lockdown: Refer to Debian wiki until manual page exists

debian/changelog

@@ -801,6 +801,7 @@ linux (4.19.34-1) UNRELEASED; urgency=medium
   * [ia64] linux-image: Recommend grub-efi-ia64 instead of (removed) elilo
   * [armel/marvell] Disable HW_RANDOM as no HWRNG drivers are usable here
   * udeb: Add all HWRNG drivers to kernel-image (see #923675)
+  * lockdown: Refer to Debian wiki until manual page exists
 
   [ YunQiang Su ]
   * [mips*r6] Re-enable CONFIG_JUMP_LABEL, which has been fixed in upstream.

debian/patches/features/all/lockdown/lockdown-refer-to-debian-wiki-until-manual-page-exists.patch

@@ -0,0 +1,23 @@
+From: Ben Hutchings <ben@decadent.org.uk>
+Date: Sun, 21 Apr 2019 00:17:13 +0100
+Subject: lockdown: Refer to Debian wiki until manual page exists
+Forwarded: not-needed
+
+The lockdown denial log message currently refers to a
+"kernel_lockdown.7" manual page, which is supposed to document it.
+That manual page hasn't been accepted by the man-pages project and
+doesn't even seem to have been submitted yet.  For now, refer to the
+Debian wiki.
+
+---
+--- a/security/lock_down.c
++++ b/security/lock_down.c
+@@ -28,7 +28,7 @@ static void __init lock_kernel_down(cons
+ {
+ 	if (!kernel_locked_down) {
+ 		kernel_locked_down = true;
+-		pr_notice("Kernel is locked down from %s; see man kernel_lockdown.7\n",
++		pr_notice("Kernel is locked down from %s; see https://wiki.debian.org/SecureBoot\n",
+ 			  where);
+ 	}
+ }

debian/patches/series

@@ -140,6 +140,8 @@ features/all/lockdown/0029-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mo.
 features/all/lockdown/enable-cold-boot-attack-mitigation.patch
 features/all/lockdown/mtd-disable-slram-and-phram-when-locked-down.patch
 features/all/lockdown/arm64-add-kernel-config-option-to-lock-down-when.patch
+# until the "kernel_lockdown.7" manual page exists
+features/all/lockdown/lockdown-refer-to-debian-wiki-until-manual-page-exists.patch
 
 # Security fixes
 debian/i386-686-pae-pci-set-pci-nobios-by-default.patch