| Quellcodebibliothek Statistik Leitseite products/Sources/formale Sprachen/JAVA/Openjdk/src/hotspot/share/gc/g1/ (Sun/Oracle ©) Datei vom 13.11.2022 mit Größe 25 kB |
|
Quelle keyring_handler.c Sprache: C |
|||||||||||||||
|
// SPDX-License-Identifier: GPL-2.0 #include <linux/kernel.h> #include <linux/sched.h> #include <linux/cred.h> #include <linux/err.h> #include <linux/efi.h> #include <linux/slab.h> #include <keys/asymmetric-type.h> #include <keys/system_keyring.h> #include "../integrity.h" #include "keyring_handler.h" static efi_guid_t efi_cert_x509_guid __initdata = EFI_CERT_X509_GUID; static efi_guid_t efi_cert_x509_sha256_guid __initdata = EFI_CERT_X509_SHA256_GUID; static efi_guid_t efi_cert_sha256_guid __initdata = EFI_CERT_SHA256_GUID; /* * Blacklist an X509 TBS hash. */ static __init void uefi_blacklist_x509_tbs(const char *source, const void *data, size_t len) { mark_hash_blacklisted(data, len, BLACKLIST_HASH_X509_TBS); } /* * Blacklist the hash of an executable. */ static __init void uefi_blacklist_binary(const char *source, const void *data, size_t len) { mark_hash_blacklisted(data, len, BLACKLIST_HASH_BINARY); } /* * Add an X509 cert to the revocation list. */ static __init void uefi_revocation_list_x509(const char *source, const void *data, size_t len) { add_key_to_revocation_list(data, len); } /* * Return the appropriate handler for particular signature list types found in * the UEFI db tables. */ __init efi_element_handler_t get_handler_for_db(const efi_guid_t *sig_type) { if (efi_guidcmp(*sig_type, efi_cert_x509_guid) == 0) return add_to_platform_keyring; return NULL; } /* * Return the appropriate handler for particular signature list types found in * the MokListRT tables. */ __init efi_element_handler_t get_handler_for_mok(const efi_guid_t *sig_type) { if (efi_guidcmp(*sig_type, efi_cert_x509_guid) == 0) { if (IS_ENABLED(CONFIG_INTEGRITY_MACHINE_KEYRING) && imputed_trust_enabled()) return add_to_machine_keyring; else return add_to_platform_keyring; } return NULL; } __init efi_element_handler_t get_handler_for_ca_keys(const efi_guid_t *sig_type) { if (efi_guidcmp(*sig_type, efi_cert_x509_guid) == 0) return add_to_machine_keyring; return NULL; } __init efi_element_handler_t get_handler_for_code_signing_keys(const efi_guid_t *sig { if (efi_guidcmp(*sig_type, efi_cert_x509_guid) == 0) return add_to_secondary_keyring; return NULL; } /* * Return the appropriate handler for particular signature list types found in * the UEFI dbx and MokListXRT tables. */ __init efi_element_handler_t get_handler_for_dbx(const efi_guid_t *sig_type) { if (efi_guidcmp(*sig_type, efi_cert_x509_sha256_guid) == 0) return uefi_blacklist_x509_tbs; if (efi_guidcmp(*sig_type, efi_cert_sha256_guid) == 0) return uefi_blacklist_binary; if (efi_guidcmp(*sig_type, efi_cert_x509_guid) == 0) return uefi_revocation_list_x509; return NULL; }
¤ Dauer der Verarbeitung: 0.12 Sekunden (vorverarbeitet) ¤*© Formatika GbR, Deutschland |
|
||||||||||||||
2026-04-04