Djam/kernel-5.15
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/kernel-5.15.git synced 2025-02-23 18:42:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Explicitly enable CONFIG_SYSTEM_EXTRA_CERTIFICATE (is enabled in Kconfig by default)

Browse source
This commit is contained in:
Mikhail Novosyolov 2019-11-18 21:25:13 +03:00
parent aa3a5337f4
commit a7f7bf8598
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
kernel.spec
View file

@ -11,7 +11,7 @@
%define sublevel 11
# Release number. Increase this before a rebuild.
%define rpmrel 2
%define rpmrel 3
%define fullrpmrel %{rpmrel}
%define rpmtag %{disttag}
@ -795,6 +795,9 @@ echo CONFIG_MODULE_SIG_KEY="%{certs_signing_key_rnd}" >> .config
# Set path to one PEM file with all keys that the kernel must trust
sed -i '/CONFIG_SYSTEM_TRUSTED_KEYS/d' .config
echo CONFIG_SYSTEM_TRUSTED_KEYS="%{certs_public_keys}" >> .config
# Reserve area for inserting a certificate without recompiling
sed -i '/CONFIG_SYSTEM_EXTRA_CERTIFICATE/d' .config
echo CONFIG_SYSTEM_EXTRA_CERTIFICATE=y >> .config
# Memory wiping
# Introduced in kernel 5.3 by commit 6471384af2a6530696fc0203bafe4de41a23c9ef