]> git.ipfire.org Git - thirdparty/grub.git/commit
projects / thirdparty / grub.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 76158ed) | patch
appended signatures: Introducing key management environment variable
authorSudhakar Kuppusamy <sudhakar@linux.ibm.com>
Mon, 6 Oct 2025 07:24:57 +0000 (12:54 +0530)
committerDaniel Kiper <daniel.kiper@oracle.com>
Sat, 11 Oct 2025 13:36:52 +0000 (15:36 +0200)
commitb5e872417d620f11e918977d5b63275774a28bce
tree7b1d0d097bf24b7549fcc0a81162ff1a2ffca1betree | snapshot
parent76158ed1ad8f3b6278830abee237bc3f9e3e46facommit | diff
appended signatures: Introducing key management environment variable

Introducing the appended signature key management environment variable. It is
automatically set to either "static" or "dynamic" based on the Platform KeyStore.

"static": Enforce static key management signature verification. This is the
          default. When the GRUB is locked down, user cannot change the value
          by setting the appendedsig_key_mgmt variable back to "dynamic".

"dynamic": Enforce dynamic key management signature verification. When the GRUB
           is locked down, user cannot change the value by setting the
           appendedsig_key_mgmt variable back to "static".

Signed-off-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
grub-core/commands/appendedsig/appendedsig.c diff | blob | blame | history
Mirror of https://git.savannah.gnu.org/git/grub.git