| system_keyring.c (77f68bac9481ad440f4f34dda3d28c2dce6eb87b) | system_keyring.c (d3bfe84129f65e0af2450743ebdab33d161d01c9) |
|---|---|
| 1/* System trusted keyring for trusted public keys 2 * 3 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public Licence 8 * as published by the Free Software Foundation; either version --- 4 unchanged lines hidden (view full) --- 13#include <linux/kernel.h> 14#include <linux/sched.h> 15#include <linux/cred.h> 16#include <linux/err.h> 17#include <keys/asymmetric-type.h> 18#include <keys/system_keyring.h> 19#include <crypto/pkcs7.h> 20 | 1/* System trusted keyring for trusted public keys 2 * 3 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public Licence 8 * as published by the Free Software Foundation; either version --- 4 unchanged lines hidden (view full) --- 13#include <linux/kernel.h> 14#include <linux/sched.h> 15#include <linux/cred.h> 16#include <linux/err.h> 17#include <keys/asymmetric-type.h> 18#include <keys/system_keyring.h> 19#include <crypto/pkcs7.h> 20 |
| 21static struct key *system_trusted_keyring; | 21static struct key *builtin_trusted_keys; 22#ifdef CONFIG_SECONDARY_TRUSTED_KEYRING 23static struct key *secondary_trusted_keys; 24#endif |
| 22 23extern __initconst const u8 system_certificate_list[]; 24extern __initconst const unsigned long system_certificate_list_size; 25 26/** | 25 26extern __initconst const u8 system_certificate_list[]; 27extern __initconst const unsigned long system_certificate_list_size; 28 29/** |
| 27 * restrict_link_by_builtin_trusted - Restrict keyring addition by system CA | 30 * restrict_link_to_builtin_trusted - Restrict keyring addition by built in CA |
| 28 * 29 * Restrict the addition of keys into a keyring based on the key-to-be-added | 31 * 32 * Restrict the addition of keys into a keyring based on the key-to-be-added |
| 30 * being vouched for by a key in the system keyring. | 33 * being vouched for by a key in the built in system keyring. |
| 31 */ 32int restrict_link_by_builtin_trusted(struct key *keyring, 33 const struct key_type *type, 34 const union key_payload *payload) 35{ | 34 */ 35int restrict_link_by_builtin_trusted(struct key *keyring, 36 const struct key_type *type, 37 const union key_payload *payload) 38{ |
| 36 return restrict_link_by_signature(system_trusted_keyring, 37 type, payload); | 39 return restrict_link_by_signature(builtin_trusted_keys, type, payload); |
| 38} 39 | 40} 41 |
| 42#ifdef CONFIG_SECONDARY_TRUSTED_KEYRING 43/** 44 * restrict_link_by_builtin_and_secondary_trusted - Restrict keyring 45 * addition by both builtin and secondary keyrings 46 * 47 * Restrict the addition of keys into a keyring based on the key-to-be-added 48 * being vouched for by a key in either the built-in or the secondary system 49 * keyrings. 50 */ 51int restrict_link_by_builtin_and_secondary_trusted( 52 struct key *keyring, 53 const struct key_type *type, 54 const union key_payload *payload) 55{ 56 /* If we have a secondary trusted keyring, then that contains a link 57 * through to the builtin keyring and the search will follow that link. 58 */ 59 if (type == &key_type_keyring && 60 keyring == secondary_trusted_keys && 61 payload == &builtin_trusted_keys->payload) 62 /* Allow the builtin keyring to be added to the secondary */ 63 return 0; 64 65 return restrict_link_by_signature(secondary_trusted_keys, type, payload); 66} 67#endif 68 |
|
| 40/* | 69/* |
| 41 * Load the compiled-in keys | 70 * Create the trusted keyrings |
| 42 */ 43static __init int system_trusted_keyring_init(void) 44{ | 71 */ 72static __init int system_trusted_keyring_init(void) 73{ |
| 45 pr_notice("Initialise system trusted keyring\n"); | 74 pr_notice("Initialise system trusted keyrings\n"); |
| 46 | 75 |
| 47 system_trusted_keyring = 48 keyring_alloc(".system_keyring", | 76 builtin_trusted_keys = 77 keyring_alloc(".builtin_trusted_keys", |
| 49 KUIDT_INIT(0), KGIDT_INIT(0), current_cred(), 50 ((KEY_POS_ALL & ~KEY_POS_SETATTR) | 51 KEY_USR_VIEW | KEY_USR_READ | KEY_USR_SEARCH), 52 KEY_ALLOC_NOT_IN_QUOTA, | 78 KUIDT_INIT(0), KGIDT_INIT(0), current_cred(), 79 ((KEY_POS_ALL & ~KEY_POS_SETATTR) | 80 KEY_USR_VIEW | KEY_USR_READ | KEY_USR_SEARCH), 81 KEY_ALLOC_NOT_IN_QUOTA, |
