The following changes since commit 925a6f0bf8bd122d5d2429af7f0ca0fecf4ae71f:
Merge tag 'hwspinlock-3.6-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/ohad/hwspinlock (2012-09-18 11:58:54 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux.git modules-next
for you to fetch changes up to dbadc17683e6c673a69b236c0f041b931cc55c42:
X.509: Fix indefinite length element skip error handling (2012-10-10 20:06:39 +1030)
----------------------------------------------------------------
module signing is the highlight, but it's an all-over David Howells frenzy...
----------------------------------------------------------------
David Howells (30):
Make most arch asm/module.h files use asm-generic/module.h
KEYS: Add payload preparsing opportunity prior to key instantiate or update
MPILIB: Provide count_leading/trailing_zeros() based on arch functions
KEYS: Document asymmetric key type
KEYS: Implement asymmetric key type
KEYS: Asymmetric key pluggable data parsers
KEYS: Asymmetric public-key algorithm crypto key subtype
KEYS: Provide signature verification with an asymmetric key
MPILIB: Reinstate mpi_cmp[_ui]() and export for RSA signature verification
RSA: Implement signature verification algorithm [PKCS#1 / RFC3447]
RSA: Fix signature verification for shorter signatures
X.509: Implement simple static OID registry
X.509: Add utility functions to render OIDs as strings
X.509: Add simple ASN.1 grammar compiler
X.509: Add an ASN.1 decoder
MPILIB: Provide a function to read raw data into an MPI
X.509: Add a crypto key parser for binary (DER) X.509 certificates
MODSIGN: Add FIPS policy
MODSIGN: Provide gitignore and make clean rules for extra files
MODSIGN: Provide Kconfig options
MODSIGN: Automatically generate module signing keys if missing
MODSIGN: Provide module signing public keys to the kernel
MODSIGN: Implement module signature checking
MODSIGN: Provide a script for generating a key ID from an X.509 cert
MODSIGN: Sign modules during the build process
MODSIGN: Use the same digest for the autogen key sig as for the module sig
MODSIGN: Use utf8 strings in signer's name in autogenerated X.509 certs
MODSIGN: Fix 32-bit overflow in X.509 certificate validity date checking
X.509: Convert some printk calls to pr_devel
X.509: Fix indefinite length element skip error handling
Matthew Garrett (1):
module: taint kernel when lve module is loaded
Ralf Baechle (1):
MIPS: Fix module.c build for 32 bit
Randy Dunlap (1):
asymmetric keys: fix printk format warning
Rusty Russell (4):
module: fix symbol waiting when module fails before init
module: wait when loading a module which is currently initializing.
module: signature checking hook
MODSIGN: Make mrproper should remove generated files.
.gitignore | 14 +
Documentation/crypto/asymmetric-keys.txt | 312 ++++++
Documentation/kernel-parameters.txt | 6 +
Documentation/security/keys.txt | 50 +-
Makefile | 6 +-
arch/Kconfig | 19 +
arch/alpha/Kconfig | 2 +
arch/alpha/include/asm/module.h | 10 +-
arch/arm/Kconfig | 2 +
arch/arm/include/asm/module.h | 8 +-
arch/avr32/Kconfig | 2 +
arch/avr32/include/asm/module.h | 6 +-
arch/blackfin/Kconfig | 2 +
