Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / d3bfe84129f65e0af2450743ebdab33d161d01c9
commitd3bfe84129f65e0af2450743ebdab33d161d01c9[log] [tgz]
authorDavid Howells <dhowells@redhat.com>Wed Apr 06 16:14:27 2016 +0100
committerDavid Howells <dhowells@redhat.com>Mon Apr 11 22:48:09 2016 +0100
tree37d567ed647f869e6a01cddcb40ec67b716204e0
parent77f68bac9481ad440f4f34dda3d28c2dce6eb87b [diff]
certs: Add a secondary system keyring that can be added to dynamically

Add a secondary system keyring that can be added to by root whilst the
system is running - provided the key being added is vouched for by a key
built into the kernel or already added to the secondary keyring.

Rename .system_keyring to .builtin_trusted_keys to distinguish it more
obviously from the new keyring (called .secondary_trusted_keys).

The new keyring needs to be enabled with CONFIG_SECONDARY_TRUSTED_KEYRING.

If the secondary keyring is enabled, a link is created from that to
.builtin_trusted_keys so that the the latter will automatically be searched
too if the secondary keyring is searched.

Signed-off-by: David Howells <dhowells@redhat.com>
3 files changed
tree: 37d567ed647f869e6a01cddcb40ec67b716204e0
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .get_maintainer.ignore
  24. .gitignore
  25. .mailmap
  26. COPYING
  27. CREDITS
  28. Kbuild
  29. Kconfig
  30. MAINTAINERS
  31. Makefile
  32. README
  33. REPORTING-BUGS