On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote:
> Async hash API allows to use HW acceleration for hash calculation.
> It may give significant performance gain or/and reduce power consumption,
> which might be very beneficial for battery powered devices.
>
> This patch introduces hash c
On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote:
> Async hash API allows to use HW acceleration for hash calculation.
> It may give significant performance gain or/and reduce power consumption,
> which might be very beneficial for battery powered devices.
>
> This patch introduces hash ca
On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote:
> Asynchronous hash API allows initiate hash calculation and perform
> other tasks while hash is calculated.
>
> This patch introduces usage of double buffering for simultenous
^simul
On Mon, 2014-06-30 at 17:58 +0300, Dmitry Kasatkin wrote:
> On 26/06/14 14:54, Mimi Zohar wrote:
> > On Thu, 2014-06-19 at 18:20 +0300, Dmitry Kasatkin wrote:
> >> @@ -156,7 +316,7 @@ out:
> >>return rc;
> >> }
> >>
> >> -int ima_ca
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
> Async hash API allows to use HW acceleration for hash calculation.
> It may give significant performance gain or/and reduce power consumption,
> which might be very beneficial for battery powered devices.
>
> This patch introduces hash c
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
> -/*
> - * Calculate the MD5/SHA1 file digest
> - */
> +static struct crypto_ahash *ima_alloc_atfm(enum hash_algo algo)
> +{
> + struct crypto_ahash *tfm = ima_ahash_tfm;
> + int rc;
> +
> + if ((algo != ima_hash_algo && algo <
On Wed, 2014-07-02 at 21:20 +0300, Dmitry Kasatkin wrote:
> On 2 July 2014 19:40, Mimi Zohar wrote:
> > On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
> >> Async hash API allows to use HW acceleration for hash calculation.
> >> It may give significant per
On Wed, 2014-07-02 at 21:21 +0300, Dmitry Kasatkin wrote:
> On 2 July 2014 20:44, Mimi Zohar wrote:
> > On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
> >
> >> -/*
> >> - * Calculate the MD5/SHA1 file digest
> >> - */
> >> +static
On Tue, 2014-07-01 at 23:12 +0300, Dmitry Kasatkin wrote:
> Use of multiple-page collect buffers reduces:
> 1) the number of block IO requests
> 2) the number of asynchronous hash update requests
>
> Second is important for HW accelerated hashing, because significant
> amount of time is spent for
On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote:
> Async hash API allows to use HW acceleration for hash calculation.
> It may give significant performance gain or/and reduce power consumption,
> which might be very beneficial for battery powered devices.
>
> This patch introduces hash c
On Mon, 2014-07-07 at 16:37 +0300, Dmitry Kasatkin wrote:
> On 07/07/14 14:56, Mimi Zohar wrote:
> > On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote:
> >>
> >> +/**
> > This is the kernel-doc delimiter.
> >
> >> + * ima_calc_file_hash
On Mon, 2014-07-07 at 19:11 +0300, Dmitry Kasatkin wrote:
> On 07/07/14 18:44, Mimi Zohar wrote:
> > On Mon, 2014-07-07 at 16:37 +0300, Dmitry Kasatkin wrote:
> >> On 07/07/14 14:56, Mimi Zohar wrote:
> >>> On Fri, 2014-07-04 at 15:05 +0300, Dmitry Kasatkin wrote:
On Mon, 2014-09-08 at 07:25 -0500, Behan Webster wrote:
> On 09/08/14 04:15, Dmitry Kasatkin wrote:
> > On 07/09/14 05:06, Behan Webster wrote:
> >> On 09/06/14 03:11, Thomas Gleixner wrote:
> >>> On Fri, 5 Sep 2014, Behan Webster wrote:
> On 09/05/14 17:18, Thomas Gleixner wrote:
> >> Si
Hi Thiago,
On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote:
> Even though struct evm_ima_xattr_data includes a fixed-size array to hold a
> SHA1 digest, most of the code ignores the array and uses the struct to mean
