leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
45fcd5e521
linux/security/integrity/platform_certs
History
Eric Snowberg 45fcd5e521 integrity: add new keyring handler for mok keys 
Currently both Secure Boot DB and Machine Owner Keys (MOK) go through
the same keyring handler (get_handler_for_db). With the addition of the
new machine keyring, the end-user may choose to trust MOK keys.

Introduce a new keyring handler specific for MOK keys.  If MOK keys are
trusted by the end-user, use the new keyring handler instead.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
2022-03-08 13:55:52 +02:00
..
efi_parser.c efi: Don't use knowledge about efi_guid_t internals 2021-08-27 16:01:27 +02:00
keyring_handler.c integrity: add new keyring handler for mok keys 2022-03-08 13:55:52 +02:00
keyring_handler.h integrity: add new keyring handler for mok keys 2022-03-08 13:55:52 +02:00
load_ipl_s390.c s390/ipl: read IPL report at early boot 2019-04-26 12:34:05 +02:00
load_powerpc.c powerpc: Load firmware trusted keys/hashes into kernel keyring 2019-11-13 00:33:23 +11:00
load_uefi.c integrity: add new keyring handler for mok keys 2022-03-08 13:55:52 +02:00
machine_keyring.c integrity: Introduce a Linux keyring called machine 2022-03-08 13:55:52 +02:00
platform_keyring.c Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00