linux

mirror of https://github.com/hardkernel/linux.git synced 2026-06-05 18:41:58 +09:00

Go to file

Mickaël Salaün 4da8f8c8a1 dm verity: Add support for signature verification with 2nd keyring

Add a new configuration DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING
to enable dm-verity signatures to be verified against the secondary
trusted keyring.  Instead of relying on the builtin trusted keyring
(with hard-coded certificates), the second trusted keyring can include
certificate authorities from the builtin trusted keyring and child
certificates loaded at run time.  Using the secondary trusted keyring
enables to use dm-verity disks (e.g. loop devices) signed by keys which
did not exist at kernel build time, leveraging the certificate chain of
trust model.  In practice, this makes it possible to update certificates
without kernel update and reboot, aligning with module and kernel
(kexec) signature verification which already use the secondary trusted
keyring.

Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>

2020-12-04 18:04:35 -05:00

arch

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

2020-11-15 09:57:58 -08:00

block

dm: fix IO splitting

2020-12-04 14:53:15 -05:00

certs

.gitignore: add SPDX License Identifier

2020-03-25 11:50:48 +01:00

crypto

Merge tag 'drivers-5.10-2020-10-12' of git://git.kernel.dk/linux-block

2020-10-13 13:04:41 -07:00

Documentation

dm verity: Add support for signature verification with 2nd keyring

2020-12-04 18:04:35 -05:00

drivers

dm verity: Add support for signature verification with 2nd keyring

2020-12-04 18:04:35 -05:00

Merge branch 'akpm' (patches from Andrew)

2020-11-14 12:35:11 -08:00

include

block: fix incorrect branching in blk_max_size_offset()

2020-12-04 17:27:42 -05:00

init

bootconfig: Extend the magic check range to the preceding 3 bytes

2020-11-12 20:36:52 -05:00

ipc

ipc: adjust proc_ipc_sem_dointvec definition to match prototype

2020-09-05 12:14:29 -07:00

kernel

Merge tag 'perf-urgent-2020-11-15' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

2020-11-15 09:46:36 -08:00

lib

Merge tag 'drm-fixes-2020-11-06-1' of git://anongit.freedesktop.org/drm/drm

2020-11-06 12:54:00 -08:00

LICENSES

LICENSES/deprecated: add Zlib license text

2020-09-16 14:33:49 +02:00

Merge branch 'for-5.10-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/dennis/percpu

2020-11-15 08:57:19 -08:00

net

Merge tag 'net-5.10-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2020-11-12 14:02:04 -08:00

samples

Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf

2020-11-06 17:49:34 -08:00

scripts

Merge tag 'net-5.10-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2020-11-12 14:02:04 -08:00

security

Merge tag 'selinux-pr-20201113' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux

2020-11-14 12:04:02 -08:00

sound

Merge tag 'asoc-fix-v5.10-rc2' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus

2020-11-05 18:19:32 +01:00

tools

Merge tag 'net-5.10-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2020-11-12 14:02:04 -08:00

usr

Merge branch 'work.fdpic' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs

2020-08-07 13:29:39 -07:00

virt

kvm: x86/mmu: Support dirty logging for the TDP MMU

2020-10-23 03:42:13 -04:00

.clang-format

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma

2020-10-17 11:18:18 -07:00

.cocciconfig

scripts: add Linux .cocciconfig for coccinelle

2016-07-22 12:13:39 +02:00

.get_maintainer.ignore

Opt out of scripts/get_maintainer.pl

2019-05-16 10:53:40 -07:00

.gitattributes

.gitattributes: use 'dts' diff driver for dts files

2019-12-04 19:44:11 -08:00

.gitignore

.gitignore: docs: ignore sphinx_*/ directories

2020-09-10 10:44:31 -06:00

.mailmap

mailmap: fix entry for Dmitry Baryshkov/Eremin-Solenikov

2020-11-14 11:26:03 -08:00

COPYING

COPYING: state that all contributions really are covered by this file

2020-02-10 13:32:20 -08:00

CREDITS

MAINTAINERS: Move Sangbeom Kim to credits

2020-10-26 10:11:18 +01:00

Kbuild

kbuild: rename hostprogs-y/always to hostprogs/always-y

2020-02-04 01:53:07 +09:00

Kconfig

kbuild: ensure full rebuild when the compiler is updated

2020-05-12 13:28:33 +09:00

MAINTAINERS

Merge tag 'usb-5.10-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb

2020-11-15 10:02:41 -08:00

Makefile

Linux 5.10-rc4

2020-11-15 16:44:31 -08:00

README

Drop all 00-INDEX files from Documentation/

2018-09-09 15:08:58 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.