| Message ID | 20191023001818.3684-2-nramas@linux.microsoft.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | KEYS: measure keys when they are created or updated | expand |
diff --git a/certs/system_keyring.c b/certs/system_keyring.c index 1eba08a1af82..5533c7f92fef 100644 --- a/certs/system_keyring.c +++ b/certs/system_keyring.c @@ -283,3 +283,8 @@ void __init set_platform_trusted_keys(struct key *keyring) platform_trusted_keys = keyring; } #endif + +inline bool is_builtin_trusted_keyring(struct key *keyring) +{ + return (keyring == builtin_trusted_keys); +} diff --git a/include/keys/system_keyring.h b/include/keys/system_keyring.h index c1a96fdf598b..2bc0aaa07f05 100644 --- a/include/keys/system_keyring.h +++ b/include/keys/system_keyring.h @@ -66,4 +66,6 @@ static inline void set_platform_trusted_keys(struct key *keyring) } #endif +extern bool is_builtin_trusted_keyring(struct key *keyring); + #endif /* _KEYS_SYSTEM_KEYRING_H */
Helper function to check if the given keyring is the builtin_trusted_keys keyring. This function is used by ima to determine if a key is added to the builtin_trusted_keys keyring. Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com> --- certs/system_keyring.c | 5 +++++ include/keys/system_keyring.h | 2 ++ 2 files changed, 7 insertions(+)