[kernel] Update secure boot hibernate patch to include swsusp
Josh Boyer
jwboyer at fedoraproject.org
Wed Oct 31 17:38:44 UTC 2012
commit b07f54352e180803ae2820a9d0e800fd070876c4
Author: Josh Boyer <jwboyer at redhat.com>
Date: Wed Oct 31 13:38:31 2012 -0400
Update secure boot hibernate patch to include swsusp
kernel.spec | 9 +++++--
...ot-20121026.patch => secure-boot-20121031.patch | 22 ++++++++++++++++++-
2 files changed, 26 insertions(+), 5 deletions(-)
---
diff --git a/kernel.spec b/kernel.spec
index 7a463f5..06ffc06 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -62,7 +62,7 @@ Summary: The Linux kernel
# For non-released -rc kernels, this will be appended after the rcX and
# gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
#
-%global baserelease 1
+%global baserelease 2
%global fedora_build %{baserelease}
# base_sublevel is the kernel version we're starting with and patching
@@ -688,7 +688,7 @@ Patch800: linux-2.6-crash-driver.patch
Patch900: modsign-post-KS-jwb.patch
# secure boot
-Patch1000: secure-boot-20121026.patch
+Patch1000: secure-boot-20121031.patch
# Improve PCI support on UEFI
Patch1100: handle-efi-roms.patch
@@ -1406,7 +1406,7 @@ ApplyPatch linux-2.6-e1000-ich9-montevina.patch
ApplyPatch modsign-post-KS-jwb.patch
# secure boot
-ApplyPatch secure-boot-20121026.patch
+ApplyPatch secure-boot-20121031.patch
# Improved PCI support for UEFI
ApplyPatch handle-efi-roms.patch
@@ -2317,6 +2317,9 @@ fi
# ||----w |
# || ||
%changelog
+* Wed Oct 31 2012 Josh Boyer <jwboyer at redhat.com>
+- Update secure boot hibernate patch to include swsusp
+
* Tue Oct 30 2012 Josh Boyer <jwboyer at redhat.com> - 3.7.0-0.rc3.git1.1
- Linux v3.7-rc3-8-g35fd3dc
- Reenable debugging options.
diff --git a/secure-boot-20121026.patch b/secure-boot-20121031.patch
similarity index 98%
rename from secure-boot-20121026.patch
rename to secure-boot-20121031.patch
index 1c50594..0f22b36 100644
--- a/secure-boot-20121026.patch
+++ b/secure-boot-20121031.patch
@@ -1306,7 +1306,8 @@ index 0000000..049669d
--
1.7.12.1
-From d037dc552a62b1dd39b457e10c133a4509b0efc3 Mon Sep 17 00:00:00 2001
+
+From 924e09f1b267c407ca037171bc6f8f90b09265d6 Mon Sep 17 00:00:00 2001
From: Josh Boyer <jwboyer at redhat.com>
Date: Fri, 26 Oct 2012 14:02:09 -0400
Subject: [PATCH] hibernate: Disable in a Secure Boot environment
@@ -1318,9 +1319,12 @@ a Secure Boot environment.
Signed-off-by: Josh Boyer <jwboyer at redhat.com>
---
+ v2: Updated to include swsup after feedback from Jiri Kosina <jkosina at suse.cz>
+
kernel/power/hibernate.c | 14 +++++++++++++-
kernel/power/main.c | 4 +++-
- 2 files changed, 16 insertions(+), 2 deletions(-)
+ kernel/power/user.c | 3 +++
+ 3 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c
index b26f5f1..f04343b 100644
@@ -1383,6 +1387,20 @@ index f458238..72580c1 100644
#else
if (s != buf)
/* convert the last space to a newline */
+diff --git a/kernel/power/user.c b/kernel/power/user.c
+index 4ed81e7..b11a0f4 100644
+--- a/kernel/power/user.c
++++ b/kernel/power/user.c
+@@ -48,6 +48,9 @@ static int snapshot_open(struct inode *inode, struct file *filp)
+ struct snapshot_data *data;
+ int error;
+
++ if (!capable(CAP_COMPROMISE_KERNEL))
++ return -EPERM;
++
+ lock_system_sleep();
+
+ if (!atomic_add_unless(&snapshot_device_available, -1, 0)) {
--
1.7.12.1
More information about the scm-commits
mailing list