1. 25 1月, 2016 4 次提交
    • S
      crypto: drbg - remove FIPS 140-2 continuous test · b3614763
      Stephan Mueller 提交于
      The newly released FIPS 140-2 IG 9.8 specifies that for SP800-90A
      compliant DRBGs, the FIPS 140-2 continuous random number generator test
      is not required any more.
      
      This patch removes the test and all associated data structures.
      Signed-off-by: NStephan Mueller <smueller@chronox.de>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      b3614763
    • H
      crypto: skcipher - Add default key size helper · 973fb3fb
      Herbert Xu 提交于
      While converting ecryptfs over to skcipher I found that it needs
      to pick a default key size if one isn't given.  Rather than having
      it poke into the guts of the algorithm to get max_keysize, let's
      provide a helper that is meant to give a sane default (just in
      case we ever get an algorithm that has no maximum key size).
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      973fb3fb
    • S
      crypto: ansi_cprng - ANSI X9.31 DRNG is not allowed in FIPS 140-2 · eac6d408
      Stephan Mueller 提交于
      As per update of the FIPS 140-2 Annex C supported by SP800-131A, the
      ANSI X9.31 DRNG is not an allowed cipher in FIPS mode any more.
      
      CC: Neil Horman <nhorman@tuxdriver.com>
      Signed-off-by: NStephan Mueller <smueller@chronox.de>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      eac6d408
    • P
      PKCS#7: Don't require SpcSpOpusInfo in Authenticode pkcs7 signatures · 7ee7014d
      Peter Jones 提交于
      Dave Young reported:
      > Hi,
      >
      > I saw the warning "Missing required AuthAttr" when testing kexec,
      > known issue?  Idea about how to fix it?
      >
      > The kernel is latest linus tree plus sevral patches from Toshi to
      > cleanup io resource structure.
      >
      > in function pkcs7_sig_note_set_of_authattrs():
      >         if (!test_bit(sinfo_has_content_type, &sinfo->aa_set) ||
      >             !test_bit(sinfo_has_message_digest, &sinfo->aa_set) ||
      >             (ctx->msg->data_type == OID_msIndirectData &&
      >              !test_bit(sinfo_has_ms_opus_info, &sinfo->aa_set))) {
      >                 pr_warn("Missing required AuthAttr\n");
      >                 return -EBADMSG;
      >         }
      >
      > The third condition below is true:
      > (ctx->msg->data_type == OID_msIndirectData &&
      >              !test_bit(sinfo_has_ms_opus_info, &sinfo->aa_set))
      >
      > I signed the kernel with redhat test key like below:
      > pesign -c 'Red Hat Test Certificate' -i arch/x86/boot/bzImage -o /boot/vmlinuz-4.4.0-rc8+ -s --force
      
      And right he is!  The Authenticode specification is a paragon amongst
      technical documents, and has this pearl of wisdom to offer:
      
      ---------------------------------
      Authenticode-Specific SignerInfo UnauthenticatedAttributes Structures
      
        The following Authenticode-specific data structures are present in
        SignerInfo authenticated attributes.
      
        SpcSpOpusInfo
        SpcSpOpusInfo is identified by SPC_SP_OPUS_INFO_OBJID
        (1.3.6.1.4.1.311.2.1.12) and is defined as follows:
        SpcSpOpusInfo ::= SEQUENCE {
          programName  [0] EXPLICIT SpcString OPTIONAL,
          moreInfo     [1] EXPLICIT SpcLink OPTIONAL,
        } --#public--
      
        SpcSpOpusInfo has two fields:
          programName
            This field contains the program description:
            If publisher chooses not to specify a description, the SpcString
            structure contains a zero-length program name.
            If the publisher chooses to specify a
            description, the SpcString structure contains a Unicode string.
          moreInfo
            This field is set to an SPCLink structure that contains a URL for
            a Web site with more information about the signer. The URL is an
            ASCII string.
      ---------------------------------
      
      Which is to say that this is an optional *unauthenticated* field which
      may be present in the Authenticated Attribute list.  This is not how
      pkcs7 is supposed to work, so when David implemented this, he didn't
      appreciate the subtlety the original spec author was working with, and
      missed the part of the sublime prose that says this Authenticated
      Attribute is an Unauthenticated Attribute.  As a result, the code in
      question simply takes as given that the Authenticated Attributes should
      be authenticated.
      
