[PATCH v7 08/17] integrity: add new keyring handler for mok keys
Mimi Zohar
zohar at linux.ibm.com
Fri Nov 19 00:05:46 UTC 2021
On Mon, 2021-11-15 at 19:15 -0500, Eric Snowberg wrote:
> Currently both Secure Boot DB and Machine Owner Keys (MOK) go through
> the same keyring handler (get_handler_for_db). With the addition of the
> new machine keyring, the end-user may choose to trust MOK keys.
>
> Introduce a new keyring handler specific for MOK keys. If MOK keys are
> trusted by the end-user, use the new keyring handler instead.
>
> Signed-off-by: Eric Snowberg <eric.snowberg at oracle.com>
Reviewed-by: Mimi Zohar <zohar at linux.ibm.com>
More information about the Linux-security-module-archive
mailing list