Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a25a2b84 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  integrity: digital signature config option name change
  lib: Removed MPILIB, MPILIB_EXTRA, and SIGNATURE prompts
  lib: MPILIB Kconfig description update
  lib: digital signature dependency fix
  lib: digital signature config option name change
  encrypted-keys: fix rcu and sparse messages
  keys: fix trusted/encrypted keys sparse rcu_assign_pointer messages
  KEYS: Add missing smp_rmb() primitives to the keyring search code
  TOMOYO: Accept \000 as a valid character.
  security: update MAINTAINERS file with new git repo
parents f429ee3b f1be242c

MAINTAINERS

+1 −1
Original line number Diff line number Diff line
@@ -5846,7 +5846,7 @@ F: drivers/mmc/host/sdhci-spear.c 
SECURITY SUBSYSTEM

M:	James Morris <jmorris@namei.org>

L:	linux-security-module@vger.kernel.org (suggested Cc:)

T:	git git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6.git

T:	git git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git

W:	http://security.wiki.kernel.org/

S:	Supported

F:	security/

include/linux/digsig.h

+2 −2
Original line number Diff line number Diff line
@@ -46,7 +46,7 @@ struct signature_hdr { 
	char		mpi[0];

} __packed;



#if defined(CONFIG_DIGSIG) || defined(CONFIG_DIGSIG_MODULE)

#if defined(CONFIG_SIGNATURE) || defined(CONFIG_SIGNATURE_MODULE)



int digsig_verify(struct key *keyring, const char *sig, int siglen,

					const char *digest, int digestlen);
@@ -59,6 +59,6 @@ static inline int digsig_verify(struct key *keyring, const char *sig, 
	return -EOPNOTSUPP;

}



#endif /* CONFIG_DIGSIG */

#endif /* CONFIG_SIGNATURE */



#endif /* _DIGSIG_H */

include/linux/key.h

+3 −0
Original line number Diff line number Diff line
@@ -293,6 +293,9 @@ static inline bool key_is_instantiated(const struct key *key) 
	(rcu_dereference_protected((KEY)->payload.rcudata,		\

				   rwsem_is_locked(&((struct key *)(KEY))->sem)))



#define rcu_assign_keypointer(KEY, PAYLOAD)				\

	(rcu_assign_pointer((KEY)->payload.rcudata, PAYLOAD))



#ifdef CONFIG_SYSCTL

extern ctl_table key_sysctls[];

#endif

lib/Kconfig

+9 −10
Original line number Diff line number Diff line
@@ -286,25 +286,24 @@ config CORDIC 
	  calculations are in fixed point. Module will be called cordic.



config MPILIB

	tristate "Multiprecision maths library"

	tristate

	help

	  Multiprecision maths library from GnuPG.

	  It is used to implement RSA digital signature verification,

	  which is used by IMA/EVM digital signature extension.



config MPILIB_EXTRA

	bool "Multiprecision maths library - additional sources"

	bool

	depends on MPILIB

	help

	  Multiprecision maths library from GnuPG.

	  It is used to implement RSA digital signature verification,

	  which is used by IMA/EVM digital signature extension.

	  This code in unnecessary for RSA digital signature verification,

	  and can be compiled if needed.

	  Additional sources of multiprecision maths library from GnuPG.

	  This code is unnecessary for RSA digital signature verification,

	  but can be compiled if needed.



config DIGSIG

	tristate "In-kernel signature checker"

	depends on KEYS

config SIGNATURE

	tristate

	depends on KEYS && CRYPTO

	select CRYPTO_SHA1

	select MPILIB

	help

	  Digital signature verification. Currently only RSA is supported.

lib/Makefile

+1 −1
Original line number Diff line number Diff line
@@ -119,7 +119,7 @@ obj-$(CONFIG_CORDIC) += cordic.o 
obj-$(CONFIG_DQL) += dynamic_queue_limits.o



obj-$(CONFIG_MPILIB) += mpi/

obj-$(CONFIG_DIGSIG) += digsig.o

obj-$(CONFIG_SIGNATURE) += digsig.o



hostprogs-y	:= gen_crc32table

clean-files	:= crc32table.h