Navigation: Linux Kernel Driver DataBase - web LKDDB: Main index - I index

CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY: Permit keys validly signed by a built-in or secondary CA cert (EXPERIMENTAL)

General informations

The Linux kernel configuration item CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY:

prompt: Permit keys validly signed by a built-in or secondary CA cert (EXPERIMENTAL)
type: bool
depends on: ( CONFIG_SYSTEM_TRUSTED_KEYRING ) && ( CONFIG_SECONDARY_TRUSTED_KEYRING ) && ( CONFIG_INTEGRITY_ASYMMETRIC_KEYS )
defined in security/integrity/ima/Kconfig
found in Linux kernels: 4.7–4.20, 5.0–5.19, 6.0–6.6, 6.7-rc+HEAD

Help text

Keys may be added to the IMA or IMA blacklist keyrings, if the key is validly signed by a CA cert in the system built-in or secondary trusted keyrings. The key must also have the digitalSignature usage set.

Intermediate keys between those the kernel has compiled in and the IMA keys to be added may be added to the system secondary keyring, provided they are validly signed by a key already resident in the built-in or secondary trusted keyrings.

Hardware

LKDDb

Raw data from LKDDb:

(none)

Sources

This page is automaticly generated with free (libre, open) software lkddb(see lkddb-sources).

The data is retrived from:

Linux kernel
Linux Kernel Driver DataBase (LKDDb)

Automatic links from Google (and ads)

Custom Search

Popular queries:

Navigation: Linux Kernel Driver DataBase - web LKDDB: main index - I index

Automatically generated (in year 2023). See also LKDDb sources on GitLab