> "type indicator followed by data of unspecified size" and tracks
On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote:
> This patch introduces the modsig keyword to the IMA policy syntax to
> specify that a given hook should expect the file to have the IMA signature
> appended to it. Here is how it can be used in a rule:
>
> appraise func=KEXEC_KERNEL
On Wed, 2017-08-02 at 14:42 -0300, Thiago Jung Bauermann wrote:
> Mimi Zohar writes:
>
> > On Thu, 2017-07-06 at 19:17 -0300, Thiago Jung Bauermann wrote:
> >> --- a/security/integrity/ima/ima_appraise.c
> >> +++ b/security/integrity/ima/ima_appraise.c
On Wed, 2017-08-02 at 18:52 -0400, Mimi Zohar wrote:
> On Wed, 2017-08-02 at 14:42 -0300, Thiago Jung Bauermann wrote:
> > Mimi Zohar writes:
> > >> @@ -229,8 +251,24 @@ int ima_appraise_measurement(enum ima_hooks func,
> > &
On Fri, 2017-08-04 at 19:03 -0300, Thiago Jung Bauermann wrote:
> This patch introduces the modsig keyword to the IMA policy syntax to
> specify that a given hook should expect the file to have the IMA signature
> appended to it. Here is how it can be used in a rule:
>
> appraise func=KEXEC_KERNEL
> diff --git a/security/integrity/ima/ima_appraise.c
> b/security/integrity/ima/ima_appraise.c
> index 87d2b601cf8e..5a244ebc61d9 100644
> --- a/security/integrity/ima/ima_appraise.c
> +++ b/security/integrity/ima/ima_appraise.c
> @@ -190,6 +190,64 @@ int ima_read_xattr(struct dentry *dentry,
>
On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote:
> diff --git a/security/integrity/ima/ima_main.c
> b/security/integrity/ima/ima_main.c
> index 6a2d960fbd92..0d3390de7432 100644
> --- a/security/integrity/ima/ima_main.c
> +++ b/security/integrity/ima/ima_main.c
> @@ -246,7 +246,35
DULE_SIG_FORMAT option so that IMA can select it
> and be able to use validate_module_signature without having to depend on
> CONFIG_MODULE_SIG.
>
> Signed-off-by: Thiago Jung Bauermann
Reviewed-by: Mimi Zohar
One minor comment below...
> ---
> include/linux/module.h
rify an already parsed PKCS#7 message. For this
> purpose, add function verify_pkcs7_message_signature which takes a struct
> pkcs7_message for verification instead of the raw bytes that
> verify_pkcs7_signature takes.
>
> Signed-off-by: Thiago Jung Bauermann
Reviewed-b
On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote:
> Hello,
>
> The main highlight in this version is that it fixes a bug where the modsig
> wasn't being included in the measurement list if the appraised file was
> already measured by another rule. The fix is in the last patch.
>
> A
On Thu, 2017-10-26 at 20:47 -0200, Thiago Jung Bauermann wrote:
> Mimi Zohar writes:
>
> > On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote:
> >> IMA will use the module_signature format for append signatures, so export
> >> the relevant definitions
On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote:
Below are a few additional comments.
> @@ -200,18 +239,28 @@ int ima_read_xattr(struct dentry *dentry,
> */
> int ima_appraise_measurement(enum ima_hooks func,
>struct integrity_iint_cache *iint,
> -
On Wed, 2016-01-27 at 11:04 +0100, Steffen Trumtrar wrote:
> Hi!
>
> Mimi Zohar writes:
>
> > On Mon, 2015-11-09 at 16:18 +0100, Steffen Trumtrar wrote:
> >> Hi!
> >>
> >> The RFC Patch attached after this cover letter is mostly for illustration
Hi Herbert,
On Mon, 2016-02-08 at 13:58 +, David Howells wrote:
> Herbert Xu wrote:
>
> > > Hmmm... That means that the crypto branch and the security branch are
> > > going
> > > to conflict.
> >
> > I thought you were OK with it going in now as you said that you'll
> > fix it up later.
Hi Herbert,
The initial random iv value, initialized in encrypted_init(), should
not be modified. Commit c3917fd "KEYS: Use skcipher", which replaced
the blkcipher with skcipher, modifies the iv in
crypto_skcipher_encrypt()/decrypt().
