lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LRH.2.02.1309271740020.30431@tundra.namei.org>
Date:	Fri, 27 Sep 2013 17:40:13 +1000 (EST)
From:	James Morris <jmorris@...ei.org>
To:	David Howells <dhowells@...hat.com>
cc:	simo@...hat.com, zohar@...ux.vnet.ibm.com, keyrings@...ux-nfs.org,
	linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [GIT PULL] Keyrings patches

On Wed, 25 Sep 2013, David Howells wrote:

> 
> Hi James,
> 
> Could you pull these patches into the security tree?  They're based on your
> next branch.
> 

Thanks, pulled.


> The patches can be viewed as a number of sets:
> 
>  (1) KEYS: Skip key state checks when checking for possession
> 
>      This is a fix for determining the possessed status of keys that have been
>      invalidated or revoked or that have expired.  If nothing else, can you
>      please pick this and pass it upstream.
> 
>  (2) KEYS: Expand the capacity of a keyring
>      Add a generic associative array implementation
>      KEYS: Drop the permissions argument from __keyring_search_one()
>      KEYS: Define a __key_get() wrapper to use rather than atomic_inc()
>      KEYS: Search for auth-key by name rather than target key ID
>      KEYS: Introduce a search context structure
>      KEYS: Consolidate the concept of an 'index key' for key access
>      KEYS: key_is_dead() should take a const key pointer argument
>      KEYS: Use bool in make_key_ref() and is_key_possessed()
> 
>      Patches to to expand the capacity of a keyring by using an associative
>      array rather than a flat list and patches to do some preparatory cleanups
>      for those.
> 
>  (3) KEYS: Add per-user_namespace registers for persistent per-UID kerberos caches
>      KEYS: Implement a big key type that can save to tmpfs
> 
>      Patches to add better support for libkrb5 to save its tokens in a kernel
>      keyring rather than in files.  It already has this ability to some
>      extent, but that has two problems: your tokens get deleted when you log
>      out (so your cron jobs can't use them) and the capacity of a user type
>      key is not sufficient for some of the huge Kerberos tickets one can get.
>      These patches address that.
> 
>  (4) KEYS: Rename public key parameter name arrays
>      KEYS: Move the algorithm pointer array from x509 to public_key.c
>      KEYS: Store public key algo ID in public_key struct
>      KEYS: Split public_key_verify_signature() and make available
>      KEYS: Store public key algo ID in public_key_signature struct
>      X.509: struct x509_certificate needs struct tm declaring
>      X.509: Embed public_key_signature struct and create filler function
>      X.509: Check the algorithm IDs obtained from parsing an X.509 certificate
>      X.509: Handle certificates that lack an authorityKeyIdentifier field
>      X.509: Remove certificate date checks
> 
>      Patches to improve the asymmetric key type in various ways, including an
>      important bugfix to prevent an unset system clock from preventing modules
>      from being loaded.
> 
>  (5) KEYS: Load *.x509 files into kernel keyring
>      KEYS: Have make canonicalise the paths of the X.509 certs better to deduplicate
>      KEYS: Separate the kernel signature checking keyring from module signing
>      KEYS: Add a 'trusted' flag and a 'trusted only' flag
>      KEYS: Set the asymmetric-key type default search method
>      KEYS: Make the system 'trusted' keyring viewable by userspace
>      KEYS: verify a certificate is signed by a 'trusted' key
>      KEYS: initialize root uid and session keyrings early
> 
>      Patches to provide better support for loading a generic system keyring of
>      crypto keys which may then be used for other things besides module
>      signing (such as kexec).
> 
> There are additional patches from others also.
> 
> David
> ---
> The following changes since commit 5a5f2acfd04269e2e0958067216b68ff461c285c:
> 
>   selinux: add Paul Moore as a SELinux maintainer (2013-09-24 11:50:46 +1000)
> 
> are available in the git repository at:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git keys-devel
> 
> for you to fetch changes up to eb8948a03704f3dbbfc7e83090e20e93c6c476d2:
> 
>   X.509: remove possible code fragility: enumeration values not handled (2013-09-25 17:17:01 +0100)
> 
> ----------------------------------------------------------------
> (from the branch description for keys-devel local branch)
> 
> clone of "master"
> ----------------------------------------------------------------
> Antonio Alecrim Jr (1):
>       X.509: remove possible code fragility: enumeration values not handled
> 
> David Howells (27):
>       KEYS: Skip key state checks when checking for possession
>       KEYS: Use bool in make_key_ref() and is_key_possessed()
>       KEYS: key_is_dead() should take a const key pointer argument
>       KEYS: Consolidate the concept of an 'index key' for key access
>       KEYS: Introduce a search context structure
>       KEYS: Search for auth-key by name rather than target key ID
>       KEYS: Define a __key_get() wrapper to use rather than atomic_inc()
>       KEYS: Drop the permissions argument from __keyring_search_one()
