summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorNayna Jain <nayna@linux.ibm.com>2018-12-09 01:56:59 +0530
committerMimi Zohar <zohar@linux.ibm.com>2018-12-12 22:02:28 -0500
commit9dc92c45177ab70e20ae94baa2f2e558da63a9c7 (patch)
tree6620a5636e038d1cfb08d985e6effe541307d82e /include
parenta802ed0dd9c2607cc219574e881062d43ea3b7e0 (diff)
integrity: Define a trusted platform keyring
On secure boot enabled systems, a verified kernel may need to kexec additional kernels. For example, it may be used as a bootloader needing to kexec a target kernel or it may need to kexec a crashdump kernel. In such cases, it may want to verify the signature of the next kernel image. It is further possible that the kernel image is signed with third party keys which are stored as platform or firmware keys in the 'db' variable. The kernel, however, can not directly verify these platform keys, and an administrator may therefore not want to trust them for arbitrary usage. In order to differentiate platform keys from other keys and provide the necessary separation of trust, the kernel needs an additional keyring to store platform keys. This patch creates the new keyring called ".platform" to isolate keys provided by platform from keys by kernel. These keys are used to facilitate signature verification during kexec. Since the scope of this keyring is only the platform/firmware keys, it cannot be updated from userspace. This keyring can be enabled by setting CONFIG_INTEGRITY_PLATFORM_KEYRING. Signed-off-by: Nayna Jain <nayna@linux.ibm.com> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Acked-by: Serge Hallyn <serge@hallyn.com> Reviewed-by: James Morris <james.morris@microsoft.com> Reviewed-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'include')
0 files changed, 0 insertions, 0 deletions