On Wed, 2018-06-13 at 14:33 +0800, Herbert Xu wrote:
> On Fri, Jun 08, 2018 at 02:57:42PM -0700, Matthew Garrett wrote:
> > When EVM attempts to appraise a file signed with a crypto algorithm the
> > kernel doesn't have support for, it will cause the kernel to trigger a
> > module load. If the EVM
On Mon, 2018-04-09 at 15:10 +0100, Martin Townsend wrote:
> Hi Mimi,
>
> On Mon, Apr 9, 2018 at 1:46 PM, Mimi Zohar <zo...@linux.vnet.ibm.com> wrote:
> > On Mon, 2018-04-09 at 09:41 +0100, Martin Townsend wrote:
> >> Hi,
> >>
> >> I'm trying
On Mon, 2018-04-09 at 09:41 +0100, Martin Townsend wrote:
> Hi,
>
> I'm trying to get to the bottom of an issue I'm seeing when enabling
> the CAAM in the kernel with IMA/EVM enabled. I'm using the official
> NXP (imx_4.9.11_1.0.0_ga) vendor Kernel.
>
> Here's the error message I'm getting.
>
signature or is_signed() would be preferable.
Mimi
>
> Suggested-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
> Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
> ---
> security/integrity/ima/ima.h | 5 +
> security/integrity/ima/ima_
On Fri, 2018-03-16 at 17:38 -0300, Thiago Jung Bauermann wrote:
> This patch actually implements the appraise_type=imasig|modsig option,
> allowing IMA to read and verify modsig signatures.
>
> In case both are present in the same file, IMA will first check whether the
> key used by the xattr
sage should be independent of other
changes.
Mimi
>
> Suggested-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
> Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
> ---
> Documentation/security/IMA-templates.rst | 5
> security/integrity/ima/ima_template
gt;digest is always initialized to zero.
>
> Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
> Cc: David Howells <dhowe...@redhat.com>
> Cc: Herbert Xu <herb...@gondor.apana.org.au>
> Cc: "David S. Miller" <da...@davemloft.net&
to
be refactored. In this case, verify_pkcs7_signature() verifies the
signature using keys on the builtin and secondary keyrings. IMA-
appraisal needs to verify the signature using keys on its keyring.
The patch itself looks good!
Reviewed-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
> Sig
complains that
> CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
>
> Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
> ---
> security/integrity/Kconfig | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
&
n the xattr sig is factored out from
> asymmetric_verify() so that it can be used by the new function.
>
> Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Signed-off-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
> ---
> s
On Fri, 2018-03-16 at 17:38 -0300, Thiago Jung Bauermann wrote:
> IMA will need to obtain the keyring used to verify file signatures so that
> it can verify the module-style signature appended to files.
>
> Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
S
On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote:
Below are a few additional comments.
> @@ -200,18 +239,28 @@ int ima_read_xattr(struct dentry *dentry,
> */
> int ima_appraise_measurement(enum ima_hooks func,
>struct integrity_iint_cache *iint,
> -
On Thu, 2017-10-26 at 20:47 -0200, Thiago Jung Bauermann wrote:
> Mimi Zohar <zo...@linux.vnet.ibm.com> writes:
>
> > On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote:
> >> IMA will use the module_signature format for append signatures, so export
&g
On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote:
> Hello,
>
> The main highlight in this version is that it fixes a bug where the modsig
> wasn't being included in the measurement list if the appraised file was
> already measured by another rule. The fix is in the last patch.
>
>
rify an already parsed PKCS#7 message. For this
> purpose, add function verify_pkcs7_message_signature which takes a struct
> pkcs7_message for verification instead of the raw bytes that
> verify_pkcs7_signature takes.
>
> Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.
DULE_SIG_FORMAT option so that IMA can select it
> and be able to use validate_module_signature without having to depend on
> CONFIG_MODULE_SIG.
