aboutsummaryrefslogtreecommitdiffstats
path: root/certs
AgeCommit message (Expand)AuthorFilesLines
2023-04-24KEYS: Add missing function documentationEric Snowberg1-3/+11
2023-02-26Merge tag 'kbuild-v6.3' of git://git.kernel.org/pub/scm/linux/kernel/git/masa...Linus Torvalds1-3/+6
2023-02-13certs: don't try to update blacklist keysThomas Weißschuh1-9/+12
2023-02-13certs: make blacklisted hash available in klogThomas Weißschuh1-1/+1
2023-01-31certs: Fix build error when PKCS#11 URI contains semicolonJan Luebbe1-2/+2
2023-01-22kbuild: do not print extra logs for V=2Masahiro Yamada1-3/+6
2022-09-24certs: make system keyring depend on built-in x509 parserMasahiro Yamada1-1/+1
2022-08-10Merge tag 'kbuild-v5.20' of git://git.kernel.org/pub/scm/linux/kernel/git/mas...Linus Torvalds4-15/+43
2022-07-27certs: unify blacklist_hashes.c and blacklist_nohashes.cMasahiro Yamada3-14/+5
2022-07-27certs: move scripts/check-blacklist-hashes.awk to certs/Masahiro Yamada2-1/+38
2022-07-24certs: make system keyring depend on x509 parserAdam Borowski1-0/+1
2022-06-21Merge tag 'certs-20220621' of git://git.kernel.org/pub/scm/linux/kernel/git/d...Linus Torvalds5-75/+9
2022-06-21certs: Move load_certificate_list() to be with the asymmetric keys codeDavid Howells5-75/+9
2022-06-15certs: fix and refactor CONFIG_SYSTEM_BLACKLIST_HASH_LIST buildMasahiro Yamada3-12/+12
2022-06-15certs/blacklist_hashes.c: fix const confusion in certs blacklistMasahiro Yamada1-1/+1
2022-06-10certs: Convert spaces in certs/Makefile to a tabDavid Howells1-1/+1
2022-06-08cert host tools: Stop complaining about deprecated OpenSSL functionsLinus Torvalds1-0/+7
2022-05-26Merge tag 'kbuild-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/mas...Linus Torvalds1-2/+2
2022-05-23certs: Explain the rationale to call panic()Mickaël Salaün1-0/+9
2022-05-23certs: Allow root user to append signed hashes to the blacklist keyringMickaël Salaün2-21/+85
2022-05-23certs: Check that builtin blacklist hashes are validMickaël Salaün3-3/+19
2022-05-23certs: Make blacklist_vet_description() more strictMickaël Salaün1-9/+35
2022-05-23certs: Factor out the blacklist hash creationMickaël Salaün1-18/+58
2022-04-05kbuild: Allow kernel installation packaging to override pkg-configChun-Tse Shao1-2/+2
2022-03-31Merge tag 'kbuild-v5.18-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2-29/+11
2022-03-08KEYS: Introduce link restriction for machine keysEric Snowberg1-1/+34
2022-03-08KEYS: store reference to machine keyringEric Snowberg1-0/+9
2022-03-03certs: simplify empty certs creation in certs/MakefileMasahiro Yamada1-10/+11
2022-03-03certs: include certs/signing_key.x509 unconditionallyMasahiro Yamada2-19/+0
2022-01-23certs: Fix build error when CONFIG_MODULE_SIG_KEY is emptyMasahiro Yamada1-1/+1
2022-01-23certs: Fix build error when CONFIG_MODULE_SIG_KEY is PKCS#11 URIMasahiro Yamada1-1/+1
2022-01-08certs: move scripts/extract-cert to certs/Masahiro Yamada3-4/+172
2022-01-08kbuild: do not quote string values in include/config/auto.confMasahiro Yamada1-8/+2
2022-01-08certs: simplify $(srctree)/ handling and remove config_filename macroMasahiro Yamada1-19/+13
2022-01-08certs: remove misleading comments about GCC PRMasahiro Yamada1-2/+0
2022-01-08certs: refactor file cleaningMasahiro Yamada1-4/+5
2022-01-08certs: remove unneeded -I$(srctree) option for system_certificates.oMasahiro Yamada1-3/+0
2022-01-08certs: unify duplicated cmd_extract_certs and improve the logMasahiro Yamada1-6/+3
2022-01-08certs: use $< and $@ to simplify the key generation ruleMasahiro Yamada1-3/+2
2021-12-11certs: use if_changed to re-generate the key when the key type is changedMasahiro Yamada1-24/+6
2021-12-11certs: use 'cmd' to hide openssl output in silent builds more simplyMasahiro Yamada1-6/+6
2021-12-11certs: remove noisy messages while generating the signing keyMasahiro Yamada1-11/+0
2021-12-11certs: check-in the default x509 config fileMasahiro Yamada2-18/+23
2021-12-11certs: remove meaningless $(error ...) in certs/MakefileMasahiro Yamada1-3/+0
2021-12-11certs: move the 'depends on' to the choice of module signing keysMasahiro Yamada1-3/+1
2021-08-23certs: Add support for using elliptic curve keys for signing modulesStefan Berger2-0/+39
2021-08-23certs: Trigger creation of RSA module signing key if it's not an RSA keyStefan Berger1-0/+8
2021-05-08Merge tag 'kbuild-v5.13-2' of git://git.kernel.org/pub/scm/linux/kernel/git/m...Linus Torvalds1-2/+2
2021-05-01Merge tag 'integrity-v5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds4-4/+47
