projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a8531de) | patch
trust machine keyring (MoK) by default
authorLuca Boccassi <bluca@debian.org>
Wed, 7 May 2025 15:10:56 +0000 (17:10 +0200)
committerSalvatore Bonaccorso <carnil@debian.org>
Wed, 7 May 2025 15:10:56 +0000 (17:10 +0200)
commitb93d3e420d981bff2a77d12d2d215d0ac00d8756
tree7b0de12aa13164c95b07fa7f4e2f033fc1f00a57tree | snapshot
parenta8531de60362155eb78f278ced28af9ed02efb27commit | diff
trust machine keyring (MoK) by default

Debian always trusted keys in MoK by default. Upstream made it conditional on
a new EFI variable being set. To keep backward compatibility skip this check.

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name trust-machine-keyring-by-default.patch
security/integrity/platform_certs/machine_keyring.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.