| 53 restrict_link_by_builtin_trusted, NULL); 54 if (IS_ERR(system_trusted_keyring)) 55 panic("Can't allocate system trusted keyring\n"); | 82 NULL, NULL); 83 if (IS_ERR(builtin_trusted_keys)) 84 panic("Can't allocate builtin trusted keyring\n"); 85 86#ifdef CONFIG_SECONDARY_TRUSTED_KEYRING 87 secondary_trusted_keys = 88 keyring_alloc(".secondary_trusted_keys", 89 KUIDT_INIT(0), KGIDT_INIT(0), current_cred(), 90 ((KEY_POS_ALL & ~KEY_POS_SETATTR) | 91 KEY_USR_VIEW | KEY_USR_READ | KEY_USR_SEARCH | 92 KEY_USR_WRITE), 93 KEY_ALLOC_NOT_IN_QUOTA, 94 restrict_link_by_builtin_and_secondary_trusted, 95 NULL); 96 if (IS_ERR(secondary_trusted_keys)) 97 panic("Can't allocate secondary trusted keyring\n"); 98 99 if (key_link(secondary_trusted_keys, builtin_trusted_keys) < 0) 100 panic("Can't link trusted keyrings\n"); 101#endif 102 |
| 56 return 0; 57} 58 59/* 60 * Must be initialised before we try and load the keys into the keyring. 61 */ 62device_initcall(system_trusted_keyring_init); 63 --- 19 unchanged lines hidden (view full) --- 83 if (p[0] != 0x30 && 84 p[1] != 0x82) 85 goto dodgy_cert; 86 plen = (p[2] << 8) | p[3]; 87 plen += 4; 88 if (plen > end - p) 89 goto dodgy_cert; 90 | 103 return 0; 104} 105 106/* 107 * Must be initialised before we try and load the keys into the keyring. 108 */ 109device_initcall(system_trusted_keyring_init); 110 --- 19 unchanged lines hidden (view full) --- 130 if (p[0] != 0x30 && 131 p[1] != 0x82) 132 goto dodgy_cert; 133 plen = (p[2] << 8) | p[3]; 134 plen += 4; 135 if (plen > end - p) 136 goto dodgy_cert; 137 |
| 91 key = key_create_or_update(make_key_ref(system_trusted_keyring, 1), | 138 key = key_create_or_update(make_key_ref(builtin_trusted_keys, 1), |
| 92 "asymmetric", 93 NULL, 94 p, 95 plen, 96 ((KEY_POS_ALL & ~KEY_POS_SETATTR) | 97 KEY_USR_VIEW | KEY_USR_READ), 98 KEY_ALLOC_NOT_IN_QUOTA | 99 KEY_ALLOC_BUILT_IN | --- 20 unchanged lines hidden (view full) --- 120#ifdef CONFIG_SYSTEM_DATA_VERIFICATION 121 122/** 123 * verify_pkcs7_signature - Verify a PKCS#7-based signature on system data. 124 * @data: The data to be verified (NULL if expecting internal data). 125 * @len: Size of @data. 126 * @raw_pkcs7: The PKCS#7 message that is the signature. 127 * @pkcs7_len: The size of @raw_pkcs7. | 139 "asymmetric", 140 NULL, 141 p, 142 plen, 143 ((KEY_POS_ALL & ~KEY_POS_SETATTR) | 144 KEY_USR_VIEW | KEY_USR_READ), 145 KEY_ALLOC_NOT_IN_QUOTA | 146 KEY_ALLOC_BUILT_IN | --- 20 unchanged lines hidden (view full) --- 167#ifdef CONFIG_SYSTEM_DATA_VERIFICATION 168 169/** 170 * verify_pkcs7_signature - Verify a PKCS#7-based signature on system data. 171 * @data: The data to be verified (NULL if expecting internal data). 172 * @len: Size of @data. 173 * @raw_pkcs7: The PKCS#7 message that is the signature. 174 * @pkcs7_len: The size of @raw_pkcs7. |
| 128 * @trusted_keys: Trusted keys to use (NULL for system_trusted_keyring). | 175 * @trusted_keys: Trusted keys to use (NULL for builtin trusted keys only, 176 * (void *)1UL for all trusted keys). |
| 129 * @usage: The use to which the key is being put. 130 * @view_content: Callback to gain access to content. 131 * @ctx: Context for callback. 132 */ 133int verify_pkcs7_signature(const void *data, size_t len, 134 const void *raw_pkcs7, size_t pkcs7_len, 135 struct key *trusted_keys, 136 enum key_being_used_for usage, --- 15 unchanged lines hidden (view full) --- 152 ret = -EBADMSG; 153 goto error; 154 } 155 156 ret = pkcs7_verify(pkcs7, usage); 157 if (ret < 0) 158 goto error; 159 | 177 * @usage: The use to which the key is being put. 178 * @view_content: Callback to gain access to content. 179 * @ctx: Context for callback. 180 */ 181int verify_pkcs7_signature(const void *data, size_t len, 182 const void *raw_pkcs7, size_t pkcs7_len, 183 struct key *trusted_keys, 184 enum key_being_used_for usage, --- 15 unchanged lines hidden (view full) --- 200 ret = -EBADMSG; 201 goto error; 202 } 203 204 ret = pkcs7_verify(pkcs7, usage); 205 if (ret < 0) 206 goto error; 207 |
| 160 if (!trusted_keys) 161 trusted_keys = system_trusted_keyring; | 208 if (!trusted_keys) { 209 trusted_keys = builtin_trusted_keys; 210 } else if (trusted_keys == (void *)1UL) { 211#ifdef CONFIG_SECONDARY_TRUSTED_KEYRING 212 trusted_keys = secondary_trusted_keys; 213#else 214 trusted_keys = builtin_trusted_keys; 215#endif 216 } |
| 162 ret = pkcs7_validate_trust(pkcs7, trusted_keys); 163 if (ret < 0) { 164 if (ret == -ENOKEY) 165 pr_err("PKCS#7 signature not signed with a trusted key\n"); 166 goto error; 167 } 168 169 if (view_content) { --- 20 unchanged lines hidden --- | 217 ret = pkcs7_validate_trust(pkcs7, trusted_keys); 218 if (ret < 0) { 219 if (ret == -ENOKEY) 220 pr_err("PKCS#7 signature not signed with a trusted key\n"); 221 goto error; 222 } 223 224 if (view_content) { --- 20 unchanged lines hidden --- |