Re: [PATCH v5 12/12] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true

From: Jarkko Sakkinen
Date: Thu Sep 09 2021 - 10:00:49 EST

Next message: Colin King: "[PATCH] md/raid6 algorithms: scale test duration for speedier boots"
Previous message: Yu Kuai: "[RFC PATCH] blk-throttle: enable io throttle for root in cgroup v2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2021-09-07 at 12:01 -0400, Eric Snowberg wrote:
> With the introduction of uefi_check_trust_mok_keys, it signifies the end-
> user wants to trust the machine keyring as trusted keys. If they have
> chosen to trust the machine keyring, load the qualifying keys into it
> during boot, then link it to the secondary keyring . If the user has not
> chosen to trust the machine keyring, it will be empty and not linked to
> the secondary keyring.
>
> Signed-off-by: Eric Snowberg <eric.snowberg@xxxxxxxxxx>

I would not worry too much applying the code changes if the story
part made sense (to *almost anyone*) in the cover letter.

/Jarkko

Next message: Colin King: "[PATCH] md/raid6 algorithms: scale test duration for speedier boots"
Previous message: Yu Kuai: "[RFC PATCH] blk-throttle: enable io throttle for root in cgroup v2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]