+ if (boot_task->verify_signature) {
+ /* Generate names of associated signature files and load */
+ if (image) {
+ image_sig = gpg_get_signature_url(ctx, image);
+ rc |= start_url_load(boot_task,
+ "kernel image signature", image_sig,
+ &boot_task->image_signature);
+ }
+ if (initrd) {
+ initrd_sig = gpg_get_signature_url(ctx, initrd);
+ rc |= start_url_load(boot_task, "initrd signature",
+ initrd_sig, &boot_task->initrd_signature);
+ }
+ if (dtb) {
+ dtb_sig = gpg_get_signature_url(ctx, dtb);
+ rc |= start_url_load(boot_task, "dtb signature",
+ dtb_sig, &boot_task->dtb_signature);
+ }
+
+ rc |= start_url_load(boot_task,
+ "kernel command line signature", cmdline_sig,
+ &boot_task->cmdline_signature);
+ }
+
+ /* If all URLs are local, we may be done. */