>
> Signed-off-by: Thiago Jung Bauermann <bauer...@linux.vnet.ibm.com>
Reviewed-by: Mimi Zohar <zo...@linux.vnet.ibm.com>
One m
On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote:
> diff --git a/security/integrity/ima/ima_main.c
> b/security/integrity/ima/ima_main.c
> index 6a2d960fbd92..0d3390de7432 100644
> --- a/security/integrity/ima/ima_main.c
> +++ b/security/integrity/ima/ima_main.c
> @@ -246,7 +246,35
On Fri, 2017-08-04 at 19:03 -0300, Thiago Jung Bauermann wrote:
> This patch introduces the modsig keyword to the IMA policy syntax to
> specify that a given hook should expect the file to have the IMA signature
> appended to it. Here is how it can be used in a rule:
>
> appraise
On Wed, 2017-08-02 at 18:52 -0400, Mimi Zohar wrote:
> On Wed, 2017-08-02 at 14:42 -0300, Thiago Jung Bauermann wrote:
> > Mimi Zohar <zo...@linux.vnet.ibm.com> writes:
> > >> @@ -229,8 +251,24 @@ int ima_appraise_measurement(enum ima_hooks func,
>
On Wed, 2017-08-02 at 14:42 -0300, Thiago Jung Bauermann wrote:
> Mimi Zohar <zo...@linux.vnet.ibm.com> writes:
>
> > On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote:
> >> --- a/security/integrity/ima/ima_appraise.c
> >> +++ b/security/integrit
On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote:
> This patch introduces the modsig keyword to the IMA policy syntax to
> specify that a given hook should expect the file to have the IMA signature
> appended to it. Here is how it can be used in a rule:
>
> appraise
Hi Thiago,
On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote:
> Even though struct evm_ima_xattr_data includes a fixed-size array to hold a
> SHA1 digest, most of the code ignores the array and uses the struct to mean
> "type indicator followed by data of unspecified size" and tracks
On Tue, 2017-07-04 at 23:22 -0300, Thiago Jung Bauermann wrote:
> Mimi Zohar <zo...@linux.vnet.ibm.com> writes:
>
> > On Wed, 2017-06-21 at 14:45 -0300, Thiago Jung Bauermann wrote:
> >> Mimi Zohar <zo...@linux.vnet.ibm.com> writes:
> >> > On Wed, 201
On Wed, 2017-06-21 at 14:45 -0300, Thiago Jung Bauermann wrote:
> Hello Mimi,
>
> Thanks for your review, and for queuing the other patches in this series.
>
> Mimi Zohar <zo...@linux.vnet.ibm.com> writes:
> > On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauer
On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote:
> These changes are too small to warrant their own patches:
>
> The keyid and sig_size members of struct signature_v2_hdr are in BE format,
> so use a type that makes this assumption explicit. Also, use beXX_to_cpu
> instead of
On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote:
> If the file doesn't have an xattr, ima_appraise_measurement sets cause to
> "missing-hash" while if there's an xattr but it's a digest instead of a
> signature it sets cause to "IMA-signature-required".
>
> Fix it by setting cause
e_id_str we can
> use one hooks list for both the enum and the string array, making sure they
> are always in sync (suggested by Mimi Zohar).
>
> Finally, by using the printf pattern for the function token directly
> instead of using the pt macro we can simplify policy_func_show ev
Hi Thiago,
On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote:
> This patch introduces the modsig keyword to the IMA policy syntax to
> specify that a given hook should expect the file to have the IMA signature
> appended to it. Here is how it can be used in a rule:
>
> appraise
On Sat, 2017-05-06 at 15:59 +0300, Gilad Ben-Yossef wrote:
> ima starts several async. crypto ops and waits for their completions.
> Move it over to generic code doing the same.
>
> Signed-off-by: Gilad Ben-Yossef <gi...@benyossef.com>
Acked-by: Mimi Zohar <zo.
Hi Thiago,
On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote:
> This patch introduces the appended_imasig keyword to the IMA policy syntax
> to specify that a given hook should expect the file to have the IMA
> signature appended to it. Here is how it can be used in a rule:
>
>
On Thu, 2017-04-20 at 17:40 -0300, Thiago Jung Bauermann wrote:
> Am Donnerstag, 20. April 2017, 08:13:23 BRT schrieb Mimi Zohar:
> > On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote:
> > > If the func_tokens array uses the same indices as enum ima_hooks,
> >
On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote:
> IMA will use the module_signature format for append signatures, so export
> the relevant definitions and factor out the code which verifies that the
> appended signature trailer is valid.
