mokutil: add mok-variables parsing support

lcp / mokutil

The utility to manipulate machine owner keys

GNU General Public License v3.0

67 stars 37 forks source link

mokutil: add mok-variables parsing support #35

Closed martinezjavier closed 3 years ago

martinezjavier commented 3 years ago

This patch adds support for getting mok variables from /sys/firmware/efi/mok-variables/$NAME , if they are present, as well as for checking MokListRT, MokListRT1, MokListRT2, etc., for any of the mok variables.

Signed-off-by: Peter Jones pjones@redhat.com

lcp commented 3 years ago

Is this something going to happen in kernel upstream?

aburmash commented 3 years ago

@lcp i think at least this thee are present and should be needed https://github.com/torvalds/linux/commit/58c909022a5a56cd1d9e89c8c5461fd1f6a27bb5#diff-8f46b5bc1c90ca4ef353abd99d09d1a8ba1621f0c075ec5dc88f6d0a8e73f017

https://github.com/torvalds/linux/commit/726bd8965a5f112d9601f7ce68effa1e46e02bf2#diff-c46c2f12fa8e7359637643ed26f668087dd367d362770e1bcf1a694514c0d0eb

https://github.com/torvalds/linux/commit/38a1f03aa24094b4a8de846700cb6cb21cc06468#diff-c46c2f12fa8e7359637643ed26f668087dd367d362770e1bcf1a694514c0d0eb

lcp commented 3 years ago

@aburmash Thanks for pointing out the kernel commits. Then I'm fine with the change.