Eric Snowberg 45fcd5e521 integrity: add new keyring handler for mok keys ... Currently both Secure Boot DB and Machine Owner Keys (MOK) go through the same keyring handler (get_handler_for_db). With the addition of the new machine keyring, the end-user may choose to trust MOK keys. Introduce a new keyring handler specific for MOK keys. If MOK keys are trusted by the end-user, use the new keyring handler instead. Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Tested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>		2022-03-08 13:55:52 +02:00
..
evm	evm: mark evm_fixmode as __ro_after_init	2021-10-28 18:52:49 -04:00
ima	ima: Do not print policy rule with inactive LSM labels	2022-02-02 11:59:54 -05:00
platform_certs	integrity: add new keyring handler for mok keys	2022-03-08 13:55:52 +02:00
digsig.c	integrity: Introduce a Linux keyring called machine	2022-03-08 13:55:52 +02:00
digsig_asymmetric.c	ima: fix reference leak in asymmetric_verify()	2022-01-24 18:37:36 -05:00
iint.c	evm: Load EVM key in ima_load_x509() to avoid appraisal	2021-05-21 12:47:04 -04:00
integrity.h	integrity: Introduce a Linux keyring called machine	2022-03-08 13:55:52 +02:00
integrity_audit.c	integrity: check the return value of audit_log_start()	2022-02-02 11:44:23 -05:00
Kconfig	integrity: Introduce a Linux keyring called machine	2022-03-08 13:55:52 +02:00
Makefile	integrity: Introduce a Linux keyring called machine	2022-03-08 13:55:52 +02:00