The following example creates an encrypted key, writes the ke
On Tue, 2016-09-20 at 20:35 +0800, Herbert Xu wrote:
> On Tue, Sep 20, 2016 at 08:11:51AM -0400, Mimi Zohar wrote:
> > Hi Herbert,
> >
> > The initial random iv value, initialized in encrypted_init(), should
> > not be modified. Commit c3917fd "KEYS: Use s
On Wed, 2015-10-21 at 16:13 +0100, David Howells wrote:
> Here's a set of patches that changes how keys are determined to be trusted
> - currently, that's a case of whether a key has KEY_FLAG_TRUSTED set upon
> it. A keyring can then have a flag set (KEY_FLAG_TRUSTED ONLY) that
> indicates that on
On Wed, 2015-10-21 at 13:21 -0400, Josh Boyer wrote:
> On Wed, Oct 21, 2015 at 1:02 PM, Mimi Zohar wrote:
> > On Wed, 2015-10-21 at 16:13 +0100, David Howells wrote:
> >> Here's a set of patches that changes how keys are determined to be trusted
> >> - currently
On Wed, 2015-10-21 at 14:21 -0400, Josh Boyer wrote:
> On Wed, Oct 21, 2015 at 2:11 PM, Mimi Zohar wrote:
> > On Wed, 2015-10-21 at 13:21 -0400, Josh Boyer wrote:
> >> On Wed, Oct 21, 2015 at 1:02 PM, Mimi Zohar
> >> wrote:
> >> > On Wed, 2015-10
On Mon, 2015-11-09 at 16:18 +0100, Steffen Trumtrar wrote:
> Hi!
>
> The RFC Patch attached after this cover letter is mostly for illustration
> purposes, so please don't waste too much time reviewing the code ;-)
>
> For context I'll try to describe the problem that this patch tries to solve.
>
On Fri, 2015-11-20 at 11:07 +, David Howells wrote:
> Hi Marcel, Mimi, Tadeus,
>
> I want to consider adding or doing the following bits to the keyrings
> facility, aiming for the next merge window:
>
> (*) Bring in the patches that I posted to change how the trust model on a
> keyring
On Sun, 2015-11-22 at 09:41 -0500, Mimi Zohar wrote:
> On Fri, 2015-11-20 at 11:07 +, David Howells wrote:
> >
> > (*) Add Mimi's patches to allow keys/keyrings to be marked undeletable.
> > This
> > is for the purpose of creating black
On Wed, 2015-12-09 at 15:52 -0800, Tadeusz Struk wrote:
> This patch set converts the module verification and digital signature
> code to the new akcipher API.
> RSA implementation has been removed from crypto/asymmetric_keys and the
> new API is used for cryptographic primitives.
> There is no nee
On Thu, 2015-12-10 at 10:39 -0800, Tadeusz Struk wrote:
> Hi Mimi,
> On 12/10/2015 10:25 AM, Mimi Zohar wrote:
> >> This patch set converts the module verification and digital signature
> >> > code to the new akcipher API.
> >> > RSA implementation has been
On Thu, 2015-12-10 at 14:37 -0500, Mimi Zohar wrote:
> On Thu, 2015-12-10 at 10:39 -0800, Tadeusz Struk wrote:
> > Hi Mimi,
> > On 12/10/2015 10:25 AM, Mimi Zohar wrote:
> > >> This patch set converts the module verification and digital signature
> > >> >
On Sat, 2015-12-12 at 18:26 -0800, Tadeusz Struk wrote:
> Convert asymmetric_verify to akcipher api.
>
> Signed-off-by: Tadeusz Struk
> ---
> security/integrity/Kconfig |1 +
> security/integrity/digsig_asymmetric.c | 10 +++---
> 2 files changed, 4 insertions(+), 7 deletio
On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote:
> If the func_tokens array uses the same indices as enum ima_hooks,
> policy_func_show can be a lot simpler, and the func_* enum becomes
> unnecessary.
My main concern with separating the enumeration from the string
definition is that
On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote:
> IMA will use the module_signature format for append signatures, so export
> the relevant definitions and factor out the code which verifies that the
> appended signature trailer is valid.
>
> Also, create a CONFIG_MODULE_SIG_FORMAT
On Thu, 2017-04-20 at 17:40 -0300, Thiago Jung Bauermann wrote:
> Am Donnerstag, 20. April 2017, 08:13:23 BRT schrieb Mimi Zohar:
> > On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote:
> > > If the func_tokens array uses the same indices as enum ima_hooks,
> >
Hi Thiago,
On Tue, 2017-04-18 at 17:17 -0300, Thiago Jung Bauermann wrote:
> This patch introduces the appended_imasig keyword to the IMA policy syntax
> to specify that a given hook should expect the file to have the IMA
> signature appended to it. Here is how it can be used in a rule:
>
> appr
On Sat, 2017-05-06 at 15:59 +0300, Gilad Ben-Yossef wrote:
> ima starts several async. crypto ops and waits for their completions.
