kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE - starfive-tech/linux.git - StarFive Tech Linux Kernel for VisionFive (JH7110) boards (mirror)

diff options

author	Jiri Bohac <jbohac@suse.cz>	2019-08-20 03:17:44 +0300
committer	James Morris <jmorris@namei.org>	2019-08-20 07:54:15 +0300
commit	99d5cadfde2b1acb7650021df5abaa5ec447dd10 (patch)
tree	49af3ab9d60ad3191426f616750002f1720562cc /security/inode.c
parent	fef5dad9876034253d59acbf8c0c314f4d94cf87 (diff)
download	linux-99d5cadfde2b1acb7650021df5abaa5ec447dd10.tar.xz

kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE

This is a preparatory patch for kexec_file_load() lockdown. A locked down kernel needs to prevent unsigned kernel images from being loaded with kexec_file_load(). Currently, the only way to force the signature verification is compiling with KEXEC_VERIFY_SIG. This prevents loading usigned images even when the kernel is not locked down at runtime. This patch splits KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE. Analogous to the MODULE_SIG and MODULE_SIG_FORCE for modules, KEXEC_SIG turns on the signature verification but allows unsigned images to be loaded. KEXEC_SIG_FORCE disallows images without a valid signature. Signed-off-by: Jiri Bohac <jbohac@suse.cz> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> cc: kexec@lists.infradead.org Signed-off-by: James Morris <jmorris@namei.org>

Diffstat (limited to 'security/inode.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: