[PATCH 06/38] Annotate hardware config module parameters in drivers/clocksource/

[PATCH 00/38] Annotate hw config module params for future lockdown · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 06/38] Annotate hardware config module parameters in drivers/clocksource/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 06/38] Annotate hardware config module parameters in drivers/clocksource/ · Thomas Gleixner <hidden> · 2017-04-14
Re: [PATCH 06/38] Annotate hardware config module parameters in drivers/clocksource/ · David Howells <dhowells@redhat.com> · 2017-04-14
Re: [PATCH 06/38] Annotate hardware config module parameters in drivers/clocksource/ · Thomas Gleixner <hidden> · 2017-04-15
Re: [PATCH 06/38] Annotate hardware config module parameters in drivers/clocksource/ · David Howells <dhowells@redhat.com> · 2017-04-15
Re: [PATCH 06/38] Annotate hardware config module parameters in drivers/clocksource/ · Thomas Gleixner <hidden> · 2017-04-15
Re: [PATCH 06/38] Annotate hardware config module parameters in drivers/clocksource/ · David Howells <dhowells@redhat.com> · 2017-04-18
Re: [PATCH 06/38] Annotate hardware config module parameters in drivers/clocksource/ · Thomas Gleixner <hidden> · 2017-04-18
Re: [PATCH 06/38] Annotate hardware config module parameters in drivers/clocksource/ · Jens Rottmann <hidden> · 2017-04-18
Re: [PATCH 06/38] Annotate hardware config module parameters in drivers/clocksource/ · Jens Rottmann <hidden> · 2017-04-18
Re: [PATCH 06/38] Annotate hardware config module parameters in drivers/clocksource/ · David Howells <dhowells@redhat.com> · 2017-04-19
Re: [PATCH 06/38] Annotate hardware config module parameters in drivers/clocksource/ · David Howells <dhowells@redhat.com> · 2017-04-19
[PATCH 05/38] Annotate hardware config module parameters in drivers/char/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 05/38] Annotate hardware config module parameters in drivers/char/ · Greg KH <gregkh@linuxfoundation.org> · 2017-04-08
[PATCH 04/38] Annotate hardware config module parameters in drivers/char/mwave/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 02/38] Annotate hardware config module parameters in arch/x86/mm/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 02/38] Annotate hardware config module parameters in arch/x86/mm/ · Steven Rostedt <rostedt@goodmis.org> · 2017-04-05
Re: [PATCH 02/38] Annotate hardware config module parameters in arch/x86/mm/ · Thomas Gleixner <hidden> · 2017-04-14
Re: [PATCH 02/38] Annotate hardware config module parameters in arch/x86/mm/ · David Howells <dhowells@redhat.com> · 2017-04-18
[PATCH 03/38] Annotate hardware config module parameters in drivers/char/ipmi/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 01/38] Annotate module params that specify hardware parameters (eg. ioport) · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 17/38] Annotate hardware config module parameters in drivers/net/arcnet/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 16/38] Annotate hardware config module parameters in drivers/net/appletalk/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 15/38] Annotate hardware config module parameters in drivers/mmc/host/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 14/38] Annotate hardware config module parameters in drivers/misc/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 14/38] Annotate hardware config module parameters in drivers/misc/ · Greg KH <gregkh@linuxfoundation.org> · 2017-04-08
[PATCH 13/38] Annotate hardware config module parameters in drivers/media/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 13/38] Annotate hardware config module parameters in drivers/media/ · Mauro Carvalho Chehab <hidden> · 2017-04-19
[PATCH 12/38] Annotate hardware config module parameters in drivers/isdn/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 11/38] Annotate hardware config module parameters in drivers/input/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 10/38] Annotate hardware config module parameters in drivers/iio/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 09/38] Annotate hardware config module parameters in drivers/i2c/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 09/38] Annotate hardware config module parameters in drivers/i2c/ · Wolfram Sang <hidden> · 2017-04-19
Re: [PATCH 09/38] Annotate hardware config module parameters in drivers/i2c/ · Jean Delvare <hidden> · 2017-04-20
[PATCH 20/38] Annotate hardware config module parameters in drivers/net/hamradio/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 21/38] Annotate hardware config module parameters in drivers/net/irda/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 24/38] Annotate hardware config module parameters in drivers/parport/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 27/38] Annotate hardware config module parameters in drivers/scsi/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 30/38] Annotate hardware config module parameters in drivers/staging/vme/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 32/38] Annotate hardware config module parameters in drivers/video/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 32/38] Annotate hardware config module parameters in drivers/video/ · Bartlomiej Zolnierkiewicz <hidden> · 2017-04-14
[PATCH 31/38] Annotate hardware config module parameters in drivers/tty/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 31/38] Annotate hardware config module parameters in drivers/tty/ · Greg KH <gregkh@linuxfoundation.org> · 2017-04-08
[PATCH 33/38] Annotate hardware config module parameters in drivers/watchdog/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 35/38] Annotate hardware config module parameters in sound/drivers/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 35/38] Annotate hardware config module parameters in sound/drivers/ · Takashi Iwai <hidden> · 2017-04-07
[PATCH 38/38] Annotate hardware config module parameters in sound/pci/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 37/38] Annotate hardware config module parameters in sound/oss/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 36/38] Annotate hardware config module parameters in sound/isa/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 34/38] Annotate hardware config module parameters in fs/pstore/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 34/38] Annotate hardware config module parameters in fs/pstore/ · Kees Cook <hidden> · 2017-04-05
[PATCH 29/38] Annotate hardware config module parameters in drivers/staging/speakup/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 29/38] Annotate hardware config module parameters in drivers/staging/speakup/ · Greg KH <gregkh@linuxfoundation.org> · 2017-04-08
[PATCH 28/38] Annotate hardware config module parameters in drivers/staging/media/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 28/38] Annotate hardware config module parameters in drivers/staging/media/ · Greg KH <gregkh@linuxfoundation.org> · 2017-04-08
Re: [PATCH 28/38] Annotate hardware config module parameters in drivers/staging/media/ · Mauro Carvalho Chehab <hidden> · 2017-04-19
[PATCH 26/38] Annotate hardware config module parameters in drivers/pcmcia/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 25/38] Annotate hardware config module parameters in drivers/pci/hotplug/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 23/38] Annotate hardware config module parameters in drivers/net/wireless/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 22/38] Annotate hardware config module parameters in drivers/net/wan/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 19/38] Annotate hardware config module parameters in drivers/net/ethernet/ · David Howells <dhowells@redhat.com> · 2017-04-05
[PATCH 18/38] Annotate hardware config module parameters in drivers/net/can/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 18/38] Annotate hardware config module parameters in drivers/net/can/ · Marc Kleine-Budde <mkl@pengutronix.de> · 2017-04-14
Re: [PATCH 18/38] Annotate hardware config module parameters in drivers/net/can/ · David Howells <dhowells@redhat.com> · 2017-04-18
[PATCH 08/38] Annotate hardware config module parameters in drivers/gpio/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 08/38] Annotate hardware config module parameters in drivers/gpio/ · Linus Walleij <hidden> · 2017-04-07
Re: [PATCH 08/38] Annotate hardware config module parameters in drivers/gpio/ · David Howells <dhowells@redhat.com> · 2017-04-07
[PATCH 07/38] Annotate hardware config module parameters in drivers/cpufreq/ · David Howells <dhowells@redhat.com> · 2017-04-05
Re: [PATCH 07/38] Annotate hardware config module parameters in drivers/cpufreq/ · Viresh Kumar <viresh.kumar@linaro.org> · 2017-04-10

From: dhowells@redhat.com (David Howells)
Date: 2017-04-19 15:30:01
Also in: lkml

Jens Rottmann [off-list ref] wrote:

quoted

When the kernel is running in secure boot mode [...] prevent
access by means of configuring driver modules

I may easily be wrong, but doesn't secure boot require EFI?

For the patches I have, yes.  It could feasibly be done by some other
mechanism, though I don't know that such an alternative exists.

Do secure boot capable systems with old CS5535/36 even exist?

No idea.

David
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help