> Move it over to generic code doing the same.
>
> Signed-off-by: Gilad Ben-Yossef
Acked-by: Mimi Zohar
> ---
> security/integrity/ima
Hi Thiago,
On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote:
> This patch introduces the modsig keyword to the IMA policy syntax to
> specify that a given hook should expect the file to have the IMA signature
> appended to it. Here is how it can be used in a rule:
>
> appraise func=
e_id_str we can
> use one hooks list for both the enum and the string array, making sure they
> are always in sync (suggested by Mimi Zohar).
>
> Finally, by using the printf pattern for the function token directly
> instead of using the pt macro we can simplify policy_func_show even
On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote:
> If the file doesn't have an xattr, ima_appraise_measurement sets cause to
> "missing-hash" while if there's an xattr but it's a digest instead of a
> signature it sets cause to "IMA-signature-required".
>
> Fix it by setting cause t
On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote:
> These changes are too small to warrant their own patches:
>
> The keyid and sig_size members of struct signature_v2_hdr are in BE format,
> so use a type that makes this assumption explicit. Also, use beXX_to_cpu
> instead of __beXX
On Wed, 2017-06-21 at 14:45 -0300, Thiago Jung Bauermann wrote:
> Hello Mimi,
>
> Thanks for your review, and for queuing the other patches in this series.
>
> Mimi Zohar writes:
> > On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote:
> >> This patch in
On Tue, 2017-07-04 at 23:22 -0300, Thiago Jung Bauermann wrote:
> Mimi Zohar writes:
>
> > On Wed, 2017-06-21 at 14:45 -0300, Thiago Jung Bauermann wrote:
> >> Mimi Zohar writes:
> >> > On Wed, 2017-06-07 at 22:49 -0300, Thiago Jung Bauermann wrote:
Similar to the kgdb_hex2mem() code, hex2bin converts a string
to binary using the hex_to_bin() library call.
Signed-off-by: Mimi Zohar
---
include/linux/kernel.h |1 +
lib/hexdump.c | 16
2 files changed, 17 insertions(+), 0 deletions(-)
diff --git a/include
Other uses for trusted and encrypted
keys, such as for disk and file encryption are anticipated.
Mimi Zohar
Dave Safford
Mimi Zohar (4):
lib: hex2bin converts ascii hexadecimal string to binary
key: add tpm_send command
keys: add new trusted key-type
keys: add new key-type encrypted
driver
Add internal kernel tpm_send() command used to seal/unseal keys.
Signed-off-by: David Safford
Reviewd-by: Mimi Zohar
---
drivers/char/tpm/tpm.c | 17 +
include/linux/tpm.h|3 +++
2 files changed, 20 insertions(+), 0 deletions(-)
diff --git a/drivers/char/tpm/tpm.c b
pted blobs.
Signed-off-by: David Safford
Signed-off-by: Mimi Zohar
---
include/keys/trusted-type.h | 33 ++
security/Kconfig| 16 +
security/keys/Makefile |1 +
security/keys/trusted_defined.c | 997 +++
security/keys/trusted
type.h
new file mode 100644
index 000..e2312e0
--- /dev/null
+++ b/include/keys/encrypted-type.h
@@ -0,0 +1,30 @@
+/* encrypted-type.h: encrypted-defined key type
+ *
+ * Copyright (C) 2010 IBM Corporation
+ * Author: Mimi Zohar
+ *
+ * This program is free software; you can redistribute it
get_random_bytes(epayload->iv, ivsize);
>
> @@ -564,7 +565,9 @@ static int encrypted_init(struct encrypted_key_payload
> *epayload,
>epayload->decrypted_datalen);
> } else
> ret = encrypted_key_decrypt(epayload, hex_encoded_iv,
> -
On Wed, 2010-09-29 at 14:40 +0200, Roberto Sassu wrote:
> On Wednesday, September 29, 2010 01:57:36 pm Mimi Zohar wrote:
> > On Wed, 2010-09-29 at 12:00 +0200, Roberto Sassu wrote:
> > > When a new encrypted key is created through the keyctl utility, the master
> > > ke
On Wed, 2010-09-29 at 13:11 +0100, David Howells wrote:
> Mimi Zohar wrote:
>
> > --- a/lib/hexdump.c
> > +++ b/lib/hexdump.c
> > @@ -34,6 +34,22 @@ int hex_to_bin(char ch)
> > EXPORT_SYMBOL(hex_to_bin);
> >
> > /**
> > + * hex2bin - c
Hi,
Looking at different examples of the same crypto call, it's unclear
whether it only returns negative error values. Some examples only test
for negative values, while others test for not 0. tcrypt.c does "if
(ret)". Would appreciate some clarification.
thanks,
Mimi
--
To unsubscribe from th
ot been compromised by a user level problem,
and when sealed to specific boot PCR values, protects against
boot and offline attacks. Other uses for trusted and encrypted
keys, such as for disk and file encryption are anticipated.
