]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7bebc69) | patch
libsecureboot: allow OpenPGP support to be dormant
authorSimon J. Gerraty <sjg@FreeBSD.org>
Wed, 10 Jul 2019 21:35:55 +0000 (21:35 +0000)
committerSimon J. Gerraty <sjg@FreeBSD.org>
Wed, 10 Jul 2019 21:35:55 +0000 (21:35 +0000)
commitc6eb46769d0ba33bcc1096f036ebc165eb585c92
tree4912ae4f72b0e1ad9b3df48fc88a18bc5b45deebtree | snapshot
parent7bebc6948048eb448d84309a7ebf42cc1c7fc88dcommit | diff
libsecureboot: allow OpenPGP support to be dormant

Since we can now add OpenPGP trust anchors at runtime,
ensure the latent support is available.

Ensure we do not add duplicate keys to trust store.

Also allow reporting names of trust anchors added/revoked

We only do this for loader and only after initializing trust store.
Thus only changes to initial trust store will be logged.

MFC of r349446

Reviewed by:    stevek
Differential Revision:  https://reviews.freebsd.org/D20700
lib/libsecureboot/h/libsecureboot.h diff | blob | history
lib/libsecureboot/libsecureboot-priv.h diff | blob | history
lib/libsecureboot/local.trust.mk diff | blob | history
lib/libsecureboot/openpgp/opgp_key.c diff | blob | history
lib/libsecureboot/readfile.c diff | blob | history
lib/libsecureboot/verify_file.c diff | blob | history
lib/libsecureboot/vets.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.