diff options
author | Eric Snowberg <eric.snowberg@oracle.com> | 2022-01-25 21:58:29 -0500 |
---|---|---|
committer | Jarkko Sakkinen <jarkko@kernel.org> | 2022-03-08 13:55:52 +0200 |
commit | 45fcd5e521cd0903bab05f59ad013c5d150f4e3b (patch) | |
tree | fd9135acec7e1f6200005c38de564dbfaeeb1989 /certs/system_keyring.c | |
parent | d19967764ba876f5c82dabaa28f983b21eb642a2 (diff) | |
download | lwn-45fcd5e521cd0903bab05f59ad013c5d150f4e3b.tar.gz lwn-45fcd5e521cd0903bab05f59ad013c5d150f4e3b.zip |
integrity: add new keyring handler for mok keys
Currently both Secure Boot DB and Machine Owner Keys (MOK) go through
the same keyring handler (get_handler_for_db). With the addition of the
new machine keyring, the end-user may choose to trust MOK keys.
Introduce a new keyring handler specific for MOK keys. If MOK keys are
trusted by the end-user, use the new keyring handler instead.
Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Diffstat (limited to 'certs/system_keyring.c')
0 files changed, 0 insertions, 0 deletions