projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: df79f5b) | patch
trust machine keyring (MoK) by default
authorLuca Boccassi <bluca@debian.org>
Sat, 30 Dec 2023 09:31:20 +0000 (10:31 +0100)
committerSalvatore Bonaccorso <carnil@debian.org>
Sat, 30 Dec 2023 09:31:20 +0000 (10:31 +0100)
commit2efb19b1cd8ee4036b32af703837cf5f6bff42a5
treee1a6d7452646414f16216895a0ed5d2196c465d9tree | snapshot
parentdf79f5b4531d8e40e69fa3fdb2bbfd9b9e7f644fcommit | diff
trust machine keyring (MoK) by default

Debian always trusted keys in MoK by default. Upstream made it conditional on
a new EFI variable being set. To keep backward compatibility skip this check.

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name trust-machine-keyring-by-default.patch
security/integrity/platform_certs/machine_keyring.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.