On Tue, 2021-10-19 at 14:25 -0400, Nayna wrote: > Gentle reminder for v3. Is this version good now for acceptance ? > > Thanks & Regards, > > - Nayna > > On 10/4/21 10:52 AM, Nayna Jain wrote: > > Some firmware support secure boot by embedding static keys to verify the > > Linux kernel during boot. However, these firmware do not expose an > > interface for the kernel to load firmware keys onto ".platform" keyring. > > This would prevent kernel signature verification on kexec. > > > > For these environments, a new function load_builtin_platform_cert() is > > defined to load compiled in certificates onto the ".platform" keyring. > > > > load_certificate_list() is currently used for parsing compiled in > > certificates to be loaded onto the .builtin or .blacklist keyrings. > > Export load_certificate_list() allowing it to be used for parsing compiled > > in ".platform" keyring certificates as well. > > > > Reported-by: kernel test robot <lkp@xxxxxxxxx>(auto build test ERROR) > > Signed-off-by: Nayna Jain <nayna@xxxxxxxxxxxxx> > > --- > > NOTE: I am wondering if we should split this patch into two: > > (https://lore.kernel.org/linux-integrity/be4bd13d-659d-710d-08b9-1a34a65e5c5d@xxxxxxxxxxxxxxxxxx/). > > I can do so if you also prefer the same. Yes, splitting this patch would make it easier to review and upstream. thanks, Mimi
