UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/security/integrity/platform_certs
History
Eric Snowberg 3d6ae1a5d0 integrity: Only use machine keyring when uefi_check_trust_mok_keys is true 
With the introduction of uefi_check_trust_mok_keys, it signifies the end-
user wants to trust the machine keyring as trusted keys.  If they have
chosen to trust the machine keyring, load the qualifying keys into it
during boot, then link it to the secondary keyring .  If the user has not
chosen to trust the machine keyring, it will be empty and not linked to
the secondary keyring.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
 		2022-03-08 13:55:52 +02:00
..
efi_parser.c efi: Don't use knowledge about efi_guid_t internals 2021-08-27 16:01:27 +02:00
keyring_handler.c integrity: Only use machine keyring when uefi_check_trust_mok_keys is true 2022-03-08 13:55:52 +02:00
keyring_handler.h integrity: add new keyring handler for mok keys 2022-03-08 13:55:52 +02:00
load_ipl_s390.c s390/ipl: read IPL report at early boot 2019-04-26 12:34:05 +02:00
load_powerpc.c powerpc: Load firmware trusted keys/hashes into kernel keyring 2019-11-13 00:33:23 +11:00
load_uefi.c integrity: add new keyring handler for mok keys 2022-03-08 13:55:52 +02:00
machine_keyring.c integrity: Only use machine keyring when uefi_check_trust_mok_keys is true 2022-03-08 13:55:52 +02:00
platform_keyring.c Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00