[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1547061671.19931.239.camel@linux.ibm.com>
Date: Wed, 09 Jan 2019 14:21:11 -0500
From: Mimi Zohar <zohar@...ux.ibm.com>
To: Kairui Song <kasong@...hat.com>, linux-kernel@...r.kernel.org
Cc: dhowells@...hat.com, dwmw2@...radead.org,
jwboyer@...oraproject.org, keyrings@...r.kernel.org,
jmorris@...ei.org, serge@...lyn.com, bauerman@...ux.ibm.com,
ebiggers@...gle.com, nayna@...ux.ibm.com, dyoung@...hat.com,
linux-integrity@...r.kernel.org, kexec@...ts.infradead.org
Subject: Re: [RFC PATCH 1/2] integrity, KEYS: add a reference to platform
keyring
On Thu, 2019-01-10 at 00:48 +0800, Kairui Song wrote:
> Currently kexec_file_load will verify the kernel image being loaded
> against .builtin_trusted_keys or .secondary_trusted_keys, but the
> image could be signed with third part keys which will be provided by
> platform or firmware and the keys won't be available in keyrings mentioned
> above.
>
> After commit ea93102f3224 ('integrity: Define a trusted platform keyring')
> a .platform keyring is introduced to store the keys provided by platform
> or firmware. And with a few following commits, now keys required to verify
> the image is being imported to .platform keyring, but currently, only
> IMA-appraisal could use the keyring and verify the image.
>
> This patch exposes the .platform and makes other components, like
> kexec_file_load, could use this .platform keyring to verify the
> kernel image.
The "platform" keyring was upstreamed in order to verify the kernel
image being loaded by the kexec_file_load syscall. The intentions of
this patch description needs to be clearer.
>
> Suggested-by: Mimi Zohar <zohar@...ux.ibm.com>
> Signed-off-by: Kairui Song <kasong@...hat.com>
> ---
> certs/system_keyring.c | 3 +++
> include/keys/system_keyring.h | 5 +++++
> security/integrity/digsig.c | 4 ++++
> 3 files changed, 12 insertions(+)
>
> diff --git a/certs/system_keyring.c b/certs/system_keyring.c
> index 81728717523d..a61b95390b80 100644
> --- a/certs/system_keyring.c
> +++ b/certs/system_keyring.c
> @@ -24,6 +24,9 @@ static struct key *builtin_trusted_keys;
> #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING
> static struct key *secondary_trusted_keys;
> #endif
> +#ifdef CONFIG_INTEGRITY_PLATFORM_KEYRING
> +struct key *platform_trusted_keys;
Please make it static.
Mimi
> +#endif
Powered by blists - more mailing lists