Permalink
Browse files

Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/ker…

…nel/git/rusty/linux

Pull module signing support from Rusty Russell:
 "module signing is the highlight, but it's an all-over David Howells frenzy..."

Hmm "Magrathea: Glacier signing key". Somebody has been reading too much HHGTTG.

* 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux: (37 commits)
  X.509: Fix indefinite length element skip error handling
  X.509: Convert some printk calls to pr_devel
  asymmetric keys: fix printk format warning
  MODSIGN: Fix 32-bit overflow in X.509 certificate validity date checking
  MODSIGN: Make mrproper should remove generated files.
  MODSIGN: Use utf8 strings in signer's name in autogenerated X.509 certs
  MODSIGN: Use the same digest for the autogen key sig as for the module sig
  MODSIGN: Sign modules during the build process
  MODSIGN: Provide a script for generating a key ID from an X.509 cert
  MODSIGN: Implement module signature checking
  MODSIGN: Provide module signing public keys to the kernel
  MODSIGN: Automatically generate module signing keys if missing
  MODSIGN: Provide Kconfig options
  MODSIGN: Provide gitignore and make clean rules for extra files
  MODSIGN: Add FIPS policy
  module: signature checking hook
  X.509: Add a crypto key parser for binary (DER) X.509 certificates
  MPILIB: Provide a function to read raw data into an MPI
  X.509: Add an ASN.1 decoder
  X.509: Add simple ASN.1 grammar compiler
  ...
  • Loading branch information...
torvalds committed Oct 14, 2012
2 parents b6eea87 + dbadc17 commit d25282d1c9b9bc4cda7f9d3c0205108e99aa7a9d
Showing with 6,799 additions and 594 deletions.
  1. +14 −0 .gitignore
  2. +312 −0 Documentation/crypto/asymmetric-keys.txt
  3. +6 −0 Documentation/kernel-parameters.txt
  4. +49 −1 Documentation/security/keys.txt
  5. +5 −1 Makefile
  6. +19 −0 arch/Kconfig
  7. +2 −0 arch/alpha/Kconfig
  8. +2 −8 arch/alpha/include/asm/module.h
  9. +2 −0 arch/arm/Kconfig
  10. +2 −6 arch/arm/include/asm/module.h
  11. +2 −0 arch/avr32/Kconfig
  12. +2 −4 arch/avr32/include/asm/module.h
  13. +2 −0 arch/blackfin/Kconfig
  14. +1 −3 arch/blackfin/include/asm/module.h
  15. +1 −0 arch/c6x/Kconfig
  16. +1 −11 arch/c6x/include/asm/module.h
  17. +1 −0 arch/cris/Kconfig
  18. +1 −0 arch/cris/include/asm/Kbuild
  19. +0 −9 arch/cris/include/asm/module.h
  20. +1 −7 arch/frv/include/asm/module.h
  21. +1 −0 arch/h8300/Kconfig
  22. +1 −0 arch/h8300/include/asm/Kbuild
  23. +0 −11 arch/h8300/include/asm/module.h
  24. +1 −0 arch/hexagon/Kconfig
  25. +2 −0 arch/ia64/Kconfig
  26. +2 −4 arch/ia64/include/asm/module.h
  27. +1 −0 arch/m32r/Kconfig
  28. +1 −0 arch/m32r/include/asm/Kbuild
  29. +0 −10 arch/m32r/include/asm/module.h
  30. +0 −15 arch/m32r/kernel/module.c
  31. +3 −0 arch/m68k/Kconfig
  32. +2 −4 arch/m68k/include/asm/module.h
  33. +1 −0 arch/microblaze/Kconfig
  34. +3 −0 arch/mips/Kconfig
  35. +8 −2 arch/mips/include/asm/module.h
  36. +1 −0 arch/mips/kernel/Makefile
  37. +145 −0 arch/mips/kernel/module-rela.c
  38. +1 −120 arch/mips/kernel/module.c
  39. +1 −0 arch/mn10300/Kconfig
  40. +1 −6 arch/mn10300/include/asm/module.h
  41. +1 −0 arch/openrisc/Kconfig
  42. +2 −0 arch/parisc/Kconfig
  43. +3 −13 arch/parisc/include/asm/module.h
  44. +2 −0 arch/powerpc/Kconfig
  45. +1 −6 arch/powerpc/include/asm/module.h
  46. +2 −0 arch/s390/Kconfig
  47. +3 −15 arch/s390/include/asm/module.h
