path: root/certs/blacklist.c
diff options
authorDavid Howells <>2022-05-18 23:48:09 +0100
committerDavid Howells <>2022-06-21 16:05:06 +0100
commit60050ffe3d770dd1df5b641aa48f49d07a54bd84 (patch)
tree649187b0c81d53ea6420147e041cd614521ac9c9 /certs/blacklist.c
parentb13baccc3850ca8b8cccbf8ed9912dbaa0fdf7f3 (diff)
certs: Move load_certificate_list() to be with the asymmetric keys code
Move load_certificate_list(), which loads a series of binary X.509 certificates from a blob and inserts them as keys into a keyring, to be with the asymmetric keys code that it drives. This makes it easier to add FIPS selftest code in which we need to load up a private keyring for the tests to use. Signed-off-by: David Howells <> Reviewed-by: Simo Sorce <> Reviewed-by: Herbert Xu <> cc: cc: Link:
Diffstat (limited to 'certs/blacklist.c')
1 files changed, 4 insertions, 4 deletions
diff --git a/certs/blacklist.c b/certs/blacklist.c
index 25094ea73600..41f10601cc72 100644
--- a/certs/blacklist.c
+++ b/certs/blacklist.c
@@ -15,10 +15,9 @@
#include <linux/err.h>
#include <linux/seq_file.h>
#include <linux/uidgid.h>
-#include <linux/verification.h>
+#include <keys/asymmetric-type.h>
#include <keys/system_keyring.h>
#include "blacklist.h"
-#include "common.h"
* According to crypto/asymmetric_keys/x509_cert_parser.c:x509_note_pkey_algo(),
@@ -365,8 +364,9 @@ static __init int load_revocation_certificate_list(void)
if (revocation_certificate_list_size)
pr_notice("Loading compiled-in revocation X.509 certificates\n");
- return load_certificate_list(revocation_certificate_list, revocation_certificate_list_size,
- blacklist_keyring);
+ return x509_load_certificate_list(revocation_certificate_list,
+ revocation_certificate_list_size,
+ blacklist_keyring);