OpenCloudOS-Kernel/certs
Nayna Jain 2434f7d2d4 certs: Add wrapper function to check blacklisted binary hash
The -EKEYREJECTED error returned by existing is_hash_blacklisted() is
misleading when called for checking against blacklisted hash of a
binary.

This patch adds a wrapper function is_binary_blacklisted() to return
-EPERM error if binary is blacklisted.

Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/1572492694-6520-7-git-send-email-zohar@linux.ibm.com
2019-11-12 12:25:50 +11:00
..
.gitignore certs: add .gitignore to stop git nagging about x509_certificate_list 2015-10-21 15:18:35 +01:00
Kconfig docs: Fix some broken references 2018-06-15 18:10:01 -03:00
Makefile kbuild: remove redundant target cleaning on failure 2019-01-06 09:46:51 +09:00
blacklist.c certs: Add wrapper function to check blacklisted binary hash 2019-11-12 12:25:50 +11:00
blacklist.h certs/blacklist: fix const confusion 2018-06-26 09:43:03 -07:00
blacklist_hashes.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
blacklist_nohashes.c certs/blacklist_nohashes.c: fix const confusion in certs blacklist 2018-02-21 15:35:43 -08:00
system_certificates.S export.h: remove VMLINUX_SYMBOL() and VMLINUX_SYMBOL_STR() 2018-08-22 23:21:44 +09:00
system_keyring.c PKCS#7: Refactor verify_pkcs7_signature() 2019-08-05 18:40:18 -04:00