Patch-mainline: Not yet, reviewing References: none Target: openSUSE 12.3 Test steps: + build; make modules_install; make install + add 'secureboot_enable=1' kernel parameter Known issues on SLE (fixed): + xorg-x11-server need d01921ec18c21f21d377b606 patch for avoid 'xf86EnableIOPorts: failed to set IOPL for I/O (Operation not permitted)' Backported 11 patches to lock down functions in secure boot: 0001_Secure_boot:_Add_new_capability_v2.patch 0002_PCI:_Lock_down_BAR_access_in_secure_boot_environments_v2.patch 0003_x86:_Lock_down_IO_port_access_in_secure_boot_environments_v2.patch 0004_ACPI:_Limit_access_to_custom_method_v2.patch 0005_asus-wmi:_Restrict_debugfs_interface_v2.patch 0006_Restrict__dev_mem_and__dev_kmem_in_secure_boot_setups_v2.patch 0007_Secure_boot:_Add_a_dummy_kernel_parameter_that_will_switch_on_Secure_Boot_mode_v2.patch 0008_efi:_Enable_secure_boot_lockdown_automatically_when_enabled_in_firmware_v2.patch 0009_acpi:_Ignore_acpi_rsdp_kernel_parameter_in_a_secure_boot_environment_v2.patch 0010_SELinux:_define_mapping_for_new_Secure_Boot_capability_v2.patch 0011-hibernate-Disable-in-a-Secure-Boot-environment.patch -- To unsubscribe, e-mail: opensuse-kernel+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-kernel+owner@opensuse.org