mirror of https://github.com/Qortal/Brooklyn
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
58 lines
1.3 KiB
58 lines
1.3 KiB
// SPDX-License-Identifier: GPL-2.0+ |
|
/* |
|
* Platform keyring for firmware/platform keys |
|
* |
|
* Copyright IBM Corporation, 2018 |
|
* Author(s): Nayna Jain <[email protected]> |
|
*/ |
|
|
|
#include <linux/export.h> |
|
#include <linux/kernel.h> |
|
#include <linux/sched.h> |
|
#include <linux/cred.h> |
|
#include <linux/err.h> |
|
#include <linux/slab.h> |
|
#include "../integrity.h" |
|
|
|
/** |
|
* add_to_platform_keyring - Add to platform keyring without validation. |
|
* @source: Source of key |
|
* @data: The blob holding the key |
|
* @len: The length of the data blob |
|
* |
|
* Add a key to the platform keyring without checking its trust chain. This |
|
* is available only during kernel initialisation. |
|
*/ |
|
void __init add_to_platform_keyring(const char *source, const void *data, |
|
size_t len) |
|
{ |
|
key_perm_t perm; |
|
int rc; |
|
|
|
perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW; |
|
|
|
rc = integrity_load_cert(INTEGRITY_KEYRING_PLATFORM, source, data, len, |
|
perm); |
|
if (rc) |
|
pr_info("Error adding keys to platform keyring %s\n", source); |
|
} |
|
|
|
/* |
|
* Create the trusted keyrings. |
|
*/ |
|
static __init int platform_keyring_init(void) |
|
{ |
|
int rc; |
|
|
|
rc = integrity_init_keyring(INTEGRITY_KEYRING_PLATFORM); |
|
if (rc) |
|
return rc; |
|
|
|
pr_notice("Platform Keyring initialized\n"); |
|
return 0; |
|
} |
|
|
|
/* |
|
* Must be initialised before we try and load the keys into the keyring. |
|
*/ |
|
device_initcall(platform_keyring_init);
|
|
|