  48. +2 −0 arch/score/Kconfig
  49. +1 −5 arch/score/include/asm/module.h
  50. +0 −10 arch/score/kernel/module.c
  51. +2 −0 arch/sh/Kconfig
  52. +3 −11 arch/sh/include/asm/module.h
  53. +1 −0 arch/sparc/Kconfig
  54. +1 −0 arch/sparc/include/asm/Kbuild
  55. +0 −24 arch/sparc/include/asm/module.h
  56. +1 −0 arch/tile/Kconfig
  57. +1 −0 arch/unicore32/Kconfig
  58. +2 −0 arch/x86/Kconfig
  59. +2 −0 arch/x86/um/Kconfig
  60. +1 −8 arch/xtensa/include/asm/module.h
  61. +1 −0 crypto/Kconfig
  62. +1 −0 crypto/Makefile
  63. +1 −0 crypto/asymmetric_keys/.gitignore
  64. +38 −0 crypto/asymmetric_keys/Kconfig
  65. +27 −0 crypto/asymmetric_keys/Makefile
  66. +15 −0 crypto/asymmetric_keys/asymmetric_keys.h
  67. +274 −0 crypto/asymmetric_keys/asymmetric_type.c
  68. +108 −0 crypto/asymmetric_keys/public_key.c
  69. +30 −0 crypto/asymmetric_keys/public_key.h
  70. +277 −0 crypto/asymmetric_keys/rsa.c
  71. +49 −0 crypto/asymmetric_keys/signature.c
  72. +60 −0 crypto/asymmetric_keys/x509.asn1
  73. +496 −0 crypto/asymmetric_keys/x509_cert_parser.c
  74. +36 −0 crypto/asymmetric_keys/x509_parser.h
  75. +239 −0 crypto/asymmetric_keys/x509_public_key.c
  76. +4 −0 crypto/asymmetric_keys/x509_rsakey.asn1
  77. +3 −3 fs/cifs/cifs_spnego.c
  78. +4 −4 fs/cifs/cifsacl.c
  79. +57 −0 include/asm-generic/bitops/count_zeros.h
  80. +33 −7 include/asm-generic/module.h
  81. +108 −0 include/crypto/public_key.h
  82. +37 −0 include/keys/asymmetric-parser.h
  83. +55 −0 include/keys/asymmetric-subtype.h
  84. +25 −0 include/keys/asymmetric-type.h
  85. +4 −2 include/keys/user-type.h
  86. +67 −0 include/linux/asn1.h
  87. +87 −0 include/linux/asn1_ber_bytecode.h
  88. +24 −0 include/linux/asn1_decoder.h
  89. +33 −2 include/linux/key-type.h
  90. +8 −0 include/linux/module.h
  91. +32 −4 include/linux/moduleloader.h
  92. +1 −0 include/linux/mpi.h
  93. +92 −0 include/linux/oid_registry.h
  94. +68 −0 init/Kconfig
  95. +77 −0 kernel/Makefile
  96. +113 −0 kernel/modsign_pubkey.c
  97. +15 −0 kernel/module-internal.h
  98. +130 −27 kernel/module.c
  99. +243 −0 kernel/module_signing.c
  100. +1 −1 lib/.gitignore
  101. +5 −0 lib/Kconfig
  102. +18 −0 lib/Makefile
  103. +487 −0 lib/asn1_decoder.c
  104. +209 −0 lib/build_OID_registry
  105. +1 −0 lib/mpi/Makefile
  106. +2 −136 lib/mpi/longlong.h
  107. +1 −1 lib/mpi/mpi-bit.c
  108. +70 −0 lib/mpi/mpi-cmp.c
  109. +2 −2 lib/mpi/mpi-pow.c
  110. +55 −0 lib/mpi/mpicoder.c
  111. +170 −0 lib/oid_registry.c
  112. +5 −4 net/ceph/crypto.c
  113. +3 −3 net/dns_resolver/dns_key.c
  114. +20 −20 net/rxrpc/ar-key.c
  115. +1 −0 scripts/.gitignore
  116. +2 −0 scripts/Makefile
  117. +11 −0 scripts/Makefile.build
  118. +76 −1 scripts/Makefile.modpost
  119. +1,545 −0 scripts/asn1_compiler.c
  120. +115 −0 scripts/sign-file
  121. +268 −0 scripts/x509keyid
  122. +9 −7 security/keys/encrypted-keys/encrypted.c
  123. +82 −32 security/keys/key.c
  124. +14 −4 security/keys/keyctl.c
  125. +3 −3 security/keys/keyring.c
  126. +4 −4 security/keys/request_key_auth.c
  127. +9 −7 security/keys/trusted.c
  128. +8 −6 security/keys/user_defined.c
View
@@ -14,6 +14,10 @@
*.o.*
*.a
*.s
+*.ko.unsigned
+*.ko.stripped
+*.ko.stripped.dig
+*.ko.stripped.sig
*.ko
*.so
*.so.dbg
@@ -84,3 +88,13 @@ GTAGS
*.orig
*~
\#*#
+
+#
+# Leavings from module signing
+#
+extra_certificates
+signing_key.priv
+signing_key.x509
+signing_key.x509.keyid
