summaryrefslogtreecommitdiffstats
path: root/certs
Commit message (Expand)AuthorAgeFilesLines
* KEYS: Introduce link restriction for machine keysEric Snowberg2022-03-081-1/+34
* KEYS: store reference to machine keyringEric Snowberg2022-03-081-0/+9
* certs: Fix build error when CONFIG_MODULE_SIG_KEY is emptyMasahiro Yamada2022-01-231-1/+1
* certs: Fix build error when CONFIG_MODULE_SIG_KEY is PKCS#11 URIMasahiro Yamada2022-01-231-1/+1
* certs: move scripts/extract-cert to certs/Masahiro Yamada2022-01-083-4/+172
* kbuild: do not quote string values in include/config/auto.confMasahiro Yamada2022-01-081-8/+2
* certs: simplify $(srctree)/ handling and remove config_filename macroMasahiro Yamada2022-01-081-19/+13
* certs: remove misleading comments about GCC PRMasahiro Yamada2022-01-081-2/+0
* certs: refactor file cleaningMasahiro Yamada2022-01-081-4/+5
* certs: remove unneeded -I$(srctree) option for system_certificates.oMasahiro Yamada2022-01-081-3/+0
* certs: unify duplicated cmd_extract_certs and improve the logMasahiro Yamada2022-01-081-6/+3
* certs: use $< and $@ to simplify the key generation ruleMasahiro Yamada2022-01-081-3/+2
* certs: use if_changed to re-generate the key when the key type is changedMasahiro Yamada2021-12-111-24/+6
* certs: use 'cmd' to hide openssl output in silent builds more simplyMasahiro Yamada2021-12-111-6/+6
* certs: remove noisy messages while generating the signing keyMasahiro Yamada2021-12-111-11/+0
* certs: check-in the default x509 config fileMasahiro Yamada2021-12-112-18/+23
* certs: remove meaningless $(error ...) in certs/MakefileMasahiro Yamada2021-12-111-3/+0
* certs: move the 'depends on' to the choice of module signing keysMasahiro Yamada2021-12-111-3/+1
* certs: Add support for using elliptic curve keys for signing modulesStefan Berger2021-08-232-0/+39
* certs: Trigger creation of RSA module signing key if it's not an RSA keyStefan Berger2021-08-231-0/+8
* Merge tag 'kbuild-v5.13-2' of git://git.kernel.org/pub/scm/linux/kernel/git/m...Linus Torvalds2021-05-081-2/+2
|\
| * .gitignore: prefix local generated files with a slashMasahiro Yamada2021-05-021-2/+2
* | Merge tag 'integrity-v5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2021-05-014-4/+47
|\ \ | |/ |/|
| * ima: ensure IMA_APPRAISE_MODSIG has necessary dependenciesNayna Jain2021-04-263-2/+5
| * ima: enable loading of build time generated key on .ima keyringNayna Jain2021-04-092-11/+52
| * ima: enable signing of modules with build time generated keyNayna Jain2021-04-092-1/+9
* | certs: add 'x509_revocation_list' to gitignoreLinus Torvalds2021-04-261-0/+1
* | certs: Add ability to preload revocation certsEric Snowberg2021-03-114-2/+67
* | certs: Move load_system_certificate_list to a common functionEric Snowberg2021-03-114-47/+70
* | certs: Add EFI_CERT_X509_GUID support for dbx entriesEric Snowberg2021-03-114-0/+60
|/
* certs: Replace K{U,G}IDT_INIT() with GLOBAL_ROOT_{U,G}IDMickaël Salaün2021-01-212-4/+5
* certs: Fix blacklist flag type confusionDavid Howells2021-01-211-1/+1
* certs: Fix blacklisted hexadecimal hash string checkMickaël Salaün2021-01-211-1/+1
* certs/blacklist: fix kernel doc interface issueAlex Shi2021-01-211-1/+1
* .gitignore: add SPDX License IdentifierMasahiro Yamada2020-03-251-0/+1
* .gitignore: remove too obvious commentsMasahiro Yamada2020-03-251-3/+0
* certs: Add wrapper function to check blacklisted binary hashNayna Jain2019-11-121-0/+9
* PKCS#7: Refactor verify_pkcs7_signature()Thiago Jung Bauermann2019-08-051-16/+45
* Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds2019-07-102-5/+14
* Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds2019-07-082-14/+5
|\
| * keys: Replace uid/gid/perm permissions checking with an ACLDavid Howells2019-06-272-14/+5
* | Merge tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds2019-07-081-1/+1
|\|
| * keys: Add a 'recurse' flag for keyring searchesDavid Howells2019-06-261-1/+1
* | treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36Thomas Gleixner2019-05-242-10/+2
|/
* kexec, KEYS: Make use of platform keyring for signature verifyKairui Song2019-02-041-1/+12
* integrity, KEYS: add a reference to platform keyringKairui Song2019-02-041-0/+10
* kbuild: remove redundant target cleaning on failureMasahiro Yamada2019-01-061-1/+1
* export.h: remove VMLINUX_SYMBOL() and VMLINUX_SYMBOL_STR()Masahiro Yamada2018-08-221-8/+8
* Replace magic for trusting the secondary keyring with #defineYannik Sembritzki2018-08-161-1/+2
* certs/blacklist: fix const confusionNick Desaulniers2018-06-261-1/+1