Diffusion FreeBSD src repository f9510887eeb5

libsecureboot: allow OpenPGP support to be dormant
f9510887eeb5
Actions

Description

libsecureboot: allow OpenPGP support to be dormant

Since we can now add OpenPGP trust anchors at runtime,
ensure the latent support is available.

Ensure we do not add duplicate keys to trust store.

Also allow reporting names of trust anchors added/revoked

We only do this for loader and only after initializing trust store.
Thus only changes to initial trust store will be logged.

Reviewed by: stevek
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D20700

Details

Provenance

sjg	Authored on Jun 26 2019, 11:33 PM

Parents

rG84322e3ee3b5: In get_fpcontext32() and set_fpcontext32(), we can't just use memcpy() to

Branches

Unknown

Tags

Unknown

Event Timeline

Changes (7)

Path

Size

lib/

libsecureboot/

openpgp/

rGf9510887eeb5

View Options

lib/libsecureboot/h/libsecureboot.h

View Options

lib/libsecureboot/libsecureboot-priv.h

View Options

lib/libsecureboot/local.trust.mk

View Options

lib/libsecureboot/openpgp/opgp_key.c

View Options

lib/libsecureboot/readfile.c

View Options

lib/libsecureboot/verify_file.c

View Options

libsecureboot: allow OpenPGP support to be dormantf9510887eeb5Actions

Description

Details

Event Timeline

Changes (7)

rGf9510887eeb5

lib/libsecureboot/h/libsecureboot.h

lib/libsecureboot/libsecureboot-priv.h

lib/libsecureboot/local.trust.mk

lib/libsecureboot/openpgp/opgp_key.c

lib/libsecureboot/readfile.c

lib/libsecureboot/verify_file.c

lib/libsecureboot/vets.c

libsecureboot: allow OpenPGP support to be dormant
f9510887eeb5
Actions