aboutsummaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorEric Snowberg2022-01-25 21:58:30 -0500
committerJarkko Sakkinen2022-03-08 13:55:52 +0200
commit56edb6c25f11f25df153f4804f2d5bced2b49a9e (patch)
tree385a1e2f53f72f4c4ba2a198dcc8db85b1775784 /include
parent45fcd5e521cd0903bab05f59ad013c5d150f4e3b (diff)
KEYS: store reference to machine keyring
Expose the .machine keyring created in integrity code by adding a reference. Store a reference to the machine keyring in system keyring code. The system keyring code needs this to complete the keyring link to the machine keyring. Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Tested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Diffstat (limited to 'include')
-rw-r--r--include/keys/system_keyring.h8
1 files changed, 8 insertions, 0 deletions
diff --git a/include/keys/system_keyring.h b/include/keys/system_keyring.h
index 6acd3cf13a18..98c9b10cdc17 100644
--- a/include/keys/system_keyring.h
+++ b/include/keys/system_keyring.h
@@ -38,6 +38,14 @@ extern int restrict_link_by_builtin_and_secondary_trusted(
#define restrict_link_by_builtin_and_secondary_trusted restrict_link_by_builtin_trusted
#endif
+#ifdef CONFIG_INTEGRITY_MACHINE_KEYRING
+extern void __init set_machine_trusted_keys(struct key *keyring);
+#else
+static inline void __init set_machine_trusted_keys(struct key *keyring)
+{
+}
+#endif
+
extern struct pkcs7_message *pkcs7;
#ifdef CONFIG_SYSTEM_BLACKLIST_KEYRING
extern int mark_hash_blacklisted(const char *hash);