summaryrefslogtreecommitdiff
path: root/MokVars.txt
AgeCommit message (Collapse)Author
2017-08-03Add MokListX to MokVars.txtPeter Jones
Signed-off-by: Peter Jones <pjones@redhat.com>
2013-10-02Add support for disabling db for verificationJosh Boyer
Provide a mechanism for a physically present end user to disable the use of db when doing signature verification. This is handled by the OS passing down a variable that contains a UINT32 and a SHA256 hash. If this variable is present, MokManager prompts the user to choose whether to enable or disable the use of db for verification purposes (depending on the value of the UINT32). They are then asked to type the passphrase that matches the hash. This then saves a boot services variable which is checked by shim, and if set will cause shim to not use db for verification purposes. If db is to be ignored, shim will export a runtime variable called 'MokIgnoreDB' for the OS to query at runtime. Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
2012-10-30Add documentation of the Mok variablesMatthew Garrett
Brief overview of the function and format of the various variables used by Shim and MokManager.