LoadPin: Fix Kconfig doc about format of file with verity digests
The doc for CONFIG_SECURITY_LOADPIN_VERITY says that the file with verity
digests must contain a comma separated list of digests. That was the case
at some stage of the development, but was changed during the review
process to one digest per line. Update the Kconfig doc accordingly.
Reported-by: Jae Hoon Kim <kimjae@chromium.org>
Signed-off-by: Matthias Kaehlcke <mka@chromium.org>
Fixes: 3f805f8cc2
("LoadPin: Enable loading from trusted dm-verity devices")
Cc: stable@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220829174557.1.I5d202d1344212a3800d9828f936df6511eb2d0d1@changeid
This commit is contained in:
parent
ba38961a06
commit
aafc203bba
|
@ -33,4 +33,4 @@ config SECURITY_LOADPIN_VERITY
|
||||||
on the LoadPin securityfs entry 'dm-verity'. The ioctl
|
on the LoadPin securityfs entry 'dm-verity'. The ioctl
|
||||||
expects a file descriptor of a file with verity digests as
|
expects a file descriptor of a file with verity digests as
|
||||||
parameter. The file must be located on the pinned root and
|
parameter. The file must be located on the pinned root and
|
||||||
contain a comma separated list of digests.
|
contain one digest per line.
|
||||||
|
|
Loading…
Reference in New Issue