>
> Also, create a CONFIG_MODULE_SIG_FORMAT
On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote:
> If the func_tokens array uses the same indices as enum ima_hooks,
> policy_func_show can be a lot simpler, and the func_* enum becomes
> unnecessary.
My main concern with separating the enumeration from the string
definition is
On Tue, 2016-09-20 at 20:35 +0800, Herbert Xu wrote:
> On Tue, Sep 20, 2016 at 08:11:51AM -0400, Mimi Zohar wrote:
> > Hi Herbert,
> >
> > The initial random iv value, initialized in encrypted_init(), should
> > not be modified. Commit c3917fd "KEY
Hi Herbert,
The initial random iv value, initialized in encrypted_init(), should
not be modified. Commit c3917fd "KEYS: Use skcipher", which replaced
the blkcipher with skcipher, modifies the iv in
crypto_skcipher_encrypt()/decrypt().
The following example creates an encrypted key, writes the
Hi Herbert,
On Mon, 2016-02-08 at 13:58 +, David Howells wrote:
> Herbert Xu wrote:
>
> > > Hmmm... That means that the crypto branch and the security branch are
> > > going
> > > to conflict.
> >
> > I thought you were OK with it going in now as you said
On Wed, 2016-01-27 at 11:04 +0100, Steffen Trumtrar wrote:
> Hi!
>
> Mimi Zohar writes:
>
> > On Mon, 2015-11-09 at 16:18 +0100, Steffen Trumtrar wrote:
> >> Hi!
> >>
> >> The RFC Patch attached after this cover letter is mostly for illustration
On Sat, 2015-12-12 at 18:26 -0800, Tadeusz Struk wrote:
> Convert asymmetric_verify to akcipher api.
>
> Signed-off-by: Tadeusz Struk
> ---
> security/integrity/Kconfig |1 +
> security/integrity/digsig_asymmetric.c | 10 +++---
> 2 files changed,
On Thu, 2015-12-10 at 10:39 -0800, Tadeusz Struk wrote:
> Hi Mimi,
> On 12/10/2015 10:25 AM, Mimi Zohar wrote:
> >> This patch set converts the module verification and digital signature
> >> > code to the new akcipher API.
> >> > RSA implementation has b
On Thu, 2015-12-10 at 14:37 -0500, Mimi Zohar wrote:
> On Thu, 2015-12-10 at 10:39 -0800, Tadeusz Struk wrote:
> > Hi Mimi,
> > On 12/10/2015 10:25 AM, Mimi Zohar wrote:
> > >> This patch set converts the module verification and digital signature
> > >> >
On Wed, 2015-12-09 at 15:52 -0800, Tadeusz Struk wrote:
> This patch set converts the module verification and digital signature
> code to the new akcipher API.
> RSA implementation has been removed from crypto/asymmetric_keys and the
> new API is used for cryptographic primitives.
> There is no
On Sun, 2015-11-22 at 09:41 -0500, Mimi Zohar wrote:
> On Fri, 2015-11-20 at 11:07 +, David Howells wrote:
> >
> > (*) Add Mimi's patches to allow keys/keyrings to be marked undeletable.
> > This
> > is for the purpose of creating blacklists
On Fri, 2015-11-20 at 11:07 +, David Howells wrote:
> Hi Marcel, Mimi, Tadeus,
>
> I want to consider adding or doing the following bits to the keyrings
> facility, aiming for the next merge window:
>
> (*) Bring in the patches that I posted to change how the trust model on a
> keyring
On Mon, 2015-11-09 at 16:18 +0100, Steffen Trumtrar wrote:
> Hi!
>
> The RFC Patch attached after this cover letter is mostly for illustration
> purposes, so please don't waste too much time reviewing the code ;-)
>
> For context I'll try to describe the problem that this patch tries to solve.
