projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 91799a6) | patch
[PATCH 2/4] MODSIGN: load blacklist from MOKx
authorLee, Chun-Yi <joeyli.kernel@gmail.com>
Tue, 13 Mar 2018 10:38:01 +0000 (18:38 +0800)
committerSalvatore Bonaccorso <carnil@debian.org>
Sun, 8 Nov 2020 12:40:04 +0000 (12:40 +0000)
commit29a96794c475f24ba02c0ddc8ab3779695fe572b
treec0f930349f0e947904e3ba7a12fe2bf7964b71a5tree | snapshot
parent91799a6c11e5341f11adea3e7978e13481a7ef58commit | diff
[PATCH 2/4] MODSIGN: load blacklist from MOKx

Origin: https://lore.kernel.org/patchwork/patch/933177/

This patch adds the logic to load the blacklisted hash and
certificates from MOKx which is maintained by shim bootloader.

Cc: David Howells <dhowells@redhat.com>
Cc: Josh Boyer <jwboyer@fedoraproject.org>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Signed-off-by: "Lee, Chun-Yi" <jlee@suse.com>
[Rebased by Luca Boccassi]
[bwh: Forward-ported to 5.5.9:
 - get_cert_list() takes a pointer to status and returns the cert list
 - Adjust filename]

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name 0002-MODSIGN-load-blacklist-from-MOKx.patch
security/integrity/platform_certs/load_uefi.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.