+signing_key.x509.signer
+x509.genkey
@@ -0,0 +1,312 @@
+ =============================================
+ ASYMMETRIC / PUBLIC-KEY CRYPTOGRAPHY KEY TYPE
+ =============================================
+
+Contents:
+
+ - Overview.
+ - Key identification.
+ - Accessing asymmetric keys.
+ - Signature verification.
+ - Asymmetric key subtypes.
+ - Instantiation data parsers.
+
+
+========
+OVERVIEW
+========
+
+The "asymmetric" key type is designed to be a container for the keys used in
+public-key cryptography, without imposing any particular restrictions on the
+form or mechanism of the cryptography or form of the key.
+
+The asymmetric key is given a subtype that defines what sort of data is
+associated with the key and provides operations to describe and destroy it.
+However, no requirement is made that the key data actually be stored in the
+key.
+
+A completely in-kernel key retention and operation subtype can be defined, but
+it would also be possible to provide access to cryptographic hardware (such as
+a TPM) that might be used to both retain the relevant key and perform
+operations using that key. In such a case, the asymmetric key would then
+merely be an interface to the TPM driver.
+
+Also provided is the concept of a data parser. Data parsers are responsible
+for extracting information from the blobs of data passed to the instantiation
+function. The first data parser that recognises the blob gets to set the
+subtype of the key and define the operations that can be done on that key.
+
+A data parser may interpret the data blob as containing the bits representing a
+key, or it may interpret it as a reference to a key held somewhere else in the
+system (for example, a TPM).
+
+
+==================
+KEY IDENTIFICATION
+==================
+
+If a key is added with an empty name, the instantiation data parsers are given
+the opportunity to pre-parse a key and to determine the description the key
+should be given from the content of the key.
+
+This can then be used to refer to the key, either by complete match or by
+partial match. The key type may also use other criteria to refer to a key.
+
+The asymmetric key type's match function can then perform a wider range of
+comparisons than just the straightforward comparison of the description with
+the criterion string:
+
+ (1) If the criterion string is of the form "id:<hexdigits>" then the match
+ function will examine a key's fingerprint to see if the hex digits given
+ after the "id:" match the tail. For instance:
+
+ keyctl search @s asymmetric id:5acc2142
+
+ will match a key with fingerprint:
+
+ 1A00 2040 7601 7889 DE11 882C 3823 04AD 5ACC 2142
+
+ (2) If the criterion string is of the form "<subtype>:<hexdigits>" then the
+ match will match the ID as in (1), but with the added restriction that
+ only keys of the specified subtype (e.g. tpm) will be matched. For
+ instance:
+
+ keyctl search @s asymmetric tpm:5acc2142
+
+Looking in /proc/keys, the last 8 hex digits of the key fingerprint are
+displayed, along with the subtype:
+
+ 1a39e171 I----- 1 perm 3f010000 0 0 asymmetri modsign.0: DSA 5acc2142 []
+
+
+=========================
+ACCESSING ASYMMETRIC KEYS
+=========================
+
+For general access to asymmetric keys from within the kernel, the following
+inclusion is required:
+
+ #include <crypto/public_key.h>
+
+This gives access to functions for dealing with asymmetric / public keys.
