aboutsummaryrefslogtreecommitdiffstats
path: root/security/keys/encrypted-keys
Commit message (Collapse)AuthorAge
* KEYS: Fix stale key registration at error pathTakashi Iwai2014-12-06
| | | | | | | | | | | | | | | | | When loading encrypted-keys module, if the last check of aes_get_sizes() in init_encrypted() fails, the driver just returns an error without unregistering its key type. This results in the stale entry in the list. In addition to memory leaks, this leads to a kernel crash when registering a new key type later. This patch fixes the problem by swapping the calls of aes_get_sizes() and register_key_type(), and releasing resources properly at the error paths. Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=908163 Cc: <stable@vger.kernel.org> Signed-off-by: Takashi Iwai <tiwai@suse.de> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
* KEYS: Remove key_type::match in favour of overriding default by match_preparseDavid Howells2014-09-16
| | | | | | | | | | | | | | A previous patch added a ->match_preparse() method to the key type. This is allowed to override the function called by the iteration algorithm. Therefore, we can just set a default that simply checks for an exact match of the key description with the original criterion data and allow match_preparse to override it as needed. The key_type::match op is then redundant and can be removed, as can the user_match() function. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com>
* KEYS: revert encrypted key changeMimi Zohar2014-07-28
| | | | | | | | | Commit fc7c70e "KEYS: struct key_preparsed_payload should have two payload pointers" erroneously modified encrypted-keys. This patch reverts the change to that file. Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: David Howells <dhowells@redhat.com>
* KEYS: struct key_preparsed_payload should have two payload pointersDavid Howells2014-07-22
| | | | | | | | | | struct key_preparsed_payload should have two payload pointers to correspond with those in struct key. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Steve Dickson <steved@redhat.com> Acked-by: Jeff Layton <jlayton@primarydata.com> Reviewed-by: Sage Weil <sage@redhat.com>
* security: replace strict_strto*() with kstrto*()Jingoo Han2014-02-06
| | | | | | | | | The usage of strict_strto*() is not preferred, because strict_strto*() is obsolete. Thus, kstrto*() should be used. Signed-off-by: Jingoo Han <jg1.han@samsung.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
* KEYS: Add payload preparsing opportunity prior to key instantiate or updateDavid Howells2012-10-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Give the key type the opportunity to preparse the payload prior to the instantiation and update routines being called. This is done with the provision of two new key type operations: int (*preparse)(struct key_preparsed_payload *prep); void (*free_preparse)(struct key_preparsed_payload *prep); If the first operation is present, then it is called before key creation (in the add/update case) or before the key semaphore is taken (in the update and instantiate cases). The second operation is called to clean up if the first was called. preparse() is given the opportunity to fill in the following structure: struct key_preparsed_payload { char *description; void *type_data[2]; void *payload; const void *data; size_t datalen; size_t quotalen; }; Before the preparser is called, the first three fields will have been cleared, the payload pointer and size will be stored in data and datalen and the default quota size from the key_type struct will be stored into quotalen. The preparser may parse the payload in any way it likes and may store data in the type_data[] and payload fields for use by the instantiate() and update() ops. The preparser may also propose a description for the key by attaching it as a string to the description field. This can be used by passing a NULL or "" description to the add_key() system call or the key_create_or_update() function. This cannot work with request_key() as that required the description to tell the upcall about the key to be created. This, for example permits keys that store PGP public keys to generate their own name from the user ID and public key fingerprint in the key. The instantiate() and update() operations are then modified to look like this: int (*instantiate)(struct key *key, struct key_preparsed_payload *prep); int (*update)(struct key *key, struct key_preparsed_payload *prep); and the new payload data is passed in *prep, whether or not it was preparsed. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* encrypted-keys: fix rcu and sparse messagesMimi Zohar2012-01-17
| | | | | | | | | | | | | | | | | Enabling CONFIG_PROVE_RCU and CONFIG_SPARSE_RCU_POINTER resulted in "suspicious rcu_dereference_check() usage!" and "incompatible types in comparison expression (different address spaces)" messages. Access the masterkey directly when holding the rwsem. Changelog v1: - Use either rcu_read_lock()/rcu_derefence_key()/rcu_read_unlock() or remove the unnecessary rcu_derefence() - David Howells Reported-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
* keys: fix trusted/encrypted keys sparse rcu_assign_pointer messagesMimi Zohar2012-01-17
| | | | | | | | | | | | | Define rcu_assign_keypointer(), which uses the key payload.rcudata instead of payload.data, to resolve the CONFIG_SPARSE_RCU_POINTER message: "incompatible types in comparison expression (different address spaces)" Replace the rcu_assign_pointer() calls in encrypted/trusted keys with rcu_assign_keypointer(). Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
* encrypted-keys: module build fixesMimi Zohar2011-11-16
| | | | | | | | | | | | | | | | Encrypted keys are encrypted/decrypted using either a trusted or user-defined key type, which is referred to as the 'master' key. The master key may be of type trusted iff the trusted key is builtin or both the trusted key and encrypted keys are built as modules. This patch resolves the build dependency problem. - Use "masterkey-$(CONFIG_TRUSTED_KEYS)-$(CONFIG_ENCRYPTED_KEYS)" construct to encapsulate the above logic. (Suggested by Dimtry Kasatkin.) - Fixing the encrypted-keys Makefile, results in a module name change from encrypted.ko to encrypted-keys.ko. - Add module dependency for request_trusted_key() definition Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
* encrypted-keys: fix error return codeMimi Zohar2011-11-16
| | | | | | Fix request_master_key() error return code. Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
* security: follow rename pack_hex_byte() to hex_byte_pack()Andy Shevchenko2011-10-31
| | | | | | | | | | There is no functional change. Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Cc: Mimi Zohar <zohar@us.ibm.com> Cc: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* encrypted-keys: check hex2bin resultMimi Zohar2011-09-20
| | | | | | | | | | | For each hex2bin call in encrypted keys, check that the ascii hex string is valid. On failure, return -EINVAL. Changelog v1: - hex2bin now returns an int Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Acked-by: Andy Shevchenko <andy.shevchenko@gmail.com>
* encrypted-keys: IS_ERR need include/err.hStephen Rothwell2011-09-15
| | | | | | | | | | Fixes this build error: security/keys/encrypted-keys/masterkey_trusted.c: In function 'request_trusted_key': security/keys/encrypted-keys/masterkey_trusted.c:35:2: error: implicit declaration of function 'IS_ERR' Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
* encrypted-keys: remove trusted-keys dependencyMimi Zohar2011-09-14
| | | | | | | | Encrypted keys are decrypted/encrypted using either a trusted-key or, for those systems without a TPM, a user-defined key. This patch removes the trusted-keys and TCG_TPM dependencies. Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
* encrypted-keys: create encrypted-keys directoryMimi Zohar2011-09-14
Move all files associated with encrypted keys to keys/encrypted-keys. Signed-off-by: Mimi Zohar <zohar@us.ibm.com>