On Mon, 2021-11-15 at 19:15 -0500, Eric Snowberg wrote: > Currently both Secure Boot DB and Machine Owner Keys (MOK) go through > the same keyring handler (get_handler_for_db). With the addition of the > new machine keyring, the end-user may choose to trust MOK keys. > > Introduce a new keyring handler specific for MOK keys. If MOK keys are > trusted by the end-user, use the new keyring handler instead. > > Signed-off-by: Eric Snowberg <eric.snowberg@xxxxxxxxxx> Reviewed-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
