qiurui
/
Centos-kernel-stream-9
mirror of https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Centos-kernel-stream-9/certs
History
Coiby Xu dba178aa01 integrity: PowerVM support for loading third party code signing keys 
JIRA: https://issues.redhat.com/browse/RHEL-11462

Upstream Status: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Conflicts: This commit is a bit different from the upstream commit because it
           also fixes a small difference between a previous commit backported from
           from the subsystem maintainer Jarkko Sakkinen's tree and the one
           landing in Linus's tree. For details, please refer to
           previous commit 5118691156 ("KEYS: DigitalSignature link restriction")
           and commit 4cfb90805445.

commit 44e69ea53892f18e8753943a4376de20b076c3fe
Author: Nayna Jain <nayna@linux.ibm.com>
Date:   Tue Aug 15 07:27:22 2023 -0400

    integrity: PowerVM support for loading third party code signing keys

    On secure boot enabled PowerVM LPAR, third party code signing keys are
    needed during early boot to verify signed third party modules. These
    third party keys are stored in moduledb object in the Platform
    KeyStore (PKS).

    Load third party code signing keys onto .secondary_trusted_keys keyring.

    Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
    Reviewed-and-tested-by: Mimi Zohar <zohar@linux.ibm.com>
    Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
    Tested-by: Nageswara R Sastry <rnsastry@linux.ibm.com>
    Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>

Signed-off-by: Coiby Xu <coxu@redhat.com>
 		2024-02-05 19:05:32 +08:00
..
.gitignore .gitignore: prefix local generated files with a slash 2021-05-02 00:43:35 +09:00
Kconfig integrity-v5.13 2021-05-01 15:32:18 -07:00
Makefile certs: Move load_certificate_list() to be with the asymmetric keys code 2022-06-23 11:32:02 +01:00
blacklist.c certs: Move load_certificate_list() to be with the asymmetric keys code 2022-06-23 11:32:02 +01:00
blacklist.h certs: Add EFI_CERT_X509_GUID support for dbx entries 2021-03-11 16:31:28 +00:00
blacklist_hashes.c
blacklist_nohashes.c
revocation_certificates.S certs: Add ability to preload revocation certs 2021-03-11 16:33:49 +00:00
system_certificates.S ima: ensure IMA_APPRAISE_MODSIG has necessary dependencies 2021-04-26 21:54:23 -04:00
system_keyring.c integrity: PowerVM support for loading third party code signing keys 2024-02-05 19:05:32 +08:00