Thomas Weißschuh c95e8f6fd1 certs: don't try to update blacklist keys ... When the same key is blacklisted repeatedly logging at pr_err() level is excessive as no functionality is impaired. When these duplicates are provided by buggy firmware there is nothing the user can do to fix the situation. Instead of spamming the bootlog with errors we use a warning that can still be seen by OEMs when testing their firmware. Link: https://lore.kernel.org/all/c8c65713-5cda-43ad-8018-20f2e32e4432@t-8ch.de/ Link: https://lore.kernel.org/all/20221104014704.3469-1-linux@weissschuh.net/ Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Tested-by: Paul Menzel <pmenzel@molgen.mpg.de> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>		2023-02-13 10:11:20 +02:00
..
.gitignore	certs: fix and refactor CONFIG_SYSTEM_BLACKLIST_HASH_LIST build	2022-06-15 21:52:32 +03:00
Kconfig	certs: make system keyring depend on built-in x509 parser	2022-09-24 04:31:18 +09:00
Makefile	certs: Fix build error when PKCS#11 URI contains semicolon	2023-01-31 17:53:01 +09:00
blacklist.c	certs: don't try to update blacklist keys	2023-02-13 10:11:20 +02:00
blacklist.h	certs: Add EFI_CERT_X509_GUID support for dbx entries	2021-03-11 16:31:28 +00:00
blacklist_hashes.c	certs: unify blacklist_hashes.c and blacklist_nohashes.c	2022-07-27 21:17:59 +09:00
check-blacklist-hashes.awk	certs: move scripts/check-blacklist-hashes.awk to certs/	2022-07-27 21:17:59 +09:00
default_x509.genkey	certs: check-in the default x509 config file	2021-12-11 22:09:14 +09:00
extract-cert.c	cert host tools: Stop complaining about deprecated OpenSSL functions	2022-06-08 13:18:39 -07:00
revocation_certificates.S	certs: Add ability to preload revocation certs	2021-03-11 16:33:49 +00:00
system_certificates.S	certs: include certs/signing_key.x509 unconditionally	2022-03-03 08:16:19 +09:00
system_keyring.c	certs: Move load_certificate_list() to be with the asymmetric keys code	2022-06-21 16:05:06 +01:00