Re: [PATCH] X.509: Partially revert patch to add validation against IMA MOK keyring
From: David Howells
Date: Tue Jan 12 2016 - 10:57:09 EST
Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:
> > > The name "restrict_link_by_ima_mok()" doesn't reflect that it is either
> > > the system keyring or the IMA MOK keyring.
> >
> > How about restrict_link_by_ima_trusted()?
>
> Good. restrict_link_by_ima_trusted would only check the IMA MOK keyring
> if it was configured.
And the system keyring?
David