commit | 8607c501478432b23654739c7321bc7456053cb6 | [log] [tgz] |
---|---|---|
author | Dmitry Kasatkin <dmitry.kasatkin@intel.com> | Wed Oct 05 11:54:46 2011 +0300 |
committer | Dmitry Kasatkin <dmitry.kasatkin@intel.com> | Wed Nov 09 16:51:09 2011 +0200 |
tree | 598ef1649a261954cb1cafc05189ddedb3bd3ff8 | |
parent | 051dbb918c7fb7da8e64a2cd0d804ba73399709f [diff] |
integrity: digital signature verification using multiple keyrings Define separate keyrings for each of the different use cases - evm, ima, and modules. Using different keyrings improves search performance, and also allows "locking" specific keyring to prevent adding new keys. This is useful for evm and module keyrings, when keys are usually only added from initramfs. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>