arch/blackfin/include/asm/module.h | 4 +-
arch/c6x/Kconfig | 1 +
arch/c6x/include/asm/module.h | 12 +-
arch/cris/Kconfig | 1 +
arch/cris/include/asm/Kbuild | 2 +
arch/cris/include/asm/module.h | 9 -
arch/frv/include/asm/module.h | 8 +-
arch/h8300/Kconfig | 1 +
arch/h8300/include/asm/Kbuild | 2 +
arch/h8300/include/asm/module.h | 11 -
arch/hexagon/Kconfig | 1 +
arch/ia64/Kconfig | 2 +
arch/ia64/include/asm/module.h | 6 +-
arch/m32r/Kconfig | 1 +
arch/m32r/include/asm/Kbuild | 2 +
arch/m32r/include/asm/module.h | 10 -
arch/m32r/kernel/module.c | 15 -
arch/m68k/Kconfig | 3 +
arch/m68k/include/asm/module.h | 6 +-
arch/microblaze/Kconfig | 1 +
arch/mips/Kconfig | 3 +
arch/mips/include/asm/module.h | 10 +-
arch/mips/kernel/Makefile | 1 +
arch/mips/kernel/module-rela.c | 145 +++
arch/mips/kernel/module.c | 121 +--
arch/mn10300/Kconfig | 1 +
arch/mn10300/include/asm/module.h | 7 +-
arch/openrisc/Kconfig | 1 +
arch/parisc/Kconfig | 2 +
arch/parisc/include/asm/module.h | 16 +-
arch/powerpc/Kconfig | 2 +
arch/powerpc/include/asm/module.h | 7 +-
arch/s390/Kconfig | 2 +
arch/s390/include/asm/module.h | 18 +-
arch/score/Kconfig | 2 +
arch/score/include/asm/module.h | 6 +-
arch/score/kernel/module.c | 10 -
arch/sh/Kconfig | 2 +
arch/sh/include/asm/module.h | 14 +-
arch/sparc/Kconfig | 1 +
arch/sparc/include/asm/Kbuild | 1 +
arch/sparc/include/asm/module.h | 24 -
arch/tile/Kconfig | 1 +
arch/unicore32/Kconfig | 1 +
arch/x86/Kconfig | 2 +
arch/x86/um/Kconfig | 2 +
arch/xtensa/Kconfig | 1 +
arch/xtensa/include/asm/module.h | 9 +-
crypto/Kconfig | 1 +
crypto/Makefile | 1 +
crypto/asymmetric_keys/.gitignore | 1 +
crypto/asymmetric_keys/Kconfig | 38 +
crypto/asymmetric_keys/Makefile | 27 +
crypto/asymmetric_keys/asymmetric_keys.h | 15 +
crypto/asymmetric_keys/asymmetric_type.c | 274 +++++
crypto/asymmetric_keys/public_key.c | 108 ++
crypto/asymmetric_keys/public_key.h | 30 +
crypto/asymmetric_keys/rsa.c | 277 ++++++
crypto/asymmetric_keys/signature.c | 49 +
crypto/asymmetric_keys/x509.asn1 | 60 ++
crypto/asymmetric_keys/x509_cert_parser.c | 496 +++++++++
crypto/asymmetric_keys/x509_parser.h | 36 +
crypto/asymmetric_keys/x509_public_key.c | 239 +++++
crypto/asymmetric_keys/x509_rsakey.asn1 | 4 +
fs/cifs/cifs_spnego.c | 6 +-
fs/cifs/cifsacl.c | 8 +-
include/asm-generic/bitops/count_zeros.h | 57 ++
include/asm-generic/module.h | 40 +-
include/crypto/public_key.h | 108 ++
include/keys/asymmetric-parser.h | 37 +
include/keys/asymmetric-subtype.h | 55 +
include/keys/asymmetric-type.h | 25 +
include/keys/user-type.h | 6 +-
include/linux/asn1.h | 67 ++
include/linux/asn1_ber_bytecode.h | 87 ++
include/linux/asn1_decoder.h | 24 +
include/linux/key-type.h | 35 +-
include/linux/module.h | 8 +
include/linux/moduleloader.h | 36 +-
include/linux/mpi.h | 1 +
include/linux/oid_registry.h | 92 ++
init/Kconfig | 68 ++
kernel/Makefile | 77 ++
kernel/modsign_pubkey.c | 113 +++
kernel/module-internal.h | 15 +
kernel/module.c | 157 ++-
kernel/module_signing.c | 243 +++++
lib/.gitignore | 2 +-
lib/Kconfig | 5 +
lib/Makefile | 18 +
lib/asn1_decoder.c | 487 +++++++++
lib/build_OID_registry | 209 ++++
lib/mpi/Makefile | 1 +
