integrity: Trust MOK keys if MokListTrustedRT found - kernel/linux.git

diff options

author	Eric Snowberg <eric.snowberg@oracle.com>	2022-01-26 05:58:33 +0300
committer	Jarkko Sakkinen <jarkko@kernel.org>	2022-03-08 14:55:52 +0300
commit	74f5e30051399d60dbce4296dbfd833212df13f1 (patch)
tree	76231062b60ea35b4b2cbe6cb5890b844ad54681 /Documentation
parent	847c5336d8439a3b8245b31fa127cf98a26afae8 (diff)
download	linux-74f5e30051399d60dbce4296dbfd833212df13f1.tar.xz

integrity: Trust MOK keys if MokListTrustedRT found

A new Machine Owner Key (MOK) variable called MokListTrustedRT has been introduced in shim. When this UEFI variable is set, it indicates the end-user has made the decision themselves that they wish to trust MOK keys within the Linux trust boundary. It is not an error if this variable does not exist. If it does not exist, the MOK keys should not be trusted within the kernel. Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>

Diffstat (limited to 'Documentation')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: