| From: |
| Mehmet Kayaalp <mkayaalp@linux.vnet.ibm.com> |
| To: |
| David Howells <dhowells@redhat.com>, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-ima-devel@lists.sourceforge.net, keyrings@vger.kernel.org |
| Subject: |
| [PATCH 0/3 v2] Certificate insertion support for x86 bzImages |
| Date: |
| Wed, 22 Jun 2016 18:37:30 -0400 |
| Message-ID: |
| <1466635053-30512-1-git-send-email-mkayaalp@linux.vnet.ibm.com> |
| Cc: |
| Mimi Zohar <zohar@linux.vnet.ibm.com>, George Wilson <gcwilson@us.ibm.com>, Stefan Berger <stefanb@linux.vnet.ibm.com>, Mehmet Kayaalp <mkayaalp@linux.vnet.ibm.com> |
| Archive‑link: | |
Article |
These patches add support for modifying the reserved space for extra
certificates in a compressed bzImage in x86. This allows separating the
system keyring certificate from the kernel build process. After the kernel
image is distributed, the insert-sys-cert script can be used to insert the
certificate for x86.
Changes:
* Rebased 2/3 on top of be1fb0e8eb082 ("kbuild: delete unnecessary "@:"")
Mehmet Kayaalp (3):
KEYS: Support for inserting a certificate into x86 bzImage
KEYS: Insert incompressible bytes to vmlinux to reserve space in
bzImage
KEYS: Print insert-sys-cert information to stdout instead of stderr
arch/x86/boot/compressed/Makefile | 8 ++
scripts/insert-sys-cert.c | 212 ++++++++++++++++++++++++++++++++++++--
2 files changed, 212 insertions(+), 8 deletions(-)
--
2.7.4