      But this one should not, individually.  Because it says it's not
      authenticated.
      
      It still has to hash right so the TBS digest is correct.  So it is both
      authenticated and unauthenticated, all at once.  Truly, a wonder of
      technical accomplishment.
      
      Additionally, pesign's implementation has always attempted to be
      compatible with the signatures emitted from contemporary versions of
      Microsoft's signtool.exe.  During the initial implementation, Microsoft
      signatures always produced the same values for SpcSpOpusInfo -
      {U"Microsoft Windows", "http://www.microsoft.com"} - without regard to
      who the signer was.
      
      Sometime between Windows 8 and Windows 8.1 they stopped including the
      field in their signatures altogether, and as such pesign stopped
      producing them in commits c0c4da6 and d79cb0c, sometime around June of
      2012.  The theory here is that anything that breaks with
      pesign signatures would also be breaking with signtool.exe sigs as well,
      and that'll be a more noticed problem for firmwares parsing it, so it'll
      get fixed.  The fact that we've done exactly this bug in Linux code is
      first class, grade A irony.
      
      So anyway, we should not be checking this field for presence or any
      particular value: if the field exists, it should be at the right place,
      but aside from that, as long as the hash matches the field is good.
      Signed-off-by: NPeter Jones <pjones@redhat.com>
      Tested-by: NDave Young <dyoung@redhat.com>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      7ee7014d
  2. 20 1月, 2016 1 次提交
  3. 19 1月, 2016 2 次提交
  4. 18 1月, 2016 15 次提交
  5. 07 1月, 2016 1 次提交
  6. 22 12月, 2015 3 次提交
  7. 20 12月, 2015 1 次提交
  8. 15 12月, 2015 1 次提交
    • P
      IMA: create machine owner and blacklist keyrings · 41c89b64
      Petko Manolov 提交于
      This option creates IMA MOK and blacklist keyrings.  IMA MOK is an
      intermediate keyring that sits between .system and .ima keyrings,
      effectively forming a simple CA hierarchy.  To successfully import a key
      into .ima_mok it must be signed by a key which CA is in .system keyring.
      On turn any key that needs to go in .ima keyring must be signed by CA in
      either .system or .ima_mok keyrings. IMA MOK is empty at kernel boot.
      
      IMA blacklist keyring contains all revoked IMA keys.  It is consulted
      before any other keyring.  If the search is successful the requested
      operation is rejected and error is returned to the caller.
      Signed-off-by: NPetko Manolov <petkan@mip-labs.com>
      Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com>
      41c89b64
  9. 11 12月, 2015 1 次提交
  10. 10 12月, 2015 1 次提交
  11. 09 12月, 2015 4 次提交
  12. 04 12月, 2015 1 次提交
  13. 02 12月, 2015 1 次提交
    • E
      net: rename SOCK_ASYNC_NOSPACE and SOCK_ASYNC_WAITDATA · 9cd3e072
      Eric Dumazet 提交于
      This patch is a cleanup to make following patch easier to
      review.
      
      Goal is to move SOCK_ASYNC_NOSPACE and SOCK_ASYNC_WAITDATA
      from (struct socket)->flags to a (struct socket_wq)->flags
      to benefit from RCU protection in sock_wake_async()
      
      To ease backports, we rename both constants.
      
      Two new helpers, sk_set_bit(int nr, struct sock *sk)
      and sk_clear_bit(int net, struct sock *sk) are added so that
      following patch can change their implementation.
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      9cd3e072
  14. 01 12月, 2015 1 次提交
  15. 27 11月, 2015 1 次提交
  16. 23 11月, 2015 2 次提交