diff options
| author | Eric Snowberg <eric.snowberg@oracle.com> | 2022-01-25 21:58:30 -0500 |
|---|---|---|
| committer | Jarkko Sakkinen <jarkko@kernel.org> | 2022-03-08 13:55:52 +0200 |
| commit | 56edb6c25f11f25df153f4804f2d5bced2b49a9e (patch) | |
| tree | 385a1e2f53f72f4c4ba2a198dcc8db85b1775784 /security | |
| parent | 45fcd5e521cd0903bab05f59ad013c5d150f4e3b (diff) | |
| download | linux-56edb6c25f11f25df153f4804f2d5bced2b49a9e.tar.gz | |
KEYS: store reference to machine keyring
Expose the .machine keyring created in integrity code by adding a reference. Store a reference to the machine keyring in system keyring code. The system keyring code needs this to complete the keyring link to the machine keyring. Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Tested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/integrity/digsig.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c index 2b7fa85613c0..7b719aa76188 100644 --- a/security/integrity/digsig.c +++ b/security/integrity/digsig.c @@ -112,6 +112,8 @@ static int __init __integrity_init_keyring(const unsigned int id, } else { if (id == INTEGRITY_KEYRING_PLATFORM) set_platform_trusted_keys(keyring[id]); + if (id == INTEGRITY_KEYRING_MACHINE) + set_machine_trusted_keys(keyring[id]); if (id == INTEGRITY_KEYRING_IMA) load_module_cert(keyring[id]); } |