// SPDX-License-Identifier: GPL-2.0 /* * Machine keyring routines. * * Copyright (c) 2021, Oracle and/or its affiliates. */ #include <linux/efi.h> #include "../integrity.h" static __init int machine_keyring_init(void) { … } device_initcall(machine_keyring_init); void __init add_to_machine_keyring(const char *source, const void *data, size_t len) { … } /* * Try to load the MokListTrustedRT MOK variable to see if we should trust * the MOK keys within the kernel. It is not an error if this variable * does not exist. If it does not exist, MOK keys should not be trusted * within the machine keyring. */ static __init bool uefi_check_trust_mok_keys(void) { … } static bool __init trust_moklist(void) { … } /* * Provides platform specific check for trusting imputed keys before loading * on .machine keyring. UEFI systems enable this trust based on a variable, * and for other platforms, it is always enabled. */ bool __init imputed_trust_enabled(void) { … }
Codebase Browser
linux