projects / platform / kernel / linux-rpi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d7d91c4) | patch
integrity: PowerVM support for loading third party code signing keys
authorNayna Jain <nayna@linux.ibm.com>
Tue, 15 Aug 2023 11:27:22 +0000 (07:27 -0400)
committerJarkko Sakkinen <jarkko@kernel.org>
Thu, 17 Aug 2023 20:12:35 +0000 (20:12 +0000)
commit44e69ea53892f18e8753943a4376de20b076c3fe
treec20731fd41dfedd00dd77d34c0e66b0b806bfa79tree | snapshot
parentd7d91c4743c4ef0f60b7556d2794b6dd27cda373commit | diff
integrity: PowerVM support for loading third party code signing keys

On secure boot enabled PowerVM LPAR, third party code signing keys are
needed during early boot to verify signed third party modules. These
third party keys are stored in moduledb object in the Platform
KeyStore (PKS).

Load third party code signing keys onto .secondary_trusted_keys keyring.

Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
Reviewed-and-tested-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Nageswara R Sastry <rnsastry@linux.ibm.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
certs/system_keyring.c diff | blob | history
include/keys/system_keyring.h diff | blob | history
security/integrity/platform_certs/keyring_handler.c diff | blob | history
security/integrity/platform_certs/keyring_handler.h diff | blob | history
security/integrity/platform_certs/load_powerpc.c diff | blob | history
Domain: System / Kernel;