | history
arch/x86/kernel/setup.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.