debian-packaging
/
linux
8
0
Fork 0
Code Releases Activity
linux/debian/patches/features/all/db-mok-keyring
History
Luca Boccassi 643cc8a41c Add patches to enable loading dbx and MOKX blacklists 
Import patches from:

https://lore.kernel.org/patchwork/cover/933178/

that allow to also load dbx and MOKX as blacklists for modules.
These patches also disable loading MOK/MOKX when secure boot is
not enabled, as the variables will not be safe, and to check the
variables attributes before accepting them.
 		2019-05-02 23:04:18 +01:00
..
0001-KEYS-Allow-unrestricted-boot-time-addition-of-keys-t.patch Add patches to enable loading db and MOK keys 2019-05-02 22:59:42 +01:00
0001-MODSIGN-do-not-load-mok-when-secure-boot-disabled.patch Add patches to enable loading dbx and MOKX blacklists 2019-05-02 23:04:18 +01:00
0002-MODSIGN-load-blacklist-from-MOKx.patch Add patches to enable loading dbx and MOKX blacklists 2019-05-02 23:04:18 +01:00
0002-efi-Add-EFI-signature-data-types.patch Add patches to enable loading db and MOK keys 2019-05-02 22:59:42 +01:00
0003-MODSIGN-checking-the-blacklisted-hash-before-loading-a-kernel-module.patch Add patches to enable loading dbx and MOKX blacklists 2019-05-02 23:04:18 +01:00
0003-efi-Add-an-EFI-signature-blob-parser.patch Add patches to enable loading db and MOK keys 2019-05-02 22:59:42 +01:00
0004-MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch Add patches to enable loading db and MOK keys 2019-05-02 22:59:42 +01:00
0004-MODSIGN-check-the-attributes-of-db-and-mok.patch Add patches to enable loading dbx and MOKX blacklists 2019-05-02 23:04:18 +01:00
0005-MODSIGN-Allow-the-db-UEFI-variable-to-be-suppressed.patch Add patches to enable loading db and MOK keys 2019-05-02 22:59:42 +01:00
0006-Make-get_cert_list-not-complain-about-cert-lists-tha.patch Add patches to enable loading db and MOK keys 2019-05-02 22:59:42 +01:00
0007-modsign-Use-secondary-trust-keyring-for-module-signi.patch Add patches to enable loading db and MOK keys 2019-05-02 22:59:42 +01:00