| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-08-12 | extract-cert: Cope with multiple X.509 certificates in a single file | David Woodhouse | |
| This is not required for the module signing key, although it doesn't do any harm — it just means that any additional certs in the PEM file are also trusted by the kernel. But it does allow us to use the extract-cert tool for processing the extra certs from CONFIG_SYSTEM_TRUSTED_KEYS, instead of that horrid awk|base64 hack. Also cope with being invoked with no input file, creating an empty output file as a result. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com> | |||
| 2015-08-07 | modsign: Extract signing cert from CONFIG_MODULE_SIG_KEY if needed | David Woodhouse | |
| Where an external PEM file or PKCS#11 URI is given, we can get the cert from it for ourselves instead of making the user drop signing_key.x509 in place for us. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com> | |||
 |
index : linux.git | |
| Linus' kernel tree | Russell King |
| summaryrefslogtreecommitdiff |