Re: [PATCH] KEYS: Make use of platform keyring for module signature verification
From: Luis Chamberlain
Date: Fri Mar 31 2023 - 16:02:36 EST
On Fri, Mar 31, 2023 at 04:30:21PM +0200, Ahelenia Ziemiańska wrote:
> This allows a cert in DB to be used to sign modules,
> in addition to certs in the MoK and built-in keyrings.
>
> This key policy matches what's used for kexec.
>
> Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@xxxxxxxxxxxxxxxxxx>
Before I nose dive, the commit log should explain why this patch never
was sent upstream, if it was, why it was rejected. What makes it good now?
Who is using it? What are other distributions doing about it?
Luis