projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f42455c) | patch
trust machine keyring (MoK) by default
authorLuca Boccassi <bluca@debian.org>
Thu, 27 Jul 2023 17:28:01 +0000 (18:28 +0100)
committerBen Hutchings <benh@debian.org>
Thu, 27 Jul 2023 17:28:01 +0000 (18:28 +0100)
commitba58cdb85a931f03dc9954643ac4b0622e94e01d
tree797df10735fb204fa912d9490c3e7d353c71e7c8tree | snapshot
parentf42455c183e7c9373ebf4df56be0d26f97b4c3e1commit | diff
trust machine keyring (MoK) by default

Debian always trusted keys in MoK by default. Upstream made it conditional on
a new EFI variable being set. To keep backward compatibility skip this check.

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name trust-machine-keyring-by-default.patch
security/integrity/platform_certs/machine_keyring.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.