>
On Wed, 2015-10-21 at 16:13 +0100, David Howells wrote:
> Here's a set of patches that changes how keys are determined to be trusted
> - currently, that's a case of whether a key has KEY_FLAG_TRUSTED set upon
> it. A keyring can then have a flag set (KEY_FLAG_TRUSTED ONLY) that
> indicates that
On Wed, 2015-10-21 at 13:21 -0400, Josh Boyer wrote:
> On Wed, Oct 21, 2015 at 1:02 PM, Mimi Zohar <zo...@linux.vnet.ibm.com> wrote:
> > On Wed, 2015-10-21 at 16:13 +0100, David Howells wrote:
> >> Here's a set of patches that changes how keys are determined to be trusted
On Wed, 2015-10-21 at 14:21 -0400, Josh Boyer wrote:
> On Wed, Oct 21, 2015 at 2:11 PM, Mimi Zohar <zo...@linux.vnet.ibm.com> wrote:
> > On Wed, 2015-10-21 at 13:21 -0400, Josh Boyer wrote:
> >> On Wed, Oct 21, 2015 at 1:02 PM, Mimi Zohar <zo...@linux.vnet.ibm.com>
&
On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote:
Async hash API allows to use HW acceleration for hash calculation.
It may give significant performance gain or/and reduce power consumption,
which might be very beneficial for battery powered devices.
This patch introduces hash
On Mon, 2014-07-07 at 16:37 +0300, Dmitry Kasatkin wrote:
On 07/07/14 14:56, Mimi Zohar wrote:
On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote:
+/**
This is the kernel-doc delimiter.
+ * ima_calc_file_hash - calculae file hash
+ *
Missing kernel-doc argument
On Mon, 2014-07-07 at 19:11 +0300, Dmitry Kasatkin wrote:
On 07/07/14 18:44, Mimi Zohar wrote:
On Mon, 2014-07-07 at 16:37 +0300, Dmitry Kasatkin wrote:
On 07/07/14 14:56, Mimi Zohar wrote:
On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote:
+/**
This is the kernel-doc
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
Async hash API allows to use HW acceleration for hash calculation.
It may give significant performance gain or/and reduce power consumption,
which might be very beneficial for battery powered devices.
This patch introduces hash
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
-/*
- * Calculate the MD5/SHA1 file digest
- */
+static struct crypto_ahash *ima_alloc_atfm(enum hash_algo algo)
+{
+ struct crypto_ahash *tfm = ima_ahash_tfm;
+ int rc;
+
+ if ((algo != ima_hash_algo algo
On Wed, 2014-07-02 at 21:20 +0300, Dmitry Kasatkin wrote:
On 2 July 2014 19:40, Mimi Zohar zo...@linux.vnet.ibm.com wrote:
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
Async hash API allows to use HW acceleration for hash calculation.
It may give significant performance gain
On Wed, 2014-07-02 at 21:21 +0300, Dmitry Kasatkin wrote:
On 2 July 2014 20:44, Mimi Zohar zo...@linux.vnet.ibm.com wrote:
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
-/*
- * Calculate the MD5/SHA1 file digest
- */
+static struct crypto_ahash *ima_alloc_atfm(enum
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
Use of multiple-page collect buffers reduces:
1) the number of block IO requests
2) the number of asynchronous hash update requests
Second is important for HW accelerated hashing, because significant
amount of time is spent for
On Mon, 2014-06-30 at 17:58 +0300, Dmitry Kasatkin wrote:
On 26/06/14 14:54, Mimi Zohar wrote:
On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote:
@@ -156,7 +316,7 @@ out:
return rc;
}
-int ima_calc_file_hash(struct file *file, struct ima_digest_data *hash)
+static int
On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote:
Async hash API allows to use HW acceleration for hash calculation.
It may give significant performance gain or/and reduce power consumption,
which might be very beneficial for battery powered devices.
This patch introduces hash
On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote:
Asynchronous hash API allows initiate hash calculation and perform
other tasks while hash is calculated.
This patch introduces usage of double buffering for simultenous
From: Dmitry Kasatkin dmitry.kasat...@gmail.com
This patch makes use of the newly defined common hash algorithm info,
replacing, for example, PKEY_HASH with HASH_ALGO.
