lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 1 Jul 2019 11:19:57 -0700 From: Jaskaran Khurana <jaskarankhurana@...ux.microsoft.com> To: gmazyland@...il.com, ebiggers@...gle.com Cc: linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org, linux-integrity@...r.kernel.org, linux-fsdevel@...r.kernel.org, agk@...hat.com, snitzer@...hat.com, dm-devel@...hat.com, jmorris@...ei.org, scottsh@...rosoft.com, mdsakib@...rosoft.com, mpatocka@...hat.com Subject: [RFC PATCH v6 0/1] Add dm verity root hash pkcs7 sig validation. Changes in v6: Address comments from Milan Broz and Eric Biggers on v5. -Keep the verification code under config DM_VERITY_VERIFY_ROOTHASH_SIG. -Change the command line parameter to requires_signatures(bool) which will force root hash to be signed and trusted if specified. -Fix the signature not being present in verity_status. Merged the https://git.kernel.org/pub/scm/linux/kernel/git/mbroz/linux.git/commit/?h=dm-cryptsetup&id=a26c10806f5257e255b6a436713127e762935ad3 made by Milan Broz and tested it. Jaskaran Khurana (1): Add dm verity root hash pkcs7 sig validation. Documentation/device-mapper/verity.txt | 7 ++ drivers/md/Kconfig | 12 +++ drivers/md/Makefile | 5 + drivers/md/dm-verity-target.c | 43 +++++++- drivers/md/dm-verity-verify-sig.c | 133 +++++++++++++++++++++++++ drivers/md/dm-verity-verify-sig.h | 60 +++++++++++ drivers/md/dm-verity.h | 2 + 7 files changed, 257 insertions(+), 5 deletions(-) create mode 100644 drivers/md/dm-verity-verify-sig.c create mode 100644 drivers/md/dm-verity-verify-sig.h -- 2.17.1
Powered by blists - more mailing lists