Mimi Zohar wrote:
> > + return restrict_link_by_signature(builtin_trusted_keys, type, payload);
>
> Shouldn't thi be secondary_trusted_keys?
Yeah. Good catch, thanks!
David
Mimi Zohar wrote:
> > + return restrict_link_by_signature(builtin_trusted_keys, type, payload);
>
> Shouldn't thi be secondary_trusted_keys?
Yeah. Good catch, thanks!
David
On Wed, 2016-03-09 at 11:19 +, David Howells wrote:
> +#ifdef CONFIG_SECONDARY_TRUSTED_KEYRING
> +/**
> + * restrict_link_by_builtin_and_secondary_trusted - Restrict keyring
> + * addition by both builtin and secondary keyrings
> + *
> + * Restrict the addition of keys into a keyring based
On Wed, 2016-03-09 at 11:19 +, David Howells wrote:
> +#ifdef CONFIG_SECONDARY_TRUSTED_KEYRING
> +/**
> + * restrict_link_by_builtin_and_secondary_trusted - Restrict keyring
> + * addition by both builtin and secondary keyrings
> + *
> + * Restrict the addition of keys into a keyring based
Add a secondary system keyring that can be added to by root whilst the
system is running - provided the key being added is vouched for by a key
built into the kernel or already added to the secondary keyring.
Rename .system_keyring to .builtin_trusted_keys to distinguish it more
obviously from
Add a secondary system keyring that can be added to by root whilst the
system is running - provided the key being added is vouched for by a key
built into the kernel or already added to the secondary keyring.
Rename .system_keyring to .builtin_trusted_keys to distinguish it more
obviously from
6 matches
Mail list logo