As suggested by Jarkko and explained by Paul, let's document the panic() calls from the blacklist keyring initialization. This series applies on top of commit 50c486fe3108 ("certs: Allow root user to append signed hashes to the blacklist keyring"). This can smoothly be rebased on top of Jarkko's next branch. [1] https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/commit/?id=50c486fe310890c134b5cb36cf9a4135475a6074 Regards, Mickaël Salaün (1): certs: Explain the rational to call panic() certs/blacklist.c | 8 ++++++++ 1 file changed, 8 insertions(+) base-commit: 50c486fe310890c134b5cb36cf9a4135475a6074 -- 2.35.1