Mimi Zohar
Dave Safford
Mimi Zohar (4):
lib: hex2bin converts asci
Similar to the kgdb_hex2mem() code, hex2bin converts a string
to binary using the hex_to_bin() library call.
Signed-off-by: Mimi Zohar
---
include/linux/kernel.h |1 +
lib/hexdump.c | 16
2 files changed, 17 insertions(+), 0 deletions(-)
diff --git a/include
Add internal kernel tpm_send() command used to seal/unseal keys.
Signed-off-by: David Safford
Reviewd-by: Mimi Zohar
Acked-by: Rajiv Andrade
---
drivers/char/tpm/tpm.c | 17 +
include/linux/tpm.h|3 +++
2 files changed, 20 insertions(+), 0 deletions(-)
diff --git a
pted blobs.
Signed-off-by: David Safford
Signed-off-by: Mimi Zohar
---
include/keys/trusted-type.h | 33 ++
security/Kconfig| 15 +
security/keys/Makefile |1 +
security/keys/trusted_defined.c | 997 +++
security/keys/trusted
.
Changelog:
- wait until late_initcall for crypto libraries to be registered
- cleanup security/Kconfig
Signed-off-by: Mimi Zohar
Signed-off-by: David Safford
---
include/keys/encrypted-type.h | 30 ++
security/Kconfig | 16 +
security/keys/Makefile|
Nice! This patch applies cleanly to the trusted/encrypted patch set
posted today.
thanks,
Acked-by: Mimi Zohar
On Thu, 2010-10-07 at 14:29 +0200, Roberto Sassu wrote:
> This patch adds the UPDATE keyword for encrypted key types:
> prevents updating existent keys if UPDATE is missi
Thanks for catching this! This patch applies cleanly to the
trusted/encrypted patch set posted today.
thanks,
Acked-by: Mimi Zohar
On Thu, 2010-10-07 at 14:30 +0200, Roberto Sassu wrote:
> This patch frees the payload at the end of the instantiate
> method of both trusted and encrypt
On Sat, 2010-10-09 at 09:29 +0800, Herbert Xu wrote:
> Mimi Zohar wrote:
> > Hi,
> >
> > Looking at different examples of the same crypto call, it's unclear
> > whether it only returns negative error values. Some examples only test
> > for negative values,
t
boot and offline attacks. Other uses for trusted and encrypted
keys, such as for disk and file encryption are anticipated.
Mimi Zohar
Dave Safford
Mimi Zohar (4):
lib: hex2bin converts ascii hexadecimal string to binary
key: add tpm_send command
keys: add new trusted key-type
keys: add new
Similar to the kgdb_hex2mem() code, hex2bin converts a string
to binary using the hex_to_bin() library call.
Signed-off-by: Mimi Zohar
---
include/linux/kernel.h |1 +
lib/hexdump.c | 16
2 files changed, 17 insertions(+), 0 deletions(-)
diff --git a/include
Add internal kernel tpm_send() command used to seal/unseal keys.
Signed-off-by: David Safford
Reviewd-by: Mimi Zohar
Acked-by: Rajiv Andrade
---
drivers/char/tpm/tpm.c | 17 +
include/linux/tpm.h|3 +++
2 files changed, 20 insertions(+), 0 deletions(-)
diff --git a
pted blobs.
Changelog:
- Free payload on failure to create key(reported/fixed by Roberto Sassu)
Signed-off-by: David Safford
Signed-off-by: Mimi Zohar
---
include/keys/trusted-type.h | 33 ++
security/Kconfig| 15 +
security/keys/Makefile |1 +
sec
Roberto Sassu)
- Crypto return codes are always 0 on success and negative on failure,
remove unnecessary tests.
