FROMLIST: modsign: use all trusted keys to verify module signature
Make mod_verify_sig to use all trusted keys. This allows keys in
secondary_trusted_keys to be used to verify PKCS#7 signature on a
kernel module.
Signed-off-by: Ke Wu <mikewu@google.com>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
(am from https://lore.kernel.org/patchwork/patch/1007668/)
BUG=b:38045925,b:72118988
TEST=emerge-lakitu sys-kernel/lakitu-kernel-4_14
Change-Id: I9f414bb0ab0a23b97e798784c69d77a54fb9f200
Reviewed-on: https://chromium-review.googlesource.com/1327609
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Ke Wu <mikewu@google.com>
Reviewed-by: Guenter Roeck <groeck@chromium.org>
Reviewed-by: Douglas Anderson <dianders@chromium.org>
(cherry picked from commit dbb279f07a8c8a12e03ed82b956104dac733803b)
Reviewed-on: https://chromium-review.googlesource.com/c/1357618
Commit-Queue: Ke Wu <mikewu@google.com>
1 file changed