projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6227260) | patch
trust machine keyring (MoK) by default
authorLuca Boccassi <bluca@debian.org>
Thu, 10 Apr 2025 19:32:42 +0000 (21:32 +0200)
committerSalvatore Bonaccorso <carnil@debian.org>
Thu, 10 Apr 2025 19:32:42 +0000 (21:32 +0200)
commit569649367677a789fc08a1ca3cd06a2772feaaf7
tree58e9bacfb556850b72315e3e9b9bfae0357afca8tree | snapshot
parent62272609f91e0e82225f43160c1a701b9245a5ebcommit | diff
trust machine keyring (MoK) by default

Debian always trusted keys in MoK by default. Upstream made it conditional on
a new EFI variable being set. To keep backward compatibility skip this check.

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name trust-machine-keyring-by-default.patch
security/integrity/platform_certs/machine_keyring.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.