www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Josh Boyer <jwboyer@fedoraproject.org>
	Fri, 26 Oct 2012 16:36:24 +0000 (12:36 -0400)
committer	Santosh Shilimkar <santosh.shilimkar@oracle.com>
	Mon, 10 Aug 2015 16:24:05 +0000 (09:24 -0700)
commit	d8ea8e79433bd8215493e225a9d29350cfb113e5
tree	576fdbe86d4bd6899d34edeef2c127595dd5702c	tree
parent	34c1ae2f51e726e7114b9f41e9afebaeea21dd07	commit \| diff

MODSIGN: Add module certificate blacklist keyring

Orabug: 21539498

This adds an additional keyring that is used to store certificates that
are blacklisted. This keyring is searched first when loading signed modules
and if the module's certificate is found, it will refuse to load. This is
useful in cases where third party certificates are used for module signing.

Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
Signed-off-by: Guangyu Sun <guangyu.sun@oracle.com>
Signed-off-by: Santosh Shilimkar <santosh.shilimkar@oracle.com>

include/keys/system_keyring.h		diff \| blob \| history
init/Kconfig		diff \| blob \| history
kernel/module_signing.c		diff \| blob \| history
kernel/system_keyring.c		diff \| blob \| history