Merge tag 'integrity-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar...

[linux-2.6-microblaze.git] / security / integrity / platform_certs / keyring_handler.c

diff --git a/security/integrity/platform_certs/keyring_handler.c b/security/integrity/platform_certs/keyring_handler.c
index 6cc90ce..8a1124e 100644 (file)
--- a/security/integrity/platform_certs/keyring_handler.c
+++ b/security/integrity/platform_certs/keyring_handler.c
@@ -16,35 +16,13 @@ static efi_guid_t efi_cert_x509_sha256_guid __initdata =
        EFI_CERT_X509_SHA256_GUID;
 static efi_guid_t efi_cert_sha256_guid __initdata = EFI_CERT_SHA256_GUID;
 
-/*
- * Blacklist a hash.
- */
-static __init void uefi_blacklist_hash(const char *source, const void *data,
-                                      size_t len, const char *type,
-                                      size_t type_len)
-{
-       char *hash, *p;
-
-       hash = kmalloc(type_len + len * 2 + 1, GFP_KERNEL);
-       if (!hash)
-               return;
-       p = memcpy(hash, type, type_len);
-       p += type_len;
-       bin2hex(p, data, len);
-       p += len * 2;
-       *p = 0;
-
-       mark_hash_blacklisted(hash);
-       kfree(hash);
-}
-
 /*
  * Blacklist an X509 TBS hash.
  */
 static __init void uefi_blacklist_x509_tbs(const char *source,
                                           const void *data, size_t len)
 {
-       uefi_blacklist_hash(source, data, len, "tbs:", 4);
+       mark_hash_blacklisted(data, len, BLACKLIST_HASH_X509_TBS);
 }
 
 /*
@@ -53,7 +31,7 @@ static __init void uefi_blacklist_x509_tbs(const char *source,
 static __init void uefi_blacklist_binary(const char *source,
                                         const void *data, size_t len)
 {
-       uefi_blacklist_hash(source, data, len, "bin:", 4);
+       mark_hash_blacklisted(data, len, BLACKLIST_HASH_BINARY);
 }
 
 /*