projects / platform / adaptation / renesas_rcar / renesas_kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 051dbb9) | patch
integrity: digital signature verification using multiple keyrings
authorDmitry Kasatkin <dmitry.kasatkin@intel.com>
Wed, 5 Oct 2011 08:54:46 +0000 (11:54 +0300)
committerDmitry Kasatkin <dmitry.kasatkin@intel.com>
Wed, 9 Nov 2011 14:51:09 +0000 (16:51 +0200)
commit8607c501478432b23654739c7321bc7456053cb6
tree598ef1649a261954cb1cafc05189ddedb3bd3ff8tree | snapshot
parent051dbb918c7fb7da8e64a2cd0d804ba73399709fcommit | diff
integrity: digital signature verification using multiple keyrings

Define separate keyrings for each of the different use cases - evm, ima,
and modules. Using different keyrings improves search performance, and also
allows "locking" specific keyring to prevent adding new keys.
This is useful for evm and module keyrings, when keys are usually only
added from initramfs.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
security/integrity/Kconfig diff | blob | history
security/integrity/Makefile diff | blob | history
security/integrity/digsig.c [new file with mode: 0644] blob
security/integrity/integrity.h diff | blob | history
Domain: System / Uncategorized;