lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <29947.1440420712@warthog.procyon.org.uk>
Date:	Mon, 24 Aug 2015 13:51:52 +0100
From:	David Howells <dhowells@...hat.com>
To:	jmorris@...ei.org
Cc:	dhowells@...hat.com, linux-security-module@...r.kernel.org,
	dwmw2@...radead.org, linux-kernel@...r.kernel.org,
	linux-crypto@...r.kernel.org, keyrings@...r.kernel.org
Subject: [GIT PULL] Move cert handling to certs/ directory

Hi James,

Sorry for the late request, but can you pull this please?  It's a set of
commits that puts a bit of polish on the previous module signing patches.
It moves the certificate handling to its own directory rather than sharing
in the kernel/ directory.  It then moves key generation into the certs/
directory rather than doing it in the root.

This allows us to simplify the kernel/Makefile and slightly simplify the
new certs/Makefile.  It also keeps the various generated files in the same
place to make them easier to find and clean up.

David
---
The following changes since commit 0e38c35815f50e5a347977d76fb5eb4c3bf020b5:

  Merge branch 'smack-for-4.3' of https://github.com/cschaufler/smack-next into next (2015-08-14 17:35:10 +1000)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git tags/modsign-pkcs7-20150814

for you to fetch changes up to 3ee550f12c1529a023f71c9b5becb3351911047b:

  modsign: Handle signing key in source tree (2015-08-14 16:32:52 +0100)

----------------------------------------------------------------
Module signing with PKCS#7

----------------------------------------------------------------
David Howells (1):
      Move certificate handling to its own directory

David Woodhouse (2):
      modsign: Use if_changed rule for extracting cert from module signing key
      modsign: Handle signing key in source tree

 Documentation/module-signing.txt        |  18 ++--
 MAINTAINERS                             |   9 ++
 Makefile                                |   9 +-
 certs/Kconfig                           |  42 ++++++++++
 certs/Makefile                          |  94 +++++++++++++++++++++
 {kernel => certs}/system_certificates.S |   4 +-
 {kernel => certs}/system_keyring.c      |   0
 crypto/Kconfig                          |   1 +
 init/Kconfig                            |  39 ---------
 kernel/Makefile                         | 143 --------------------------------
 scripts/Kbuild.include                  |  51 ++++++++++++
 11 files changed, 212 insertions(+), 198 deletions(-)
 create mode 100644 certs/Kconfig
 create mode 100644 certs/Makefile
 rename {kernel => certs}/system_certificates.S (86%)
 rename {kernel => certs}/system_keyring.c (100%)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