joeyli

joeyli

Poking technologies for enrolling customer key to kernel trusted keyring

a project by joeyli

Project Description

The keys in db or mok can be used to verify boot loader and kernel binary for booting. But upstream kernel doesn't trust them for enrolling to trusted keyring because they are enrolled outside the boundaries of kernel. Which means that IMA can not use db/mok keys for verification.

Updated 1 day ago. 1 hackers ♥️. 1 follower.
12
9
21
32

Looking for projects around:

Nothing at the moment

Activity

  • 1 day ago: joeyli started Poking technologies for enrolling customer key to kernel trusted keyring
  • 9 days ago: joeyli added keyword "security" to Poking technologies for enrolling customer key to kernel trusted keyring
  • 9 days ago: joeyli added keyword "shim" to Poking technologies for enrolling customer key to kernel trusted keyring
  • 9 days ago: joeyli added keyword "kernel" to Poking technologies for enrolling customer key to kernel trusted keyring
  • 9 days ago: joeyli added keyword "mok" to Poking technologies for enrolling customer key to kernel trusted keyring
  • 9 days ago: joeyli originated Poking technologies for enrolling customer key to kernel trusted keyring
  • over 1 year ago: joeyli added keyword "kernel" to Separate kernel module signature to a independent file
  • over 1 year ago: joeyli originated Separate kernel module signature to a independent file
  • about 3 years ago: joeyli liked X86_64 platform system program
  • about 3 years ago: joeyli originated ACPICA profiling
  • about 3 years ago: joeyli started Collectl turbostat module
  • about 3 years ago: joeyli originated Collectl turbostat module
  • almost 4 years ago: joeyli started Hibernate encryption and authentication adapt to user land util and keyring
  • almost 4 years ago: joeyli originated Hibernate encryption and authentication adapt to user land util and keyring
  • over 5 years ago: joeyli started kernel sensitive data protection
  • over 5 years ago: joeyli originated kernel sensitive data protection
  • over 5 years ago: joeyli started Using BCC to snoop ACPI or PCI power
  • over 5 years ago: joeyli originated Using BCC to snoop ACPI or PCI power
  • about 6 years ago: joeyli originated LUV on SUSE Studio
  • over 6 years ago: joeyli liked Use jenkins as openQA UI
  • over 6 years ago: joeyli liked Learning more about SDN
  • over 6 years ago: joeyli liked Learning more about SDN
  • over 6 years ago: joeyli liked Learning more about SDN
  • over 6 years ago: joeyli liked libkdumpfile/gdb-kdump improvements
  • over 6 years ago: joeyli liked clean up wiki pages on https://en.opensuse.org
  • All Activity