superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/security/integrity
History
Eric Snowberg 3d6ae1a5d0 integrity: Only use machine keyring when uefi_check_trust_mok_keys is true 
With the introduction of uefi_check_trust_mok_keys, it signifies the end-
user wants to trust the machine keyring as trusted keys.  If they have
chosen to trust the machine keyring, load the qualifying keys into it
during boot, then link it to the secondary keyring .  If the user has not
chosen to trust the machine keyring, it will be empty and not linked to
the secondary keyring.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
 		2022-03-08 13:55:52 +02:00
..
evm evm: mark evm_fixmode as __ro_after_init 2021-10-28 18:52:49 -04:00
ima ima: Do not print policy rule with inactive LSM labels 2022-02-02 11:59:54 -05:00
platform_certs integrity: Only use machine keyring when uefi_check_trust_mok_keys is true 2022-03-08 13:55:52 +02:00
Kconfig integrity: Introduce a Linux keyring called machine 2022-03-08 13:55:52 +02:00
Makefile integrity: Introduce a Linux keyring called machine 2022-03-08 13:55:52 +02:00
digsig.c integrity: Only use machine keyring when uefi_check_trust_mok_keys is true 2022-03-08 13:55:52 +02:00
digsig_asymmetric.c ima: fix reference leak in asymmetric_verify() 2022-01-24 18:37:36 -05:00
iint.c evm: Load EVM key in ima_load_x509() to avoid appraisal 2021-05-21 12:47:04 -04:00
integrity.h integrity: Only use machine keyring when uefi_check_trust_mok_keys is true 2022-03-08 13:55:52 +02:00
integrity_audit.c integrity: check the return value of audit_log_start() 2022-02-02 11:44:23 -05:00