Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull security subsystem updates from James Morris: "Highlights: - A new LSM, "LoadPin", from Kees Cook is added, which allows forcing of modules and firmware to be loaded from a specific device (this is from ChromeOS, where the device as a whole is verified cryptographically via dm-verity). This is disabled by default but can be configured to be enabled by default (don't do this if you don't know what you're doing). - Keys: allow authentication data to be stored in an asymmetric key. Lots of general fixes and updates. - SELinux: add restrictions for loading of kernel modules via finit_module(). Distinguish non-init user namespace capability checks. Apply execstack check on thread stacks" * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (48 commits) LSM: LoadPin: provide enablement CONFIG Yama: use atomic allocations when reporting seccomp: Fix comment typo ima: add support for creating files using the mknodat syscall ima: fix ima_inode_post_setattr vfs: forbid write access when reading a file into memory fs: fix over-zealous use of "const" selinux: apply execstack check on thread stacks selinux: distinguish non-init user namespace capability checks LSM: LoadPin for kernel file loading restrictions fs: define a string representation of the kernel_read_file_id enumeration Yama: consolidate error reporting string_helpers: add kstrdup_quotable_file string_helpers: add kstrdup_quotable_cmdline string_helpers: add kstrdup_quotable selinux: check ss_initialized before revalidating an inode label selinux: delay inode label lookup as long as possible selinux: don't revalidate an inode's label when explicitly setting it selinux: Change bool variable name to index. KEYS: Add KEYCTL_DH_COMPUTE command ...
author: Linus Torvalds <torvalds@linux-foundation.org> 2016-05-19 12:21:36 -0400
committer: Linus Torvalds <torvalds@linux-foundation.org> 2016-05-19 12:21:36 -0400
commit: f4f27d0028aabce57e44c16c2fdefccd6310d2f3 (patch)
tree: 09f25601316d22b64165c19042da51c101bde3c4 /include/crypto
parent: 2600a46ee0ed57c0e0a382c2a37ebac64d374d20 (diff)
parent: b937190c40de0f6f07f592042e3097b16c6b0130 (diff)
2 files changed, 15 insertions, 24 deletions
diff --git a/include/crypto/pkcs7.h b/include/crypto/pkcs7.h
index 441aff9b5aa7..583f199400a3 100644
--- a/include/crypto/pkcs7.h
+++ b/include/crypto/pkcs7.h
@@ -12,6 +12,7 @@
 #ifndef _CRYPTO_PKCS7_H
 #define _CRYPTO_PKCS7_H
+#include <linux/verification.h>
 #include <crypto/public_key.h>
 struct key;
@@ -26,14 +27,13 @@ extern void pkcs7_free_message(struct pkcs7_message *pkcs7);
 extern int pkcs7_get_content_data(const struct pkcs7_message *pkcs7,
                                  const void **_data, size_t *_datalen,
-                                  bool want_wrapper);
+                                  size_t *_headerlen);
 /*
 * pkcs7_trust.c
 */
 extern int pkcs7_validate_trust(struct pkcs7_message *pkcs7,
-                                struct key *trust_keyring,
+                                struct key *trust_keyring);
-                                bool *_trusted);
 /*
 * pkcs7_verify.c
diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h
index aa730ea7faf8..882ca0e1e7a5 100644
--- a/include/crypto/public_key.h
+++ b/include/crypto/public_key.h
@@ -15,20 +15,6 @@
 #define _LINUX_PUBLIC_KEY_H
 /*
- * The use to which an asymmetric key is being put.
- */
-enum key_being_used_for {
-        VERIFYING_MODULE_SIGNATURE,
-        VERIFYING_FIRMWARE_SIGNATURE,
-        VERIFYING_KEXEC_PE_SIGNATURE,
-        VERIFYING_KEY_SIGNATURE,
-        VERIFYING_KEY_SELF_SIGNATURE,
-        VERIFYING_UNSPECIFIED_SIGNATURE,
-        NR__KEY_BEING_USED_FOR
-};
-extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR];
-/*
 * Cryptographic data for the public-key subtype of the asymmetric key type.
 *
 * Note that this may include private part of the key as well as the public
@@ -41,12 +27,13 @@ struct public_key {
        const char *pkey_algo;
 };
-extern void public_key_destroy(void *payload);
+extern void public_key_free(struct public_key *key);
 /*
 * Public key cryptography signature data
 */
 struct public_key_signature {
+        struct asymmetric_key_id *auth_ids[2];
        u8 *s;                  /* Signature */
        u32 s_size;             /* Number of bytes in signature */
        u8 *digest;
@@ -55,17 +42,21 @@ struct public_key_signature {
        const char *hash_algo;
 };
+extern void public_key_signature_free(struct public_key_signature *sig);
 extern struct asymmetric_key_subtype public_key_subtype;
 struct key;
+struct key_type;
+union key_payload;
+extern int restrict_link_by_signature(struct key *trust_keyring,
+                                      const struct key_type *type,
+                                      const union key_payload *payload);
 extern int verify_signature(const struct key *key,
                            const struct public_key_signature *sig);
-struct asymmetric_key_id;
-extern struct key *x509_request_asymmetric_key(struct key *keyring,
-                                               const struct asymmetric_key_id *id,
-                                               const struct asymmetric_key_id *skid,
-                                               bool partial);
 int public_key_verify_signature(const struct public_key *pkey,
                                const struct public_key_signature *sig);
author	Linus Torvalds <torvalds@linux-foundation.org>	2016-05-19 12:21:36 -0400
committer	Linus Torvalds <torvalds@linux-foundation.org>	2016-05-19 12:21:36 -0400
commit	f4f27d0028aabce57e44c16c2fdefccd6310d2f3 (patch)
tree	09f25601316d22b64165c19042da51c101bde3c4 /include/crypto
parent	2600a46ee0ed57c0e0a382c2a37ebac64d374d20 (diff)
parent	b937190c40de0f6f07f592042e3097b16c6b0130 (diff)