Changelog:
- Lindent fixes - Mimi
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
Signed-off-by: Mimi Zohar zo
-by: Mimi Zohar zo...@linux.vnet.ibm.com
---
security/integrity/ima/Kconfig| 1 +
security/integrity/ima/ima.h | 7 ++---
security/integrity/ima/ima_api.c | 32 +--
security/integrity/ima/ima_appraise.c | 20 --
security/integrity/ima
for userspace signing functions.
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com
---
crypto/Kconfig | 3 +++
crypto/Makefile| 1 +
crypto/hash_info.c | 56 ++
include
algorithim, when
displaying the new larger digest sizes.
Change log:
- scripts/Lindent fixes - Mimi
- always true comparison - reported by Fengguang Wu, resolved Dmitry
Signed-off-by: Roberto Sassu roberto.sa...@polito.it
Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com
---
security/integrity
CRYPTO_HASH_INFO' in 'config IMA' section (Kconfig)
(Roberto Sassu);
- removed trailing whitespaces (Roberto Sassu).
- Lindent fixes
Signed-off-by: Mimi Zohar zo...@us.ibm.com
Signed-off-by: Roberto Sassu roberto.sa...@polito.it
---
security/integrity/ima/Kconfig| 25
-by: Roberto Sassu roberto.sa...@polito.it
Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com
---
security/integrity/ima/ima.h| 2 +-
security/integrity/ima/ima_crypto.c | 24 +---
security/integrity/ima/ima_init.c | 10 +-
3 files changed, 31 insertions(+), 5
From: Dmitry Kasatkin dmitry.kasat...@gmail.com
ima_calc_buffer_hash will be used with different hash algorithms.
This patch provides support for arbitrary hash algorithms in
ima_calc_buffer_hash.
Signed-off-by: Dmitry Kasatkin dmitry.kasat...@gmail.com
Signed-off-by: Mimi Zohar zo
From: Dmitry Kasatkin d.kasat...@samsung.com
This patch provides dedicated hash algo allocation and
deallocation function which can be used by different clients.
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com
---
security/integrity/ima
, this patch dynamically
allocates the needed hash storage.
Changelog:
- fix krealloc bug
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com
---
security/integrity/iint.c | 2 ++
security/integrity/ima/ima_api.c | 57
. Also, if the template descriptor used
to generate a measurement entry is not 'ima', the whole length of field
data stored for an entry is provided before the data itself through the
binary_runtime_measurement interface.
Changelog:
- unnecessary to use strncmp() (Mimi Zohar)
- create new variable
case - Mimi
- conform to expectation for 'iint' to be defined as a pointer. - Mimi
- add missing 'file' dependency for recalculating file hash. - Mimi
Signed-off-by: Roberto Sassu roberto.sa...@polito.it
Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com
---
security/integrity/ima/ima.h | 3
of a new measurement entry will be performed
by new specific functions (introduced in next patches) and the current IMA
code will not be aware anymore of how data is stored in the entry payload.
Signed-off-by: Roberto Sassu roberto.sa...@polito.it
Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com
.
Change log:
- hash digest definition in ima_store_template() should be TPM_DIGEST_SIZE
Signed-off-by: Mimi Zohar zo...@us.ibm.com
---
security/integrity/ima/ima.h| 2 +-
security/integrity/ima/ima_api.c| 2 +-
security/integrity/ima/ima_crypto.c | 4 ++--
security/integrity/ima/ima_fs.c
to resolve Lindent formatting changes. - Mimi
- abbreviated/removed inline comments - Mimi
Signed-off-by: Roberto Sassu roberto.sa...@polito.it
Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com
---
security/integrity/ima/Makefile | 2 +-
security/integrity/ima/ima.h | 5
the 'security.ima' extended
attribute and calculates the appropriate file data hash based on it.
Changelog:
- fix scripts Lindent and checkpatch msgs - Mimi
Signed-off-by: Dmitry Kasatkin d.kasat...@samsung.com
Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com
---
security/integrity
set in the kernel configuration.
