Re: [PATCH 1/2] KEYS: Reserve an extra certificate symbol for inserting without recompiling

we...@redhat.com> wrote: > > Mehmet Kayaalp <mkaya...@linux.vnet.ibm.com> wrote: > >> Place a system_extra_cert buffer of configurable size, right after the >> system_certificate_list, so that inserted keys can be readily processed by >> the existi

[PATCH 1/2] KEYS: Reserve an extra certificate symbol for inserting without recompiling

is also adjusted accordingly. Call the script as: scripts/insert-sys-cert -b -c If vmlinux has no symbol table, supply System.map file with -s flag. Subsequent runs replace the previously inserted key, instead of appending the new one. Signed-off-by: Mehmet Kayaalp <mk

[PATCH 2/2] KEYS: Use the symbol value for list size, updated by scripts/insert-sys-cert

When a certificate is inserted to the image using scripts/writekey, the value of __cert_list_end does not change. The updated size can be found out by reading the value pointed by the system_certificate_list_size symbol. Signed-off-by: Mehmet Kayaalp <mkaya...@linux.vnet.ibm.com> --- s