linux/security/integrity/platform_certs
Nayna Jain bc02667698 integrity: ignore keys failing CA restrictions on non-UEFI platform
On non-UEFI platforms, handle restrict_link_by_ca failures differently.

Certificates which do not satisfy CA restrictions on non-UEFI platforms
are ignored.

Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
Reviewed-and-tested-by: Mimi Zohar <zohar@linux.ibm.com>
Acked-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Nageswara R Sastry <rnsastry@linux.ibm.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
2023-08-17 20:12:35 +00:00
..
efi_parser.c efi: Don't use knowledge about efi_guid_t internals 2021-08-27 16:01:27 +02:00
keyring_handler.c integrity: PowerVM support for loading CA keys on machine keyring 2023-08-17 20:12:35 +00:00
keyring_handler.h integrity: PowerVM support for loading CA keys on machine keyring 2023-08-17 20:12:35 +00:00
load_ipl_s390.c s390/ipl: read IPL report at early boot 2019-04-26 12:34:05 +02:00
load_powerpc.c integrity: PowerVM support for loading CA keys on machine keyring 2023-08-17 20:12:35 +00:00
load_uefi.c efi: Add iMac Pro 2017 to uefi skip cert quirk 2022-11-01 14:12:28 -04:00
machine_keyring.c integrity: ignore keys failing CA restrictions on non-UEFI platform 2023-08-17 20:12:35 +00:00
platform_keyring.c Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00