projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fb0a359) | patch
[PATCH 2/4] MODSIGN: load blacklist from MOKx
authorLee, Chun-Yi <joeyli.kernel@gmail.com>
Tue, 13 Mar 2018 10:38:01 +0000 (18:38 +0800)
committerSalvatore Bonaccorso <carnil@debian.org>
Thu, 17 Dec 2020 05:31:52 +0000 (05:31 +0000)
commite014c0d1325e62fadd24762d38ff05a8a1fa2d3c
tree2bd81523e5531f651b1f6cd2b631aebf6545cb25tree | snapshot
parentfb0a35957c72b6827ecf39eed30d6a7139792771commit | diff
[PATCH 2/4] MODSIGN: load blacklist from MOKx

Origin: https://lore.kernel.org/patchwork/patch/933177/

This patch adds the logic to load the blacklisted hash and
certificates from MOKx which is maintained by shim bootloader.

Cc: David Howells <dhowells@redhat.com>
Cc: Josh Boyer <jwboyer@fedoraproject.org>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Signed-off-by: "Lee, Chun-Yi" <jlee@suse.com>
[Rebased by Luca Boccassi]
[bwh: Forward-ported to 5.5.9:
 - get_cert_list() takes a pointer to status and returns the cert list
 - Adjust filename]

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name 0002-MODSIGN-load-blacklist-from-MOKx.patch
security/integrity/platform_certs/load_uefi.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.