[PATCH 0/4] Unifrom keyring support across architectures and functions

Michal Suchanek posted 4 patches 9 months, 3 weeks ago
arch/arm64/kernel/kexec_image.c       | 13 +++++++++++--
arch/s390/kernel/machine_kexec_file.c | 18 +++++++++++++-----
kernel/module_signing.c               | 14 ++++++++++----
3 files changed, 34 insertions(+), 11 deletions(-)
[PATCH 0/4] Unifrom keyring support across architectures and functions
Posted by Michal Suchanek 9 months, 3 weeks ago
While testing KEXEC_SIG on powerpc I noticed discrepancy in support for
different keyrings across architectures and between KEXEC_SIG and
MODULE_SIG. Fix this by enabling suport for the missing keyrings.

The latter two patches obviously conflict with the ongoing module code
cleanup. If they turn out desirable I will add them to the other series
dealing with KEXEC_SIG.

The arm patches can be merged independently.

Thanks

Michal

Michal Suchanek (4):
  Fix arm64 kexec forbidding kernels signed with keys in the secondary
    keyring to boot
  kexec, KEYS, arm64: Make use of platform keyring for signature
    verification
  kexec, KEYS, s390: Make use of built-in and secondary keyring for
    signature verification
  module, KEYS: Make use of platform keyring for signature verification

 arch/arm64/kernel/kexec_image.c       | 13 +++++++++++--
 arch/s390/kernel/machine_kexec_file.c | 18 +++++++++++++-----
 kernel/module_signing.c               | 14 ++++++++++----
 3 files changed, 34 insertions(+), 11 deletions(-)

-- 
2.31.1