summaryrefslogtreecommitdiff
path: root/security/integrity/platform_certs/keyring_handler.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/integrity/platform_certs/keyring_handler.c')
-rw-r--r--security/integrity/platform_certs/keyring_handler.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/integrity/platform_certs/keyring_handler.c b/security/integrity/platform_certs/keyring_handler.c
index 4872850d081f..1db4d3b4356d 100644
--- a/security/integrity/platform_certs/keyring_handler.c
+++ b/security/integrity/platform_certs/keyring_handler.c
@@ -83,7 +83,7 @@ __init efi_element_handler_t get_handler_for_db(const efi_guid_t *sig_type)
__init efi_element_handler_t get_handler_for_mok(const efi_guid_t *sig_type)
{
if (efi_guidcmp(*sig_type, efi_cert_x509_guid) == 0) {
- if (IS_ENABLED(CONFIG_INTEGRITY_MACHINE_KEYRING))
+ if (IS_ENABLED(CONFIG_INTEGRITY_MACHINE_KEYRING) && trust_moklist())
return add_to_machine_keyring;
else
return add_to_platform_keyring;
generated by cgit (git 2.34.1) at 2024-06-22 01:35:14 +0000