projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ec74cc0) | patch
trust machine keyring (MoK) by default
authorLuca Boccassi <bluca@debian.org>
Thu, 6 Mar 2025 06:21:29 +0000 (07:21 +0100)
committerSalvatore Bonaccorso <carnil@debian.org>
Thu, 6 Mar 2025 06:21:29 +0000 (07:21 +0100)
commit07c837fa64f99cdade289b0ef12a3f1529669b9c
treee87c3bbfb49cf9a58ec73ce524b459337124c679tree | snapshot
parentec74cc0f1581e87cfb8fc9a15f0d8b64862ff4adcommit | diff
trust machine keyring (MoK) by default

Debian always trusted keys in MoK by default. Upstream made it conditional on
a new EFI variable being set. To keep backward compatibility skip this check.

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name trust-machine-keyring-by-default.patch
security/integrity/platform_certs/machine_keyring.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.