1 | // SPDX-License-Identifier: GPL-2.0 |
---|---|
2 | |
3 | #include <linux/kernel.h> |
4 | #include <linux/sched.h> |
5 | #include <linux/cred.h> |
6 | #include <linux/err.h> |
7 | #include <linux/efi.h> |
8 | #include <linux/slab.h> |
9 | #include <keys/asymmetric-type.h> |
10 | #include <keys/system_keyring.h> |
11 | #include <asm/boot_data.h> |
12 | #include "../integrity.h" |
13 | |
14 | /* |
15 | * Load the certs contained in the IPL report created by the machine loader |
16 | * into the platform trusted keyring. |
17 | */ |
18 | static int __init load_ipl_certs(void) |
19 | { |
20 | void *ptr, *end; |
21 | unsigned int len; |
22 | |
23 | if (!ipl_cert_list_addr) |
24 | return 0; |
25 | /* Copy the certificates to the platform keyring */ |
26 | ptr = __va(ipl_cert_list_addr); |
27 | end = ptr + ipl_cert_list_size; |
28 | while ((void *) ptr < end) { |
29 | len = *(unsigned int *) ptr; |
30 | ptr += sizeof(unsigned int); |
31 | add_to_platform_keyring(source: "IPL:db", data: ptr, len); |
32 | ptr += len; |
33 | } |
34 | return 0; |
35 | } |
36 | late_initcall(load_ipl_certs); |
37 |