diff options
author | Eric Snowberg <eric.snowberg@oracle.com> | 2022-01-26 03:58:30 +0100 |
---|---|---|
committer | Jarkko Sakkinen <jarkko@kernel.org> | 2022-03-08 12:55:52 +0100 |
commit | 56edb6c25f11f25df153f4804f2d5bced2b49a9e (patch) | |
tree | 385a1e2f53f72f4c4ba2a198dcc8db85b1775784 /certs | |
parent | integrity: add new keyring handler for mok keys (diff) | |
download | linux-56edb6c25f11f25df153f4804f2d5bced2b49a9e.tar.xz linux-56edb6c25f11f25df153f4804f2d5bced2b49a9e.zip |
KEYS: store reference to machine keyring
Expose the .machine keyring created in integrity code by adding
a reference. Store a reference to the machine keyring in
system keyring code. The system keyring code needs this to complete
the keyring link to the machine keyring.
Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Diffstat (limited to 'certs')
-rw-r--r-- | certs/system_keyring.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/certs/system_keyring.c b/certs/system_keyring.c index 692365dee2bd..08ea542c8096 100644 --- a/certs/system_keyring.c +++ b/certs/system_keyring.c @@ -22,6 +22,9 @@ static struct key *builtin_trusted_keys; #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING static struct key *secondary_trusted_keys; #endif +#ifdef CONFIG_INTEGRITY_MACHINE_KEYRING +static struct key *machine_trusted_keys; +#endif #ifdef CONFIG_INTEGRITY_PLATFORM_KEYRING static struct key *platform_trusted_keys; #endif @@ -91,6 +94,12 @@ static __init struct key_restriction *get_builtin_and_secondary_restriction(void return restriction; } #endif +#ifdef CONFIG_INTEGRITY_MACHINE_KEYRING +void __init set_machine_trusted_keys(struct key *keyring) +{ + machine_trusted_keys = keyring; +} +#endif /* * Create the trusted keyrings |