kernel / kernel-source

Clone
Source Code
GIT

Files

  1.   f98e5145766658826610ef663941a4c22c7f81b4
  2.   patches.suse
  3.   0006-modsign-Use-secondary-trust-keyring-for-module-signi.patch
Blob Blame History Raw 
From c0187008a89e1571458ab48bed145cb1b893bb1a Mon Sep 17 00:00:00 2001
From: David Howells <dhowells@redhat.com>
Date: Thu, 3 Aug 2017 16:56:22 +0100
Subject: [PATCH 6/6] modsign: Use secondary trust keyring for module signing

Patch-mainline: Queued in subsystem maintainer repository
Git-repo: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git
Git-commit: c0187008a89e1571458ab48bed145cb1b893bb1a
References: fate#314508

Use secondary trust keyring for module signing as that's where the UEFI
keys get stashed.

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Lee, Chun-Yi <jlee@suse.com>
---
 kernel/module_signing.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/module_signing.c b/kernel/module_signing.c
index 937c844..d3d6f95 100644
--- a/kernel/module_signing.c
+++ b/kernel/module_signing.c
@@ -81,6 +81,6 @@ int mod_verify_sig(const void *mod, unsigned long *_modlen)
 	}
 
 	return verify_pkcs7_signature(mod, modlen, mod + modlen, sig_len,
-				      NULL, VERIFYING_MODULE_SIGNATURE,
+				      (void *)1UL, VERIFYING_MODULE_SIGNATURE,
 				      NULL, NULL);
 }
-- 
2.6.2
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.