As suggested by Jarkko [1], let's remove the panic() calls from the
keyring initializations. This series applies on top of commit
c9e54f38976a ("integrity: Only use machine keyring when
uefi_check_trust_mok_keys is true"), which also includes 50c486fe3108
("certs: Allow root user to append signed hashes to the blacklist
keyring").
[1] https://lore.kernel.org/r/Yik0C2t7G272YZ73@xxxxxx
[2] https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/commit/?id=c9e54f38976a1c0ec69c0a6208b3fd55fceb01d1
Regards,
Mickaël Salaün (2):
certs: Remove panic() calls from blacklist_init()
certs: Remove panic() calls from system_trusted_keyring_init()
certs/blacklist.c | 27 +++++++++++++++++++++------
certs/system_keyring.c | 26 ++++++++++++++++++++------
2 files changed, 41 insertions(+), 12 deletions(-)
base-commit: c9e54f38976a1c0ec69c0a6208b3fd55fceb01d1
--
2.35.1
