[External] Re: [BUG] blacklist: Problem blacklisting hash (-13) during boot

Jeremy Kerr jk at codeconstruct.com.au
Mon Feb 27 14:36:29 UTC 2023


Hi Mark,


> I've been looking at this and the FW team are claiming that it's not 
> caused by duplicate entries in the dbx table, which is honestly a bit
> confusing.
> 
> We've been doing some more digging - but is there a possibility this
> is caused by something else?

I can't quite trace where the EACCES is coming from, I can't see any
obvious causes there - the blacklist key type doesn't have an ->update
operation, and the assoc_array insert doesn't look like it would fail.

However: if I delete one of the duplicate keys using the bios UI, then
the number of errors logged decreases by one.

Cheers,


Jeremy



More information about the Linux-security-module-archive mailing list