linux-sg2042/certs
Kairui Song 219a3e8676 integrity, KEYS: add a reference to platform keyring
commit 9dc92c4517 ("integrity: Define a trusted platform keyring")
introduced a .platform keyring for storing preboot keys, used for
verifying kernel image signatures. Currently only IMA-appraisal is able
to use the keyring to verify kernel images that have their signature
stored in xattr.

This patch exposes the .platform keyring, making it accessible for
verifying PE signed kernel images as well.

Suggested-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Kairui Song <kasong@redhat.com>
Cc: David Howells <dhowells@redhat.com>
[zohar@linux.ibm.com: fixed checkpatch errors, squashed with patch fix]
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2019-02-04 17:29:19 -05:00
..
.gitignore certs: add .gitignore to stop git nagging about x509_certificate_list 2015-10-21 15:18:35 +01:00
Kconfig docs: Fix some broken references 2018-06-15 18:10:01 -03:00
Makefile kbuild: remove redundant target cleaning on failure 2019-01-06 09:46:51 +09:00
blacklist.c scripts/spelling.txt: add "intialise(d)" pattern and fix typo instances 2017-05-08 17:15:13 -07:00
blacklist.h certs/blacklist: fix const confusion 2018-06-26 09:43:03 -07:00
blacklist_hashes.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
blacklist_nohashes.c certs/blacklist_nohashes.c: fix const confusion in certs blacklist 2018-02-21 15:35:43 -08:00
system_certificates.S export.h: remove VMLINUX_SYMBOL() and VMLINUX_SYMBOL_STR() 2018-08-22 23:21:44 +09:00
system_keyring.c integrity, KEYS: add a reference to platform keyring 2019-02-04 17:29:19 -05:00