2021-05-02.gitignore: prefix local generated files with a slashMasahiro Yamada1-2/+2
2021-04-26ima: ensure IMA_APPRAISE_MODSIG has necessary dependenciesNayna Jain3-2/+5
2021-04-26certs: add 'x509_revocation_list' to gitignoreLinus Torvalds1-0/+1
2021-04-09ima: enable loading of build time generated key on .ima keyringNayna Jain2-11/+52
2021-04-09ima: enable signing of modules with build time generated keyNayna Jain2-1/+9
2021-03-11certs: Add ability to preload revocation certsEric Snowberg4-2/+67
2021-03-11certs: Move load_system_certificate_list to a common functionEric Snowberg4-47/+70
2021-03-11certs: Add EFI_CERT_X509_GUID support for dbx entriesEric Snowberg4-0/+60
2021-01-21certs: Replace K{U,G}IDT_INIT() with GLOBAL_ROOT_{U,G}IDMickaël Salaün2-4/+5
2021-01-21certs: Fix blacklist flag type confusionDavid Howells1-1/+1
2021-01-21certs: Fix blacklisted hexadecimal hash string checkMickaël Salaün1-1/+1
2021-01-21certs/blacklist: fix kernel doc interface issueAlex Shi1-1/+1
2020-03-25.gitignore: add SPDX License IdentifierMasahiro Yamada1-0/+1
2020-03-25.gitignore: remove too obvious commentsMasahiro Yamada1-3/+0
2019-11-12certs: Add wrapper function to check blacklisted binary hashNayna Jain1-0/+9
2019-08-05PKCS#7: Refactor verify_pkcs7_signature()Thiago Jung Bauermann1-16/+45
2019-07-10Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/k...Linus Torvalds2-5/+14
2019-07-08Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds2-14/+5
2019-07-08Merge tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/ker...Linus Torvalds1-1/+1
2019-06-27keys: Replace uid/gid/perm permissions checking with an ACLDavid Howells2-14/+5
2019-06-26keys: Add a 'recurse' flag for keyring searchesDavid Howells1-1/+1
2019-05-24treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36Thomas Gleixner2-10/+2
2019-02-04kexec, KEYS: Make use of platform keyring for signature verifyKairui Song1-1/+12
2019-02-04integrity, KEYS: add a reference to platform keyringKairui Song1-0/+10
2019-01-06kbuild: remove redundant target cleaning on failureMasahiro Yamada1-1/+1
2018-08-22export.h: remove VMLINUX_SYMBOL() and VMLINUX_SYMBOL_STR()Masahiro Yamada1-8/+8
2018-08-16Replace magic for trusting the secondary keyring with #defineYannik Sembritzki1-1/+2
2018-06-26certs/blacklist: fix const confusionNick Desaulniers1-1/+1
2018-06-15docs: Fix some broken referencesMauro Carvalho Chehab1-1/+1
2018-02-21certs/blacklist_nohashes.c: fix const confusion in certs blacklistAndi Kleen1-1/+1
2017-11-02License cleanup: add SPDX GPL-2.0 license identifier to files with no licenseGreg Kroah-Hartman5-0/+5
2017-07-14modsign: add markers to endif-statements in certs/MakefileJarkko Sakkinen1-3/+3
2017-05-08scripts/spelling.txt: add "intialise(d)" pattern and fix typo instancesMasahiro Yamada1-1/+1
2017-04-04KEYS: Use structure to capture key restriction function and dataMat Martineau1-1/+20
2017-04-03KEYS: Split role of the keyring pointer for keyring restrict functionsMat Martineau1-7/+11
2017-04-03KEYS: Add a system blacklist keyringDavid Howells6-0/+212
2016-04-11certs: Add a secondary system keyring that can be added to dynamicallyDavid Howells2-16/+79
2016-04-11KEYS: Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTEDDavid Howells1-2/+0
2016-04-11KEYS: Move the point of trust determination to __key_link()David Howells1-3/+17
2016-04-11KEYS: Make the system trusted keyring depend on the asymmetric key typeDavid Howells1-0/+1
2016-04-11KEYS: Add a facility to restrict new links into a keyringDavid Howells1-4/+4
2016-04-06PKCS#7: Make trust determination dependent on contents of trust keyringDavid Howells1-9/+4
2016-04-06KEYS: Generalise system_verify_data() to provide access to internal contentDavid Howells1-10/+35
2016-02-29certs: Fix misaligned data in extra certificate listDavid Howells1-0/+1
2016-02-26KEYS: Reserve an extra certificate symbol for inserting without recompilingMehmet Kayaalp2-0/+28
2016-02-26modsign: hide openssl output in silent buildsArnd Bergmann1-14/+19
2016-02-09KEYS: Add an alloc flag to convey the builtinness of a keyDavid Howells1-2/+2
2015-10-21certs: add .gitignore to stop git nagging about x509_certificate_listPaul Gortmaker1-0/+4
2015-08-14modsign: Handle signing key in source treeDavid Woodhouse1-54/+0
2015-08-14modsign: Use if_changed rule for extracting cert from module signing keyDavid Woodhouse1-2/+3
2015-08-14Move certificate handling to its own directoryDavid Howells4-0/+369
generated by cgit 1.3-korg (git 2.53.0) at 2026-05-01 20:18:14 +0000