]> git.ipfire.org Git - thirdparty/kernel/stable.git/blobdiff - certs/Kconfig
projects / thirdparty / kernel / stable.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
certs: Add a secondary system keyring that can be added to dynamically
[thirdparty/kernel/stable.git] / certs / Kconfig
diff --git a/certs/Kconfig b/certs/Kconfig
index 743d480f5f6f8e2aeb2d76890b8b5b205307ef25..fc5955f5fc8a92c0fb20dcf528b000e0d6ed0ed7 100644 (file)
--- a/certs/Kconfig
+++ b/certs/Kconfig
@@ -56,4 +56,12 @@ config SYSTEM_EXTRA_CERTIFICATE_SIZE
          This is the number of bytes reserved in the kernel image for a
          certificate to be inserted.
 
+config SECONDARY_TRUSTED_KEYRING
+       bool "Provide a keyring to which extra trustable keys may be added"
+       depends on SYSTEM_TRUSTED_KEYRING
+       help
+         If set, provide a keyring to which extra keys may be added, provided
+         those keys are not blacklisted and are vouched for by a key built
+         into the kernel or already in the secondary trusted keyring.
+
 endmenu
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git