Signed-off-by: Roberto Sassu roberto.sa...@polito.it
Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com
---
Documentation/kernel-parameters.txt | 5 +
security/integrity/ima/ima_template.c | 31 +++
2 files changed, 36 insertions
Signed-off-by: Mimi Zohar zo...@linux.vnet.ibm.com
---
Documentation/security/00-INDEX | 2 +
Documentation/security/IMA-templates.txt | 87
security/integrity/ima/Makefile | 2 +-
security/integrity/ima/ima.h | 29
security
On Tue, 2013-01-29 at 15:10 -0500, Vivek Goyal wrote:
On Tue, Jan 29, 2013 at 03:01:13PM -0500, Mimi Zohar wrote:
[..]
Hi Mimi,
Can we add another field to ima_rule_entry, say .enforcement to control
the behavior of .action. Possible values of .enforcement could be, say
On Mon, 2013-01-28 at 13:52 -0500, Vivek Goyal wrote:
On Mon, Jan 28, 2013 at 05:20:20PM +0200, Kasatkin, Dmitry wrote:
[..]
Ok. I am hoping that it will be more than the kernel command line we
support. In the sense that for digital signatures one needs to parse
the signature, look at
On Mon, 2013-01-28 at 13:56 -0500, Vivek Goyal wrote:
On Mon, Jan 28, 2013 at 05:20:20PM +0200, Kasatkin, Dmitry wrote:
[..]
Ok. I am hoping that it will be more than the kernel command line we
support. In the sense that for digital signatures one needs to parse
the signature, look at
On Mon, 2013-01-28 at 15:13 -0500, Vivek Goyal wrote:
On Mon, Jan 28, 2013 at 02:51:34PM -0500, Mimi Zohar wrote:
On Mon, 2013-01-28 at 13:52 -0500, Vivek Goyal wrote:
On Mon, Jan 28, 2013 at 05:20:20PM +0200, Kasatkin, Dmitry wrote:
[..]
Ok. I am hoping that it will be more than
On Mon, 2013-01-28 at 15:22 -0500, Vivek Goyal wrote:
On Mon, Jan 28, 2013 at 03:15:49PM -0500, Mimi Zohar wrote:
On Mon, 2013-01-28 at 13:56 -0500, Vivek Goyal wrote:
On Mon, Jan 28, 2013 at 05:20:20PM +0200, Kasatkin, Dmitry wrote:
[..]
Ok. I am hoping that it will be more than
On Tue, 2013-01-15 at 12:34 +0200, Dmitry Kasatkin wrote:
Asymmetric keys were introduced in linux-3.7 to verify the signature on
signed kernel modules. The asymmetric keys infrastructure abstracts the
signature verification from the crypto details. This patch adds IMA/EVM
signature
On Thu, 2013-01-17 at 18:03 +, David Howells wrote:
I would also like to have a look at altering your trusted key type[*] to be a
subtype of asymmetric keys so that the asymmetric key type can cover keys from
more sources:
- Compiled-in keys.
- Keys from UEFI db.
-
On Thu, 2013-01-17 at 18:03 +, David Howells wrote:
Load all the files matching the pattern *.x509 that are to be found in
kernel
base source dir and base build dir into the module signing keyring.
Do we really want certificates cluttering up the base source tree? Any
reason not to define
On Wed, 2012-09-26 at 13:16 +0930, Rusty Russell wrote:
David Howells dhowe...@redhat.com writes:
The module signing patches provide:
- Some fixes to Rusty's patch. Also an additional patch to extend the
policy
handling for modules signed with an unknown key and to handle FIPS
type to its own directory.
Acked-by: Mimi Zohar zo...@us.ibm.com
thanks,
Mimi
---
Documentation/security/keys-crypto.txt | 181 +
include/keys/crypto-subtype.h | 56
include/keys/crypto-type.h | 25 +++
security/keys/Kconfig
On Fri, 2011-12-02 at 18:42 +, David Howells wrote:
Here are a set of patches that create a framework for using cryptographic keys
within the kernel. The patches can also be found at:
that the keyrings are only used for the digital
signatures.
Acked-by: Mimi Zohar zo...@us.ibm.com
---
security/integrity/Kconfig | 14 +++
security/integrity/Makefile|1 +
security/integrity/digsig.c| 48
security/integrity
On Tue, 2011-09-13 at 17:20 +0300, Dmitry Kasatkin wrote:
Hello,
Changes to version 2.0:
- MPI patch has been split to smaller in order to go to mailing lists.
