projects / linux-4.9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b6bb673) | patch
Add option to automatically set securelevel when in Secure Boot mode
authorMatthew Garrett <mjg59@srcf.ucam.org>
Fri, 9 Aug 2013 22:36:30 +0000 (18:36 -0400)
committerBen Hutchings <ben@decadent.org.uk>
Mon, 27 Feb 2017 15:58:07 +0000 (15:58 +0000)
commitc4d92627468d02e8694d917fa1fda6eb54d487b1
treed5bc6dda74bc789fb3acbc8089ce6360d1fd53aatree | snapshot
parentb6bb6738a217da8249f0df625bc5d632e0da54eccommit | diff
Add option to automatically set securelevel when in Secure Boot mode

UEFI Secure Boot provides a mechanism for ensuring that the firmware will
only load signed bootloaders and kernels. Certain use cases may also
require that the kernel prevent userspace from inserting untrusted kernel
code at runtime. Add a configuration option that enforces this automatically
when enabled.

Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
Gbp-Pq: Topic features/all/securelevel
Gbp-Pq: Name add-option-to-automatically-set-securelevel-when-in-.patch
Documentation/x86/zero-page.txt diff | blob | history
arch/x86/Kconfig diff | blob | history
arch/x86/boot/compressed/eboot.c diff | blob | history
arch/x86/include/uapi/asm/bootparam.h diff | blob | history
arch/x86/kernel/setup.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.