| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1320237682-3857-1-git-send-email-roberto.sassu@polito.it>
Date: Wed, 2 Nov 2011 13:41:18 +0100
From: Roberto Sassu <roberto.sassu@...ito.it>
To: keyrings@...ux-nfs.org
Cc: linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org, safford@...son.ibm.com,
zohar@...ibm.com, dhowells@...hat.com, jmorris@...ei.org,
Roberto Sassu <roberto.sassu@...ito.it>
Subject: [PATCH 1/2] trusted-key: allow overwriting the migratable flag
The migratable should be modifiable during the key update() method. This
allows for example to update a migratable trusted key, wrapped by a TPM
key, to a a non-migratable one sealed under the SRK with a PCR set.
Signed-off-by: Roberto Sassu <roberto.sassu@...ito.it>
---
security/keys/trusted.c | 1 -
1 files changed, 0 insertions(+), 1 deletions(-)
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index 0c33e2e..8777015 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -1036,7 +1036,6 @@ static int trusted_update(struct key *key, const void *data, size_t datalen)
goto out;
}
/* copy old key values, and reseal with new pcrs */
- new_p->migratable = p->migratable;
new_p->key_len = p->key_len;
memcpy(new_p->key, p->key, p->key_len);
dump_payload(p);
--
1.7.6.4
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (2061 bytes)
Powered by blists - more mailing lists