projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ee51b65) | patch
[PATCH 2/4] MODSIGN: load blacklist from MOKx
authorLee, Chun-Yi <joeyli.kernel@gmail.com>
Tue, 13 Mar 2018 10:38:01 +0000 (18:38 +0800)
committerSalvatore Bonaccorso <carnil@debian.org>
Sat, 17 Oct 2020 13:14:43 +0000 (14:14 +0100)
commita772473e500d79f2bda3a7e749d6aa63e2863f72
treefcf1750c7bc06d3a100c06964ac580fbefd8502ftree | snapshot
parentee51b65ae735e4ae222ceaec759e055d4156833acommit | diff
[PATCH 2/4] MODSIGN: load blacklist from MOKx

Origin: https://lore.kernel.org/patchwork/patch/933177/

This patch adds the logic to load the blacklisted hash and
certificates from MOKx which is maintained by shim bootloader.

Cc: David Howells <dhowells@redhat.com>
Cc: Josh Boyer <jwboyer@fedoraproject.org>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Signed-off-by: "Lee, Chun-Yi" <jlee@suse.com>
[Rebased by Luca Boccassi]
[bwh: Forward-ported to 5.5.9:
 - get_cert_list() takes a pointer to status and returns the cert list
 - Adjust filename]

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name 0002-MODSIGN-load-blacklist-from-MOKx.patch
security/integrity/platform_certs/load_uefi.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.