mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-02 07:04:24 +00:00
Code Issues Releases Wiki Activity
linux-stable/security/integrity/platform_certs
History
Eric Snowberg 3d6ae1a5d0 integrity: Only use machine keyring when uefi_check_trust_mok_keys is true 
With the introduction of uefi_check_trust_mok_keys, it signifies the end-
user wants to trust the machine keyring as trusted keys.  If they have
chosen to trust the machine keyring, load the qualifying keys into it
during boot, then link it to the secondary keyring .  If the user has not
chosen to trust the machine keyring, it will be empty and not linked to
the secondary keyring.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
2022-03-08 13:55:52 +02:00
..
efi_parser.c efi: Don't use knowledge about efi_guid_t internals 2021-08-27 16:01:27 +02:00
keyring_handler.c integrity: Only use machine keyring when uefi_check_trust_mok_keys is true 2022-03-08 13:55:52 +02:00
keyring_handler.h integrity: add new keyring handler for mok keys 2022-03-08 13:55:52 +02:00
load_ipl_s390.c s390/ipl: read IPL report at early boot 2019-04-26 12:34:05 +02:00
load_powerpc.c powerpc: Load firmware trusted keys/hashes into kernel keyring 2019-11-13 00:33:23 +11:00
load_uefi.c integrity: add new keyring handler for mok keys 2022-03-08 13:55:52 +02:00
machine_keyring.c integrity: Only use machine keyring when uefi_check_trust_mok_keys is true 2022-03-08 13:55:52 +02:00
platform_keyring.c Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00