summaryrefslogtreecommitdiffstats
path: root/certs
Commit message (Expand)AuthorAgeFilesLines
...
* certs: check-in the default x509 config fileMasahiro Yamada2021-12-112-18/+23
* certs: remove meaningless $(error ...) in certs/MakefileMasahiro Yamada2021-12-111-3/+0
* certs: move the 'depends on' to the choice of module signing keysMasahiro Yamada2021-12-111-3/+1
* certs: Add support for using elliptic curve keys for signing modulesStefan Berger2021-08-232-0/+39
* certs: Trigger creation of RSA module signing key if it's not an RSA keyStefan Berger2021-08-231-0/+8
* Merge tag 'kbuild-v5.13-2' of git://git.kernel.org/pub/scm/linux/kernel/git/m...Linus Torvalds2021-05-081-2/+2
|\
| * .gitignore: prefix local generated files with a slashMasahiro Yamada2021-05-021-2/+2
* | Merge tag 'integrity-v5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2021-05-014-4/+47
|\ \ | |/ |/|
| * ima: ensure IMA_APPRAISE_MODSIG has necessary dependenciesNayna Jain2021-04-263-2/+5
| * ima: enable loading of build time generated key on .ima keyringNayna Jain2021-04-092-11/+52
| * ima: enable signing of modules with build time generated keyNayna Jain2021-04-092-1/+9
* | certs: add 'x509_revocation_list' to gitignoreLinus Torvalds2021-04-261-0/+1
* | certs: Add ability to preload revocation certsEric Snowberg2021-03-114-2/+67
* | certs: Move load_system_certificate_list to a common functionEric Snowberg2021-03-114-47/+70
* | certs: Add EFI_CERT_X509_GUID support for dbx entriesEric Snowberg2021-03-114-0/+60
|/
* certs: Replace K{U,G}IDT_INIT() with GLOBAL_ROOT_{U,G}IDMickaël Salaün2021-01-212-4/+5
* certs: Fix blacklist flag type confusionDavid Howells2021-01-211-1/+1
* certs: Fix blacklisted hexadecimal hash string checkMickaël Salaün2021-01-211-1/+1
* certs/blacklist: fix kernel doc interface issueAlex Shi2021-01-211-1/+1
* .gitignore: add SPDX License IdentifierMasahiro Yamada2020-03-251-0/+1
* .gitignore: remove too obvious commentsMasahiro Yamada2020-03-251-3/+0
* certs: Add wrapper function to check blacklisted binary hashNayna Jain2019-11-121-0/+9
* PKCS#7: Refactor verify_pkcs7_signature()Thiago Jung Bauermann2019-08-051-16/+45
* Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds2019-07-102-5/+14
* Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds2019-07-082-14/+5
|\
| * keys: Replace uid/gid/perm permissions checking with an ACLDavid Howells2019-06-272-14/+5
* | Merge tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds2019-07-081-1/+1
|\|
| * keys: Add a 'recurse' flag for keyring searchesDavid Howells2019-06-261-1/+1
* | treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36Thomas Gleixner2019-05-242-10/+2
|/
* kexec, KEYS: Make use of platform keyring for signature verifyKairui Song2019-02-041-1/+12
* integrity, KEYS: add a reference to platform keyringKairui Song2019-02-041-0/+10
* kbuild: remove redundant target cleaning on failureMasahiro Yamada2019-01-061-1/+1
* export.h: remove VMLINUX_SYMBOL() and VMLINUX_SYMBOL_STR()Masahiro Yamada2018-08-221-8/+8
* Replace magic for trusting the secondary keyring with #defineYannik Sembritzki2018-08-161-1/+2
* certs/blacklist: fix const confusionNick Desaulniers2018-06-261-1/+1
* docs: Fix some broken referencesMauro Carvalho Chehab2018-06-151-1/+1
* certs/blacklist_nohashes.c: fix const confusion in certs blacklistAndi Kleen2018-02-211-1/+1
* License cleanup: add SPDX GPL-2.0 license identifier to files with no licenseGreg Kroah-Hartman2017-11-025-0/+5
* modsign: add markers to endif-statements in certs/MakefileJarkko Sakkinen2017-07-141-3/+3
* scripts/spelling.txt: add "intialise(d)" pattern and fix typo instancesMasahiro Yamada2017-05-081-1/+1
* KEYS: Use structure to capture key restriction function and dataMat Martineau2017-04-041-1/+20
* KEYS: Split role of the keyring pointer for keyring restrict functionsMat Martineau2017-04-031-7/+11
* KEYS: Add a system blacklist keyringDavid Howells2017-04-036-0/+212
* certs: Add a secondary system keyring that can be added to dynamicallyDavid Howells2016-04-112-16/+79
* KEYS: Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTEDDavid Howells2016-04-111-2/+0
* KEYS: Move the point of trust determination to __key_link()David Howells2016-04-111-3/+17
* KEYS: Make the system trusted keyring depend on the asymmetric key typeDavid Howells2016-04-111-0/+1
* KEYS: Add a facility to restrict new links into a keyringDavid Howells2016-04-111-4/+4
* PKCS#7: Make trust determination dependent on contents of trust keyringDavid Howells2016-04-061-9/+4
* KEYS: Generalise system_verify_data() to provide access to internal contentDavid Howells2016-04-061-10/+35