+Three enums are defined there for representing public-key cryptography
+algorithms:
+
+ enum pkey_algo
+
+digest algorithms used by those:
+
+ enum pkey_hash_algo
+
+and key identifier representations:
+
+ enum pkey_id_type
+
+Note that the key type representation types are required because key
+identifiers from different standards aren't necessarily compatible. For
+instance, PGP generates key identifiers by hashing the key data plus some
+PGP-specific metadata, whereas X.509 has arbitrary certificate identifiers.
+
+The operations defined upon a key are:
+
+ (1) Signature verification.
+
+Other operations are possible (such as encryption) with the same key data
+required for verification, but not currently supported, and others
+(eg. decryption and signature generation) require extra key data.
+
+
+SIGNATURE VERIFICATION
+----------------------
+
+An operation is provided to perform cryptographic signature verification, using
+an asymmetric key to provide or to provide access to the public key.
+
+ int verify_signature(const struct key *key,
+ const struct public_key_signature *sig);
+
+The caller must have already obtained the key from some source and can then use
+it to check the signature. The caller must have parsed the signature and
+transferred the relevant bits to the structure pointed to by sig.
+
+ struct public_key_signature {
+ u8 *digest;
+ u8 digest_size;
+ enum pkey_hash_algo pkey_hash_algo : 8;
+ u8 nr_mpi;
+ union {
+ MPI mpi[2];
+ ...
+ };
+ };
+
+The algorithm used must be noted in sig->pkey_hash_algo, and all the MPIs that
+make up the actual signature must be stored in sig->mpi[] and the count of MPIs
+placed in sig->nr_mpi.
+
+In addition, the data must have been digested by the caller and the resulting
+hash must be pointed to by sig->digest and the size of the hash be placed in
+sig->digest_size.
+
+The function will return 0 upon success or -EKEYREJECTED if the signature
+doesn't match.
+
+The function may also return -ENOTSUPP if an unsupported public-key algorithm
+or public-key/hash algorithm combination is specified or the key doesn't
+support the operation; -EBADMSG or -ERANGE if some of the parameters have weird
+data; or -ENOMEM if an allocation can't be performed. -EINVAL can be returned
+if the key argument is the wrong type or is incompletely set up.
+
+
+=======================
+ASYMMETRIC KEY SUBTYPES
+=======================
+
+Asymmetric keys have a subtype that defines the set of operations that can be
+performed on that key and that determines what data is attached as the key
+payload. The payload format is entirely at the whim of the subtype.
+
+The subtype is selected by the key data parser and the parser must initialise
+the data required for it. The asymmetric key retains a reference on the
+subtype module.
+
+The subtype definition structure can be found in:
+
+ #include <keys/asymmetric-subtype.h>
+
+and looks like the following:
+
+ struct asymmetric_key_subtype {
+ struct module *owner;
+ const char *name;
+
+ void (*describe)(const struct key *key, struct seq_file *m);
+ void (*destroy)(void *payload);
+ int (*verify_signature)(const struct key *key,
+ const struct public_key_signature *sig);
+ };
+
+Asymmetric keys point to this with their type_data[0] member.
+
+The owner and name fields should be set to the owning module and the name of
+the subtype. Currently, the name is only used for print statements.
+
+There are a number of operations defined by the subtype:
+
+ (1) describe().
+
+ Mandatory. This allows the subtype to display something in /proc/keys
+ against the key. For instance the name of the public key algorithm type
+ could be displayed. The key type will display the tail of the key
+ identity string after this.
+
+ (2) destroy().
+
+ Mandatory. This should free the memory associated with the key. The
+ asymmetric key will look after freeing the fingerprint and releasing the
+ reference on the subtype module.
+
+ (3) verify_signature().
+
+ Optional. These are the entry points for the key usage operations.
