[linux] branch master updated (2499398 -> 54ab339)
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Tue Apr 5 13:04:19 UTC 2016
This is an automated email from the git hooks/post-receive script.
benh pushed a change to branch master
in repository linux.
from 2499398 [mips*/octeon] Backport Octeon III CN7xxx interface detection from 4.7 queue.
adds 7321950 Add Matthew Garrett's securelevel patchset in preparation for Secure Boot support
adds c955e35 modules: Enable MODULE_SIG and MODULE_SIG_SHA256
adds 969431b certs: Set SYSTEM_TRUSTED_KEYS to my own personal key to support initial testing of signed modules
adds a6aaaeb Note added build-dependency on openssl too
adds f880a7f Fix config for module signing
adds 23d1e0f debian/copyright: Note that extract-cert and sign-file are under LGPL 2.1
adds 6e18d07 linux-kbuild: Add extract-cert and sign-file programs
adds 516d9da debian/config: Add config variable to control module signing in linux-signed
adds 7b9f22f debian_linux.gencontrol: Allow variable substitutions in control.source.in
adds 76de9f0 scripts: Fix X.509 PEM support in sign-file
new 119c44d Merge branch 'benh/secure-boot'
new 54ab339 Group all securelevel and Secure Boot changes together, closing #820008
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
debian/bin/gencontrol.py | 1 +
debian/certs/benh at debian.org.cert.pem | 21 +++
debian/changelog | 11 ++
debian/config/alpha/defines | 2 +
debian/config/armel/config.marvell | 1 +
debian/config/armel/defines | 4 +
debian/config/config | 16 +-
debian/config/defines | 4 +
debian/config/hppa/defines | 2 +
debian/config/kernelarch-x86/config | 1 +
debian/config/m68k/defines | 2 +
debian/config/mips/defines | 2 +
debian/config/mips64/defines | 2 +
debian/config/mips64el/defines | 2 +
debian/config/mipsel/defines | 2 +
debian/config/powerpcspe/defines | 2 +
debian/config/ppc64/defines | 2 +
debian/config/sh4/defines | 2 +
debian/config/sparc64/defines | 2 +
debian/copyright | 37 ++--
debian/lib/python/debian_linux/gencontrol.py | 3 +-
...cripts-fix-x.509-pem-support-in-sign-file.patch | 37 ++++
...e-acpi-table-override-if-securelevel-is-s.patch | 64 +++++++
...e-apei-error-injection-if-securelevel-is-.patch | 45 +++++
...-acpi_rsdp-kernel-parameter-when-securele.patch | 36 ++++
...access-to-custom_method-if-securelevel-is.patch | 36 ++++
.../add-bsd-style-securelevel-support.patch | 208 +++++++++++++++++++++
...to-automatically-set-securelevel-when-in-.patch | 148 +++++++++++++++
...strict-debugfs-interface-when-securelevel.patch | 57 ++++++
...e-secure-boot-if-shim-is-in-insecure-mode.patch | 66 +++++++
.../enable-cold-boot-attack-mitigation.patch | 49 +++++
...ule-signatures-when-securelevel-is-greate.patch | 24 +++
...hibernate-disable-when-securelevel-is-set.patch | 36 ++++
...le-at-runtime-if-securelevel-has-been-set.patch | 36 ++++
...copy-secure_boot-flag-in-boot-params-acro.patch | 32 ++++
...wn-bar-access-when-securelevel-is-enabled.patch | 108 +++++++++++
...v-mem-and-dev-kmem-when-securelevel-is-se.patch | 38 ++++
.../uswsusp-disable-when-securelevel-is-set.patch | 36 ++++
...wn-io-port-access-when-securelevel-is-ena.patch | 74 ++++++++
...strict-msr-access-when-securelevel-is-set.patch | 46 +++++
debian/patches/series | 21 +++
debian/rules.d/scripts/Makefile | 5 +-
debian/templates/control.source.in | 2 +-
43 files changed, 1304 insertions(+), 21 deletions(-)
create mode 100644 debian/certs/benh at debian.org.cert.pem
create mode 100644 debian/patches/bugfix/all/scripts-fix-x.509-pem-support-in-sign-file.patch
create mode 100644 debian/patches/features/all/securelevel/acpi-disable-acpi-table-override-if-securelevel-is-s.patch
create mode 100644 debian/patches/features/all/securelevel/acpi-disable-apei-error-injection-if-securelevel-is-.patch
create mode 100644 debian/patches/features/all/securelevel/acpi-ignore-acpi_rsdp-kernel-parameter-when-securele.patch
create mode 100644 debian/patches/features/all/securelevel/acpi-limit-access-to-custom_method-if-securelevel-is.patch
create mode 100644 debian/patches/features/all/securelevel/add-bsd-style-securelevel-support.patch
create mode 100644 debian/patches/features/all/securelevel/add-option-to-automatically-set-securelevel-when-in-.patch
create mode 100644 debian/patches/features/all/securelevel/asus-wmi-restrict-debugfs-interface-when-securelevel.patch
create mode 100644 debian/patches/features/all/securelevel/efi-disable-secure-boot-if-shim-is-in-insecure-mode.patch
create mode 100644 debian/patches/features/all/securelevel/enable-cold-boot-attack-mitigation.patch
create mode 100644 debian/patches/features/all/securelevel/enforce-module-signatures-when-securelevel-is-greate.patch
create mode 100644 debian/patches/features/all/securelevel/hibernate-disable-when-securelevel-is-set.patch
create mode 100644 debian/patches/features/all/securelevel/kexec-disable-at-runtime-if-securelevel-has-been-set.patch
create mode 100644 debian/patches/features/all/securelevel/kexec-uefi-copy-secure_boot-flag-in-boot-params-acro.patch
create mode 100644 debian/patches/features/all/securelevel/pci-lock-down-bar-access-when-securelevel-is-enabled.patch
create mode 100644 debian/patches/features/all/securelevel/restrict-dev-mem-and-dev-kmem-when-securelevel-is-se.patch
create mode 100644 debian/patches/features/all/securelevel/uswsusp-disable-when-securelevel-is-set.patch
create mode 100644 debian/patches/features/all/securelevel/x86-lock-down-io-port-access-when-securelevel-is-ena.patch
create mode 100644 debian/patches/features/all/securelevel/x86-restrict-msr-access-when-securelevel-is-set.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list