Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux

Pull module signing support from Rusty Russell:
 "module signing is the highlight, but it's an all-over David Howells frenzy..."

Hmm "Magrathea: Glacier signing key". Somebody has been reading too much HHGTTG.

* 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux: (37 commits)
  X.509: Fix indefinite length element skip error handling
  X.509: Convert some printk calls to pr_devel
  asymmetric keys: fix printk format warning
  MODSIGN: Fix 32-bit overflow in X.509 certificate validity date checking
  MODSIGN: Make mrproper should remove generated files.
  MODSIGN: Use utf8 strings in signer's name in autogenerated X.509 certs
  MODSIGN: Use the same digest for the autogen key sig as for the module sig
  MODSIGN: Sign modules during the build process
  MODSIGN: Provide a script for generating a key ID from an X.509 cert
  MODSIGN: Implement module signature checking
  MODSIGN: Provide module signing public keys to the kernel
  MODSIGN: Automatically generate module signing keys if missing
  MODSIGN: Provide Kconfig options
  MODSIGN: Provide gitignore and make clean rules for extra files
  MODSIGN: Add FIPS policy
  module: signature checking hook
  X.509: Add a crypto key parser for binary (DER) X.509 certificates
  MPILIB: Provide a function to read raw data into an MPI
  X.509: Add an ASN.1 decoder
  X.509: Add simple ASN.1 grammar compiler
  ...

1 files changed, 55 insertions, 0 deletions

diff --git a/lib/mpi/mpicoder.c b/lib/mpi/mpicoder.c
index f0fa65995800..3962b7f7fe3f 100644
--- a/lib/mpi/mpicoder.c
+++ b/lib/mpi/mpicoder.c
@@ -18,10 +18,65 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#include <linux/bitops.h>
+#include <asm-generic/bitops/count_zeros.h>
 #include "mpi-internal.h"
 
 #define MAX_EXTERN_MPI_BITS 16384
 
+/**
+ * mpi_read_raw_data - Read a raw byte stream as a positive integer
+ * @xbuffer: The data to read
+ * @nbytes: The amount of data to read
+ */
+MPI mpi_read_raw_data(const void *xbuffer, size_t nbytes)
+{
+        const uint8_t *buffer = xbuffer;
+        int i, j;
+        unsigned nbits, nlimbs;
+        mpi_limb_t a;
+        MPI val = NULL;
+
+        while (nbytes >= 0 && buffer[0] == 0) {
+                buffer++;
+                nbytes--;
+        }
+
+        nbits = nbytes * 8;
+        if (nbits > MAX_EXTERN_MPI_BITS) {
+                pr_info("MPI: mpi too large (%u bits)\n", nbits);
+                return NULL;
+        }
+        if (nbytes > 0)
+                nbits -= count_leading_zeros(buffer[0]);
+        else
+                nbits = 0;
+
+        nlimbs = (nbytes + BYTES_PER_MPI_LIMB - 1) / BYTES_PER_MPI_LIMB;
+        val = mpi_alloc(nlimbs);
+        if (!val)
+                return NULL;
+        val->nbits = nbits;
+        val->sign = 0;
+        val->nlimbs = nlimbs;
+
+        if (nbytes > 0) {
+                i = BYTES_PER_MPI_LIMB - nbytes % BYTES_PER_MPI_LIMB;
+                i %= BYTES_PER_MPI_LIMB;
+                for (j = nlimbs; j > 0; j--) {
+                        a = 0;
+                        for (; i < BYTES_PER_MPI_LIMB; i++) {
+                                a <<= 8;
+                                a |= *buffer++;
+                        }
+                        i = 0;
+                        val->d[j - 1] = a;
+                }
+        }
+        return val;
+}
+EXPORT_SYMBOL_GPL(mpi_read_raw_data);
+
 MPI mpi_read_from_buffer(const void *xbuffer, unsigned *ret_nread)
 {
         const uint8_t *buffer = xbuffer;