Signed-off-by: Mimi Zohar
Signed-off-by: David Safford
Reviewed-by: Roberto Sassu
---
include/keys/encrypted-type.h | 30 ++
security/Kconfig |
On Mon, 2010-10-11 at 20:22 -0500, Serge E. Hallyn wrote:
> Quoting Mimi Zohar (zo...@linux.vnet.ibm.com):
>
> Looks fine to me, and very useful.
>
> Acked-by: Serge E. Hallyn
>
> (for 1-3, haven't looked at 4 yet and won't tonight)
Thanks Serge!
> >
On Tue, 2010-11-02 at 10:30 +0100, Roberto Sassu wrote:
> The buffer 'derived_buf' in the function get_derived_key() must be
> allocated dynamically in order to make room for an arbitrary length
> master key.
>
> Signed-off-by: Roberto Sassu
> ---
> security/keys/encrypted_defined.c | 15 +
Similar to the kgdb_hex2mem() code, hex2bin converts a string
to binary using the hex_to_bin() library call.
Signed-off-by: Mimi Zohar
Acked-by: Serge E. Hallyn
---
include/linux/kernel.h |1 +
lib/hexdump.c | 16
2 files changed, 17 insertions(+), 0 deletions
which at boot time
needs a high quality symmetric key for HMAC protection of file
metadata. The use of a trusted key provides strong guarantees
that the EVM key has not been compromised by a user level problem,
and when sealed to specific boot PCR values, protects against
boot and offline attacks. Oth
ed Kconfig and other descriptions (based on Serge Hallyn's suggestion)
- Replaced kzalloc() with kmalloc() (reported by Serge Hallyn)
Signed-off-by: David Safford
Signed-off-by: Mimi Zohar
---
include/keys/trusted-type.h | 32 ++
security/Kconfig| 15 +
security/keys/Makefile
Add internal kernel tpm_send() command used to seal/unseal keys.
Signed-off-by: David Safford
Reviewd-by: Mimi Zohar
Acked-by: Rajiv Andrade
Acked-by: Serge E. Hallyn
---
drivers/char/tpm/tpm.c | 17 +
include/linux/tpm.h|3 +++
2 files changed, 20 insertions(+), 0
ailure to create key (reported/fixed by Roberto Sassu)
- Increase the data size limit (requested by Roberto Sassu)
- Crypto return codes are always 0 on success and negative on failure,
remove unnecessary tests.
- Replaced kzalloc() with kmalloc()
Signed-off-by: Mimi Zohar
Signed-off-by: David
ot PCR values, protects against
boot and offline attacks. Other uses for trusted and encrypted
keys, such as for disk and file encryption are anticipated.
Mimi Zohar
David Safford
Mimi Zohar (4):
lib: hex2bin converts ascii hexadecimal string to binary
key: add tpm_send command
keys: add new
Similar to the kgdb_hex2mem() code, hex2bin converts a string
to binary using the hex_to_bin() library call.
Signed-off-by: Mimi Zohar
Acked-by: Serge E. Hallyn
---
include/linux/kernel.h |1 +
lib/hexdump.c | 16
2 files changed, 17 insertions(+), 0 deletions
on failure to create key(reported/fixed by Roberto Sassu)
- Updated Kconfig and other descriptions (based on Serge Hallyn's suggestion)
- Replaced kzalloc() with kmalloc() (reported by Serge Hallyn)
Signed-off-by: David Safford
Signed-off-by: Mimi Zohar
---
include/keys/trusted-type.
Add internal kernel tpm_send() command used to seal/unseal keys.
Signed-off-by: David Safford
Reviewd-by: Mimi Zohar
Acked-by: Rajiv Andrade
Acked-by: Serge E. Hallyn
---
drivers/char/tpm/tpm.c | 17 +
include/linux/tpm.h|3 +++
2 files changed, 20 insertions(+), 0
ailure to create key (reported/fixed by Roberto Sassu)
- Increase the data size limit (requested by Roberto Sassu)
- Crypto return codes are always 0 on success and negative on failure,
remove unnecessary tests.
- Replaced kzalloc() with kmalloc()
Signed-off-by: Mimi Zohar
Signed-off-by: David
On Thu, 2010-11-11 at 19:48 +, David Howells wrote:
> Mimi Zohar wrote:
>
> > +void hex2bin(unsigned char *mem, char *buf, int count)
>
> I think this needs a little adjustment. I would recommend something like the
> following declaration:
>
> void hex2bi
On Thu, 2010-11-11 at 19:48 +, David Howells wrote:
> Mimi Zohar wrote:
>
> > Reviewd-by: Mimi Zohar
>
> You've missed an 'e'.
thanks, will fix
> > +int tpm_send(u32 chip_num, char *cmd, int buflen)
> > +{
> > ...
