Page MenuHomeFreeBSD
Differential D20700

libsecureboot: allow OpenPGP support to be dormant
ClosedPublic
Actions

Authored by sjg on Jun 19 2019, 7:22 PM.
Tags
None
Referenced Files
F132702769: D20700.id59085.diff
Sun, Oct 19, 4:32 AM
F132646526: D20700.diff
Sat, Oct 18, 5:39 PM
Unknown Object (File)
Sun, Oct 12, 3:15 PM
Unknown Object (File)
Mon, Sep 29, 9:49 PM
Unknown Object (File)
Tue, Sep 23, 8:16 PM
Unknown Object (File)
Aug 18 2025, 10:22 AM
Unknown Object (File)
Aug 12 2025, 9:35 PM
Unknown Object (File)
Aug 6 2025, 3:49 PM
View All 100 Files
Subscribers
imp

Details

Reviewers
stevek
mw
kd
Commits
rS349894: libsecureboot: allow OpenPGP support to be dormant
rS349446: libsecureboot: allow OpenPGP support to be dormant
Summary

Since we can now add OpenPGP trust anchors at runtime,
ensure the latent support is available.

Ensure we do not add duplicate keys to trust store.

Also allow reporting names of trust anchors added/revoked

We only do this for loader and only after initializing trust store.
Thus only changes to initial trust store will be logged.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
head/
lib/
libsecureboot/
h/
5 lines
2 lines
9 lines
openpgp/
49 lines
39 lines
29 lines
138 lines

Diff 59085

View Options

head/lib/libsecureboot/h/libsecureboot.h

Loading...
View Options

head/lib/libsecureboot/libsecureboot-priv.h

Loading...
View Options

head/lib/libsecureboot/local.trust.mk

Loading...
View Options

head/lib/libsecureboot/openpgp/opgp_key.c

Loading...
View Options

head/lib/libsecureboot/readfile.c

Loading...
View Options

head/lib/libsecureboot/verify_file.c

Loading...
View Options

head/lib/libsecureboot/vets.c

Loading...