[linux] 01/02: Merge branch 'benh/secure-boot'
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Tue Apr 5 13:04:19 UTC 2016
This is an automated email from the git hooks/post-receive script.
benh pushed a commit to branch master
in repository linux.
commit 119c44d06df8681250c1b1a3285365d7273be657
Merge: 2499398 76de9f0
Author: Ben Hutchings <ben at decadent.org.uk>
Date: Tue Apr 5 13:59:42 2016 +0100
Merge branch 'benh/secure-boot'
debian/bin/gencontrol.py | 1 +
debian/certs/benh at debian.org.cert.pem | 21 +++
debian/changelog | 10 +
debian/config/alpha/defines | 2 +
debian/config/armel/config.marvell | 1 +
debian/config/armel/defines | 4 +
debian/config/config | 16 +-
debian/config/defines | 4 +
debian/config/hppa/defines | 2 +
debian/config/kernelarch-x86/config | 1 +
debian/config/m68k/defines | 2 +
debian/config/mips/defines | 2 +
debian/config/mips64/defines | 2 +
debian/config/mips64el/defines | 2 +
debian/config/mipsel/defines | 2 +
debian/config/powerpcspe/defines | 2 +
debian/config/ppc64/defines | 2 +
debian/config/sh4/defines | 2 +
debian/config/sparc64/defines | 2 +
debian/copyright | 37 ++--
debian/lib/python/debian_linux/gencontrol.py | 3 +-
...cripts-fix-x.509-pem-support-in-sign-file.patch | 37 ++++
...e-acpi-table-override-if-securelevel-is-s.patch | 64 +++++++
...e-apei-error-injection-if-securelevel-is-.patch | 45 +++++
...-acpi_rsdp-kernel-parameter-when-securele.patch | 36 ++++
...access-to-custom_method-if-securelevel-is.patch | 36 ++++
.../add-bsd-style-securelevel-support.patch | 208 +++++++++++++++++++++
...to-automatically-set-securelevel-when-in-.patch | 148 +++++++++++++++
...strict-debugfs-interface-when-securelevel.patch | 57 ++++++
...e-secure-boot-if-shim-is-in-insecure-mode.patch | 66 +++++++
.../enable-cold-boot-attack-mitigation.patch | 49 +++++
...ule-signatures-when-securelevel-is-greate.patch | 24 +++
...hibernate-disable-when-securelevel-is-set.patch | 36 ++++
...le-at-runtime-if-securelevel-has-been-set.patch | 36 ++++
...copy-secure_boot-flag-in-boot-params-acro.patch | 32 ++++
...wn-bar-access-when-securelevel-is-enabled.patch | 108 +++++++++++
...v-mem-and-dev-kmem-when-securelevel-is-se.patch | 38 ++++
.../uswsusp-disable-when-securelevel-is-set.patch | 36 ++++
...wn-io-port-access-when-securelevel-is-ena.patch | 74 ++++++++
...strict-msr-access-when-securelevel-is-set.patch | 46 +++++
debian/patches/series | 21 +++
debian/rules.d/scripts/Makefile | 5 +-
debian/templates/control.source.in | 2 +-
43 files changed, 1303 insertions(+), 21 deletions(-)
diff --cc debian/changelog
index f69110d,837d029..8f5b3dc
--- a/debian/changelog
+++ b/debian/changelog
@@@ -9,15 -8,17 +9,25 @@@ linux (4.5-1~exp2) UNRELEASED; urgency=
write support
* Merge linux-tools source package into linux
(Closes: #550379, #573483, #816500)
+ * Add Matthew Garrett's securelevel patchset in preparation for Secure Boot
+ support (see Documentation/security/securelevel.txt)
+ * modules: Enable MODULE_SIG and MODULE_SIG_SHA256, but not MODULE_SIG_ALL
+ as signatures will be packaged separately
+ - debian/control: Add build-dependencies on libssl-dev, openssl
+ - debian/copyright: Note that extract-cert and sign-file are under LGPL 2.1
+ - linux-kbuild: Add extract-cert and sign-file programs
+ - scripts: Fix X.509 PEM support in sign-file
+ * certs: Set SYSTEM_TRUSTED_KEYS to my own personal certificate to support
+ initial testing of signed modules
+ [ Aurelien Jarno ]
+ * [mipsel/mips/config.loongson-2f] Disable VIDEO_CX23885, VIDEO_IVTV,
+ VIDEO_CX231XX, VIDEO_PVRUSB2 (fixes FTBFS).
+ * [mips*/octeon] Backport OCTEON SATA controller support from 4.6-rc1.
+ Enable AHCI_OCTEON and SATA_AHCI_PLATFORM.
+ * [mips*/octeon] Backport Octeon III CN7xxx interface detection from
+ 4.7 queue.
+
-- Ben Hutchings <ben at decadent.org.uk> Fri, 25 Mar 2016 13:43:57 +0000
linux-tools (4.5-1~exp1) experimental; urgency=medium
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list