>       Add a generic associative array implementation.
>       KEYS: Expand the capacity of a keyring
>       KEYS: Implement a big key type that can save to tmpfs
>       KEYS: Add per-user_namespace registers for persistent per-UID kerberos caches
>       KEYS: Rename public key parameter name arrays
>       KEYS: Move the algorithm pointer array from x509 to public_key.c
>       KEYS: Store public key algo ID in public_key struct
>       KEYS: Split public_key_verify_signature() and make available
>       KEYS: Store public key algo ID in public_key_signature struct
>       X.509: struct x509_certificate needs struct tm declaring
>       X.509: Embed public_key_signature struct and create filler function
>       X.509: Check the algorithm IDs obtained from parsing an X.509 certificate
>       X.509: Handle certificates that lack an authorityKeyIdentifier field
>       X.509: Remove certificate date checks
>       KEYS: Load *.x509 files into kernel keyring
>       KEYS: Have make canonicalise the paths of the X.509 certs better to deduplicate
>       KEYS: Separate the kernel signature checking keyring from module signing
>       KEYS: Add a 'trusted' flag and a 'trusted only' flag
>       KEYS: Set the asymmetric-key type default search method
> 
> Konstantin Khlebnikov (2):
>       MPILIB: add module description and license
>       X.509: add module description and license
> 
> Mimi Zohar (3):
>       KEYS: Make the system 'trusted' keyring viewable by userspace
>       KEYS: verify a certificate is signed by a 'trusted' key
>       KEYS: initialize root uid and session keyrings early
> 
>  Documentation/assoc_array.txt             |  574 ++++++++++
>  Documentation/security/keys.txt           |   20 +-
>  crypto/asymmetric_keys/Kconfig            |    2 +-
>  crypto/asymmetric_keys/asymmetric_type.c  |    1 +
>  crypto/asymmetric_keys/public_key.c       |   60 +-
>  crypto/asymmetric_keys/public_key.h       |    6 +
>  crypto/asymmetric_keys/x509_cert_parser.c |   35 +-
>  crypto/asymmetric_keys/x509_parser.h      |   18 +-
>  crypto/asymmetric_keys/x509_public_key.c  |  232 ++--
>  include/crypto/public_key.h               |    9 +-
>  include/keys/big_key-type.h               |   25 +
>  include/keys/keyring-type.h               |   17 +-
>  include/keys/system_keyring.h             |   23 +
>  include/linux/assoc_array.h               |   92 ++
>  include/linux/assoc_array_priv.h          |  182 +++
>  include/linux/key-type.h                  |    6 +
>  include/linux/key.h                       |   52 +-
>  include/linux/user_namespace.h            |    6 +
>  include/uapi/linux/keyctl.h               |    1 +
>  init/Kconfig                              |   13 +
>  kernel/Makefile                           |   50 +-
>  kernel/modsign_certificate.S              |   12 -
>  kernel/modsign_pubkey.c                   |  104 --
>  kernel/module-internal.h                  |    2 -
>  kernel/module_signing.c                   |    7 +-
>  kernel/system_certificates.S              |   12 +
>  kernel/system_keyring.c                   |  105 ++
>  kernel/user.c                             |    4 +
>  kernel/user_namespace.c                   |    6 +
>  lib/Kconfig                               |   14 +
>  lib/Makefile                              |    1 +
>  lib/assoc_array.c                         | 1746 +++++++++++++++++++++++++++++
>  lib/mpi/mpiutil.c                         |    3 +
>  scripts/asn1_compiler.c                   |    2 +
>  security/keys/Kconfig                     |   29 +
>  security/keys/Makefile                    |    2 +
>  security/keys/big_key.c                   |  204 ++++
>  security/keys/compat.c                    |    3 +
>  security/keys/gc.c                        |   33 +-
>  security/keys/internal.h                  |   74 +-
>  security/keys/key.c                       |   99 +-
>  security/keys/keyctl.c                    |    3 +
>  security/keys/keyring.c                   | 1485 ++++++++++++------------
>  security/keys/persistent.c                |  169 +++
>  security/keys/proc.c                      |   17 +-
>  security/keys/process_keys.c              |  141 +--
>  security/keys/request_key.c               |   56 +-
>  security/keys/request_key_auth.c          |   31 +-
>  security/keys/sysctl.c                    |   11 +
>  security/keys/user_defined.c              |   18 +-
>  50 files changed, 4593 insertions(+), 1224 deletions(-)
>  create mode 100644 Documentation/assoc_array.txt
>  create mode 100644 include/keys/big_key-type.h
>  create mode 100644 include/keys/system_keyring.h
>  create mode 100644 include/linux/assoc_array.h
>  create mode 100644 include/linux/assoc_array_priv.h
>  delete mode 100644 kernel/modsign_certificate.S
>  delete mode 100644 kernel/modsign_pubkey.c
>  create mode 100644 kernel/system_certificates.S
>  create mode 100644 kernel/system_keyring.c
>  create mode 100644 lib/assoc_array.c
>  create mode 100644 security/keys/big_key.c
>  create mode 100644 security/keys/persistent.c
> 

-- 
James Morris
<jmorris@...ei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