lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 15 Jan 2013 16:34:53 -0500
From:	Vivek Goyal <vgoyal@...hat.com>
To:	linux-kernel@...r.kernel.org
Cc:	ebiederm@...ssion.com, zohar@...ux.vnet.ibm.com, pjones@...hat.com,
	hpa@...or.com, dhowells@...hat.com, jwboyer@...hat.com,
	vgoyal@...hat.com
Subject: [PATCH 1/3] module: export couple of functions for use in process signature verification

This probably is not the right thing to do. May be module keyring and
functions to retrieve key and mpi array should be moved into separate file
so that it could be shared.

But for the time being as quick RFC, just export couple of functions
from module_signing.c

Signed-off-by: Vivek Goyal <vgoyal@...hat.com>
---
 include/linux/module.h  |    8 ++++++++
 kernel/module_signing.c |    4 ++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/include/linux/module.h b/include/linux/module.h
index 7760c6d..fd121f9 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -17,6 +17,7 @@
 #include <linux/moduleparam.h>
 #include <linux/tracepoint.h>
 #include <linux/export.h>
+#include <crypto/public_key.h>
 
 #include <linux/percpu.h>
 #include <asm/module.h>
@@ -450,6 +451,13 @@ extern void __module_put_and_exit(struct module *mod, long code)
 	__attribute__((noreturn));
 #define module_put_and_exit(code) __module_put_and_exit(THIS_MODULE, code);
 
+#ifdef CONFIG_MODULE_SIG
+extern struct key *request_asymmetric_key(const char *signer, size_t signer_len,
+				const u8 *key_id, size_t key_id_len);
+extern int mod_extract_mpi_array(struct public_key_signature *pks,
+				const void *data, size_t len);
+#endif
+
 #ifdef CONFIG_MODULE_UNLOAD
 unsigned long module_refcount(struct module *mod);
 void __symbol_put(const char *symbol);
diff --git a/kernel/module_signing.c b/kernel/module_signing.c
index f2970bd..4362a35 100644
--- a/kernel/module_signing.c
+++ b/kernel/module_signing.c
@@ -104,7 +104,7 @@ error_no_pks:
  *
  * RSA signatures only have one MPI, so currently we only read one.
  */
-static int mod_extract_mpi_array(struct public_key_signature *pks,
+int mod_extract_mpi_array(struct public_key_signature *pks,
 				 const void *data, size_t len)
 {
 	size_t nbytes;
@@ -129,7 +129,7 @@ static int mod_extract_mpi_array(struct public_key_signature *pks,
 /*
  * Request an asymmetric key.
  */
-static struct key *request_asymmetric_key(const char *signer, size_t signer_len,
+struct key *request_asymmetric_key(const char *signer, size_t signer_len,
 					  const u8 *key_id, size_t key_id_len)
 {
 	key_ref_t key;
-- 
1.7.7.6

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