lib/mpi/longlong.h | 138 +--
lib/mpi/mpi-bit.c | 2 +-
lib/mpi/mpi-cmp.c | 70 ++
lib/mpi/mpi-pow.c | 4 +-
lib/mpi/mpicoder.c | 55 +
lib/oid_registry.c | 170 ++++
net/ceph/crypto.c | 9 +-
net/dns_resolver/dns_key.c | 6 +-
net/rxrpc/ar-key.c | 40 +-
scripts/.gitignore | 1 +
scripts/Makefile | 2 +
scripts/Makefile.build | 11 +
scripts/Makefile.modpost | 77 +-
scripts/asn1_compiler.c | 1545 +++++++++++++++++++++++++++++
scripts/sign-file | 115 +++
scripts/x509keyid | 268 +++++
security/keys/encrypted-keys/encrypted.c | 16 +-
security/keys/key.c | 114 ++-
security/keys/keyctl.c | 18 +-
security/keys/keyring.c | 6 +-
security/keys/request_key_auth.c | 8 +-
security/keys/trusted.c | 16 +-
security/keys/user_defined.c | 14 +-
129 files changed, 6803 insertions(+), 594 deletions(-)
create mode 100644 Documentation/crypto/asymmetric-keys.txt
delete mode 100644 arch/cris/include/asm/module.h
delete mode 100644 arch/h8300/include/asm/module.h
delete mode 100644 arch/m32r/include/asm/module.h
create mode 100644 arch/mips/kernel/module-rela.c
delete mode 100644 arch/sparc/include/asm/module.h
create mode 100644 crypto/asymmetric_keys/.gitignore
create mode 100644 crypto/asymmetric_keys/Kconfig
create mode 100644 crypto/asymmetric_keys/Makefile
create mode 100644 crypto/asymmetric_keys/asymmetric_keys.h
create mode 100644 crypto/asymmetric_keys/asymmetric_type.c
create mode 100644 crypto/asymmetric_keys/public_key.c
create mode 100644 crypto/asymmetric_keys/public_key.h
create mode 100644 crypto/asymmetric_keys/rsa.c
create mode 100644 crypto/asymmetric_keys/signature.c
create mode 100644 crypto/asymmetric_keys/x509.asn1
create mode 100644 crypto/asymmetric_keys/x509_cert_parser.c
create mode 100644 crypto/asymmetric_keys/x509_parser.h
create mode 100644 crypto/asymmetric_keys/x509_public_key.c
create mode 100644 crypto/asymmetric_keys/x509_rsakey.asn1
create mode 100644 include/asm-generic/bitops/count_zeros.h
create mode 100644 include/crypto/public_key.h
create mode 100644 include/keys/asymmetric-parser.h
create mode 100644 include/keys/asymmetric-subtype.h
create mode 100644 include/keys/asymmetric-type.h
create mode 100644 include/linux/asn1.h
create mode 100644 include/linux/asn1_ber_bytecode.h
create mode 100644 include/linux/asn1_decoder.h
create mode 100644 include/linux/oid_registry.h
create mode 100644 kernel/modsign_pubkey.c
create mode 100644 kernel/module-internal.h
create mode 100644 kernel/module_signing.c
create mode 100644 lib/asn1_decoder.c
create mode 100755 lib/build_OID_registry
create mode 100644 lib/mpi/mpi-cmp.c
create mode 100644 lib/oid_registry.c
create mode 100644 scripts/asn1_compiler.c
create mode 100644 scripts/sign-file
create mode 100755 scripts/x509keyid
On Wed, Oct 10, 2012 at 2:57 AM, Rusty Russell <[email protected]> wrote:
>
> ----------------------------------------------------------------
> module signing is the highlight, but it's an all-over David Howells frenzy...
>
> ----------------------------------------------------------------
Hmm. What happened here? It *looks* from your pull request like you
had a tag, and you usually do, but there's no tag anywhere..