First 2 patches include only source and header files which are needed
to build ksign verification. Headers and sources are
On Fri, 2010-12-03 at 13:42 +, David Howells wrote:
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
+#define KEY_TRUSTED_PREFIX trusted:
+#define KEY_TRUSTED_PREFIX_LEN (sizeof (KEY_TRUSTED_PREFIX) - 1)
+#define KEY_USER_PREFIX user:
+#define KEY_USER_PREFIX_LEN (sizeof (KEY_USER_PREFIX
and negative on failure,
remove unnecessary tests.
- Replaced kzalloc() with kmalloc()
Signed-off-by: Mimi Zohar zo...@us.ibm.com
Signed-off-by: David Safford saff...@watson.ibm.com
Reviewed-by: Roberto Sassu roberto.sa...@polito.it
---
include/keys/encrypted-type.h | 29 ++
security/Kconfig
Hi!
Am having problems finding any shash API documentation. Could someone
tell me if 'out' needs to be zeroed before calling crypto_shash_digest?
int crypto_shash_digest(struct shash_desc *desc, const u8 *data,
unsigned int len, u8 *out)
thanks,
Mimi
--
To unsubscribe
against boot and offline attacks. Other uses
for trusted and encrypted keys, such as for disk and file encryption are
anticipated.
Mimi Zohar
David Safford
Mimi Zohar (5):
lib: hex2bin converts ascii hexadecimal string to binary
tpm: add module_put wrapper
key: add tpm_send command
keys: add
For readability, define a tpm_chip_put() wrapper to call module_put().
Replace existing module_put() calls with the wrapper.
(Change based on trusted/encrypted patchset review by David Howells.)
Signed-off-by: Mimi Zohar zo...@us.ibm.com
Signed-off-by: David Safford saff...@watson.ibm.com
Acked
by Roberto Sassu)
- Updated Kconfig and other descriptions (based on Serge Hallyn's suggestion)
- Replaced kzalloc() with kmalloc() (reported by Serge Hallyn)
Signed-off-by: David Safford saff...@watson.ibm.com
Signed-off-by: Mimi Zohar zo...@us.ibm.com
---
Documentation/keys-trusted-encrypted.txt
Howell's comment)
Signed-off-by: Mimi Zohar zo...@us.ibm.com
Acked-by: Serge E. Hallyn se...@hallyn.com
Acked-by: David Howells dhowe...@redhat.com
---
include/linux/kernel.h |1 +
lib/hexdump.c | 16
2 files changed, 17 insertions(+), 0 deletions(-)
diff --git
...@watson.ibm.com
Signed-off-by: Mimi Zohar zo...@us.ibm.com
Acked-by: David Howells dhowe...@redhat.com
---
drivers/char/tpm/tpm.c | 16
include/linux/tpm.h|4
2 files changed, 20 insertions(+), 0 deletions(-)
diff --git a/drivers/char/tpm/tpm.c b/drivers/char/tpm/tpm.c
index
On Fri, 2010-11-19 at 16:43 +, David Howells wrote:
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
+static int datablob_format(char __user *buffer,
+ struct encrypted_key_payload *epayload,
+ int asciiblob_len)
size_t? There are other
On Tue, 2010-11-16 at 14:08 +, David Howells wrote:
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
Am assuming you mean something like this:
keyctl add encrypted name new trusted:master-key-name keylen ring
keyctl add encrypted name new user:master-key-name keylen ring
, protects against boot and offline attacks. Other uses
for trusted and encrypted keys, such as for disk and file encryption are
anticipated.
Mimi Zohar
David Safford
Mimi Zohar (5):
lib: hex2bin converts ascii hexadecimal string to binary
tpm: add module_put wrapper
key: add tpm_send
Howell's comment)
Signed-off-by: Mimi Zohar zo...@us.ibm.com
Acked-by: Serge E. Hallyn se...@hallyn.com
---
include/linux/kernel.h |1 +
lib/hexdump.c | 16
2 files changed, 17 insertions(+), 0 deletions(-)
diff --git a/include/linux/kernel.h b/include/linux
1 - 100 of 132 matches
Mail list logo