diff options
Diffstat (limited to '')
-rw-r--r-- | security/integrity/platform_certs/platform_keyring.c | 14 |
1 files changed, 4 insertions, 10 deletions
diff --git a/security/integrity/platform_certs/platform_keyring.c b/security/integrity/platform_certs/platform_keyring.c index 7646e35f2d91..bcafd7387729 100644 --- a/security/integrity/platform_certs/platform_keyring.c +++ b/security/integrity/platform_certs/platform_keyring.c @@ -14,15 +14,6 @@ #include <linux/slab.h> #include "../integrity.h" -static struct key_acl platform_key_acl = { - .usage = REFCOUNT_INIT(1), - .nr_ace = 2, - .aces = { - KEY_POSSESSOR_ACE(KEY_ACE_SEARCH | KEY_ACE_READ), - KEY_OWNER_ACE(KEY_ACE_VIEW), - } -}; - /** * add_to_platform_keyring - Add to platform keyring without validation. * @source: Source of key @@ -35,10 +26,13 @@ static struct key_acl platform_key_acl = { void __init add_to_platform_keyring(const char *source, const void *data, size_t len) { + key_perm_t perm; int rc; + perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW; + rc = integrity_load_cert(INTEGRITY_KEYRING_PLATFORM, source, data, len, - &platform_key_acl); + perm); if (rc) pr_info("Error adding keys to platform keyring %s\n", source); } |