+ Currently there is only the one defined. If not set, the caller will be
+ given -ENOTSUPP. The subtype may do anything it likes to implement an
+ operation, including offloading to hardware.
+
+
+==========================
+INSTANTIATION DATA PARSERS
+==========================
+
+The asymmetric key type doesn't generally want to store or to deal with a raw
+blob of data that holds the key data. It would have to parse it and error
+check it each time it wanted to use it. Further, the contents of the blob may
+have various checks that can be performed on it (eg. self-signatures, validity
+dates) and may contain useful data about the key (identifiers, capabilities).
+
+Also, the blob may represent a pointer to some hardware containing the key
+rather than the key itself.
+
+Examples of blob formats for which parsers could be implemented include:
+
+ - OpenPGP packet stream [RFC 4880].
+ - X.509 ASN.1 stream.
+ - Pointer to TPM key.
+ - Pointer to UEFI key.
+
+During key instantiation each parser in the list is tried until one doesn't
+return -EBADMSG.
+
+The parser definition structure can be found in:
+
+ #include <keys/asymmetric-parser.h>
+
+and looks like the following:
+
+ struct asymmetric_key_parser {
+ struct module *owner;
+ const char *name;
+
+ int (*parse)(struct key_preparsed_payload *prep);
+ };
+
+The owner and name fields should be set to the owning module and the name of
+the parser.
+
+There is currently only a single operation defined by the parser, and it is
+mandatory:
+
+ (1) parse().
+
+ This is called to preparse the key from the key creation and update paths.
+ In particular, it is called during the key creation _before_ a key is
+ allocated, and as such, is permitted to provide the key's description in
+ the case that the caller declines to do so.
+
+ The caller passes a pointer to the following struct with all of the fields
+ cleared, except for data, datalen and quotalen [see
+ Documentation/security/keys.txt].
+
+ struct key_preparsed_payload {
+ char *description;
+ void *type_data[2];
+ void *payload;
+ const void *data;
+ size_t datalen;
+ size_t quotalen;
+ };
+
+ The instantiation data is in a blob pointed to by data and is datalen in
+ size. The parse() function is not permitted to change these two values at
+ all, and shouldn't change any of the other values _unless_ they are
+ recognise the blob format and will not return -EBADMSG to indicate it is
+ not theirs.
+
+ If the parser is happy with the blob, it should propose a description for
+ the key and attach it to ->description, ->type_data[0] should be set to
+ point to the subtype to be used, ->payload should be set to point to the
+ initialised data for that subtype, ->type_data[1] should point to a hex
+ fingerprint and quotalen should be updated to indicate how much quota this
+ key should account for.
+
+ When clearing up, the data attached to ->type_data[1] and ->description
+ will be kfree()'d and the data attached to ->payload will be passed to the
+ subtype's ->destroy() method to be disposed of. A module reference for
+ the subtype pointed to by ->type_data[0] will be put.
+
+
+ If the data format is not recognised, -EBADMSG should be returned. If it
+ is recognised, but the key cannot for some reason be set up, some other
+ negative error code should be returned. On success, 0 should be returned.
+
+ The key's fingerprint string may be partially matched upon. For a
+ public-key algorithm such as RSA and DSA this will likely be a printable
+ hex version of the key's fingerprint.
+
+Functions are provided to register and unregister parsers:
+
+ int register_asymmetric_key_parser(struct asymmetric_key_parser *parser);
+ void unregister_asymmetric_key_parser(struct asymmetric_key_parser *subtype);
+
+Parsers may not have the same name. The names are otherwise only used for
+displaying in debugging messages.
@@ -1593,6 +1593,12 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
log everything. Information is printed at KERN_DEBUG
so loglevel=8 may also need to be specified.
+ module.sig_enforce
+ [KNL] When CONFIG_MODULE_SIG is set, this means that
+ modules without (valid) signatures will fail to load.
+ Note that if CONFIG_MODULE_SIG_ENFORCE is set, that
+ is always true, so this option does nothing.
+
mousedev.tap_time=
[MOUSE] Maximum time between finger touching and
leaving touchpad surface for touch to be considered
Oops, something went wrong.

0 comments on commit d25282d

Please sign in to comment.