I've pulled and resolved the branch, and I'm going through it now, but
I'd like this verified before I push out if it all looks fine..
Linus
On Sun, Oct 14, 2012 at 1:11 PM, Linus Torvalds
<[email protected]> wrote:
>
> I've pulled and resolved the branch, and I'm going through it now, but
> I'd like this verified before I push out if it all looks fine..
Hmm. So this thing makes me wonder:
/* Not having a signature is only an error if we're strict. */
if (err < 0 && fips_enabled)
panic("Module verification failed with error %d in FIPS mode\n",
err);
do we really want to panic (even in fips_enabled mode)?
Sounds like it will just kill the machine if we ever end up having an
unsigned module by mistake anywhere.
I realize that fips_enabled is only for crazy people, but it's exactly
code like this that limits it to only crazy people. Is there some
*reason* for this?
Linus
> I realize that fips_enabled is only for crazy people, but it's exactly
> code like this that limits it to only crazy people. Is there some
> *reason* for this?
Presumably its so a typical server with reboot on panic will reboot so
the attacker can hide the attempt better ;-)
Alan
Linus Torvalds <[email protected]> wrote:
> Hmm. So this thing makes me wonder:
>
> /* Not having a signature is only an error if we're strict. */
> if (err < 0 && fips_enabled)
> panic("Module verification failed with error %d in FIPS mode\n",
> err);
>
> do we really want to panic (even in fips_enabled mode)?
That's what the FIPS people want. As I understand it, if there's some
indication that the crypto stuff is compromised, the box should be shut down
immediately.
I've added Stephan Mueller to see if he can illuminate further.
David
On 15.10.2012 09:50:54, +0200, David Howells <[email protected]> wrote:
Hi David,
> Linus Torvalds <[email protected]> wrote:
>
>> Hmm. So this thing makes me wonder:
>>
>> /* Not having a signature is only an error if we're strict. */
>> if (err < 0 && fips_enabled)
>> panic("Module verification failed with error %d in FIPS mode\n",
>> err);
>>
>> do we really want to panic (even in fips_enabled mode)?
>
> That's what the FIPS people want. As I understand it, if there's some
> indication that the crypto stuff is compromised, the box should be shut down
> immediately.
>
> I've added Stephan Mueller to see if he can illuminate further.
>
> David
>
The requirement for a FIPS 140-2 module is to disable the entire module
if any component of its self test or integrity test failed.
In the kernel, we have the FIPS 140-2 module of the kernel crypto API
(the API itself plus the relevant kernel modules implementing the
ciphers, block chaining modes, etc). Therefore, the requirement would be
translated into the following: the kernel crypto API must be disabled if
any of the self test or integrity tests failed. The self tests are the
known answer tests in the kernel crypto API test manager. The integrity
tests are the DSA signature checks of the kernel modules (at least the
kernel crypto API ones) plus the static kernel binary itself (for the
static kernel crypto API part -- this is done outside the kernel).
The requirement to disable the module implies that the module is
technically unavailable.
There are two solutions that were contemplated for disabling the module:
having a kind of global status of the crypto API that makes it
non-responsive in case of an integrity/self-test error. The other
solution is to simply terminate the entire kernel. As the former one
also will lead to a kernel failure eventually as many parts of the
kernel depend on the crypto API, the implementation of the latter option
was chosen.
Linus Torvalds <[email protected]> writes:
> On Wed, Oct 10, 2012 at 2:57 AM, Rusty Russell <[email protected]> wrote:
>>
>> ----------------------------------------------------------------
>> module signing is the highlight, but it's an all-over David Howells frenzy...
>>
>> ----------------------------------------------------------------
>
> Hmm. What happened here? It *looks* from your pull request like you
> had a tag, and you usually do, but there's no tag anywhere..
>
> I've pulled and resolved the branch, and I'm going through it now, but
> I'd like this verified before I push out if it all looks fine..
>
> Linus
Ah, I missed pushing the tag. I used to fabricate a git tree for you
from my quilt series, and that script did the right thing.
Thanks,
Rusty.