> > +
On Fri, 2010-11-12 at 19:45 +, David Howells wrote:
> Mimi Zohar wrote:
>
> > Defines a new kernel key-type called 'encrypted'. Encrypted keys are
>
> Many of the comments I made against patch #3 also apply here. Use 'Define'
> rather than '
On Fri, 2010-11-12 at 21:23 +, David Howells wrote:
> Mimi Zohar wrote:
>
> > > Why do you allow the master key to be supplied by a user-defined key
> > > rather
> > > than requiring a trusted-key unconditionally?
> >
> > This is for systems wit
On Mon, 2010-11-15 at 16:18 +, David Howells wrote:
> Mimi Zohar wrote:
> > > But if you're going to use a user-defined key, you really need to prefix
> > > the description with something suitable.
> >
> > Agreed. So instead of:
> > keyctl ad
On Tue, 2010-11-16 at 17:50 +, David Howells wrote:
> Mimi Zohar wrote:
>
> > I actually like keyctl requiring 'trusted:' or 'user:'. Forcing the
> > user to indicate which type of key they want, is actually good - no
> > misunderstandings.
>
On Tue, 2010-11-16 at 17:50 +, David Howells wrote:
> Mimi Zohar wrote:
>
> > I actually like keyctl requiring 'trusted:' or 'user:'. Forcing the
> > user to indicate which type of key they want, is actually good - no
> > misunderstandings.
>
e
of a trusted key provides strong guarantees that the EVM key has not
been compromised by a user level problem, and when sealed to specific
boot PCR values, protects against boot and offline attacks. Other uses
for trusted and encrypted keys, such as for disk and file encryption are
anticipated.
M
ze_t (based on David Howell's comment)
Signed-off-by: Mimi Zohar
Acked-by: Serge E. Hallyn
---
include/linux/kernel.h |1 +
lib/hexdump.c | 16
2 files changed, 17 insertions(+), 0 deletions(-)
diff --git a/include/linux/kernel.h b/include/linux/kernel.h
inde
For readability, define a tpm_chip_put() wrapper to call module_put().
Replace existing module_put() calls with the wrapper.
(Change based on trusted/encrypted patchset review by David Howells.)
Signed-off-by: Mimi Zohar
Signed-off-by: David Safford
---
drivers/char/tpm/tpm.c |4
e key(reported/fixed by Roberto Sassu)
- Updated Kconfig and other descriptions (based on Serge Hallyn's suggestion)
- Replaced kzalloc() with kmalloc() (reported by Serge Hallyn)
Signed-off-by: David Safford
Signed-off-by: Mimi Zohar
---
Documentation/keys-trusted-encrypted.txt | 68
cess and negative on failure,
remove unnecessary tests.
- Replaced kzalloc() with kmalloc()
Signed-off-by: Mimi Zohar
Signed-off-by: David Safford
Reviewed-by: Roberto Sassu
---
include/keys/encrypted-type.h | 29 ++
security/Kconfig | 16 +
security/keys/Makefile
Add internal kernel tpm_send() command used to seal/unseal keys.
Changelog:
- replaced module_put in tpm_send() with new tpm_chip_put() wrapper
(suggested by David Howells)
- Make tpm_send() cmd argument a 'void *' (suggested by David Howells)
Signed-off-by: David Safford
Signed-of
On Tue, 2010-11-16 at 14:08 +, David Howells wrote:
> Mimi Zohar wrote:
>
> > Am assuming you mean something like this:
> >
> > keyctl add encrypted name "new trusted:master-key-name keylen" ring
> > keyctl add encrypted name "new user:master-ke
On Fri, 2010-11-19 at 16:43 +, David Howells wrote:
> Mimi Zohar wrote:
>
> > +static int datablob_format(char __user *buffer,
> > + struct encrypted_key_payload *epayload,
> > + int asciiblob_len)
>
> size_t? There
Hi!
Am having problems finding any shash API documentation. Could someone
tell me if 'out' needs to be zeroed before calling crypto_shash_digest?
int crypto_shash_digest(struct shash_desc *desc, const u8 *data,
unsigned int len, u8 *out)
thanks,
Mimi
--
To unsubscribe
1 - 100 of 200 matches
Mail list logo
