kernel_optimize_test

History

Linus Torvalds f218a29c25 Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security Pull integrity updates from James Morris: "In Linux 4.19, a new LSM hook named security_kernel_load_data was upstreamed, allowing LSMs and IMA to prevent the kexec_load syscall. Different signature verification methods exist for verifying the kexec'ed kernel image. This adds additional support in IMA to prevent loading unsigned kernel images via the kexec_load syscall, independently of the IMA policy rules, based on the runtime "secure boot" flag. An initial IMA kselftest is included. In addition, this pull request defines a new, separate keyring named ".platform" for storing the preboot/firmware keys needed for verifying the kexec'ed kernel image's signature and includes the associated IMA kexec usage of the ".platform" keyring. (David Howell's and Josh Boyer's patches for reading the preboot/firmware keys, which were previously posted for a different use case scenario, are included here)" * 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: integrity: Remove references to module keyring ima: Use inode_is_open_for_write ima: Support platform keyring for kernel appraisal efi: Allow the "db" UEFI variable to be suppressed efi: Import certificates from UEFI Secure Boot efi: Add an EFI signature blob parser efi: Add EFI signature data types integrity: Load certs to the platform keyring integrity: Define a trusted platform keyring selftests/ima: kexec_load syscall test ima: don't measure/appraise files on efivarfs x86/ima: retry detecting secure boot mode docs: Extend trusted keys documentation for TPM 2.0 x86/ima: define arch_get_ima_policy() for x86 ima: add support for arch specific policies ima: refactor ima_init_policy() ima: prevent kexec_load syscall based on runtime secureboot flag x86/ima: define arch_ima_get_secureboot integrity: support new struct public_key_signature encoding field		2019-01-02 09:43:14 -08:00
..
accounting	delayacct: track delays from thrashing cache pages	2018-10-26 16:26:32 -07:00
arch	powerpc updates for 4.21	2018-12-27 10:43:24 -08:00
bpf	tools: bpftool: do not force gcc as CC	2018-12-19 21:57:25 +01:00
build	perf cs-etm: Support for ARM A32/T32 instruction sets in CoreSight trace	2018-12-17 14:56:18 -03:00
cgroup
crypto	crypto: user - rename err_cnt parameter	2018-12-07 14:15:00 +08:00
firewire
firmware	tools: Add 'firmware' category and add ihex2fw tool	2018-11-11 12:58:27 -08:00
gpio
hv	Tools: hv: kvp: Fix a warning of buffer overflow with gcc 8.0.1	2018-11-11 12:58:27 -08:00
iio	tools iio: Override CFLAGS assignments	2018-10-21 13:25:42 +01:00
include	nds32 patches for 4.21	2018-12-29 09:37:03 -08:00
kvm/kvm_stat	tools/kvm_stat: switch to python3	2018-11-27 12:53:44 +01:00
laptop
leds
lib	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2018-12-27 13:04:52 -08:00
memory-model	tools/memory-model: Add more LKMM limitations	2018-10-02 10:28:04 +02:00
nfsd
objtool	objtool: Fix segfault in .cold detection with -ffunction-sections	2018-11-20 18:59:00 +01:00
pci	tools: PCI: Change pcitest compiling process	2018-10-03 11:19:52 +01:00
pcmcia
perf	nds32 patches for 4.21	2018-12-29 09:37:03 -08:00
power	ACPI updates for 4.21-rc1	2018-12-25 14:21:18 -08:00
scripts
spi	spi: spidev_test: Improve decoded text part of hex dump	2018-09-04 17:00:37 +01:00
testing	Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security	2019-01-02 09:43:14 -08:00
thermal/tmon
time
usb	usbip: tools: fix atoi() on non-null terminated string	2018-10-18 19:44:39 +02:00
virtio	virtio: fix test build after uio.h change	2018-12-19 18:23:49 -05:00
vm	tools/vm/page-types.c: fix "kpagecount returned fewer pages than expected" failures	2018-12-28 12:11:50 -08:00
wmi
Makefile	tools: Add 'firmware' category and add ihex2fw tool	2018-11-11 12:58:27 -08:00