diff --git a/MAINTAINERS b/MAINTAINERS index 2a90101309d1..ece8935025e3 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -5846,7 +5846,7 @@ F: drivers/mmc/host/sdhci-spear.c SECURITY SUBSYSTEM M: James Morris L: linux-security-module@vger.kernel.org (suggested Cc:) -T: git git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6.git +T: git git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git W: http://security.wiki.kernel.org/ S: Supported F: security/ diff --git a/include/linux/digsig.h b/include/linux/digsig.h index efae755017d7..b01558b15814 100644 --- a/include/linux/digsig.h +++ b/include/linux/digsig.h @@ -46,7 +46,7 @@ struct signature_hdr { char mpi[0]; } __packed; -#if defined(CONFIG_DIGSIG) || defined(CONFIG_DIGSIG_MODULE) +#if defined(CONFIG_SIGNATURE) || defined(CONFIG_SIGNATURE_MODULE) int digsig_verify(struct key *keyring, const char *sig, int siglen, const char *digest, int digestlen); @@ -59,6 +59,6 @@ static inline int digsig_verify(struct key *keyring, const char *sig, return -EOPNOTSUPP; } -#endif /* CONFIG_DIGSIG */ +#endif /* CONFIG_SIGNATURE */ #endif /* _DIGSIG_H */ diff --git a/include/linux/key.h b/include/linux/key.h index 183a6af7715d..bfc014c57351 100644 --- a/include/linux/key.h +++ b/include/linux/key.h @@ -293,6 +293,9 @@ static inline bool key_is_instantiated(const struct key *key) (rcu_dereference_protected((KEY)->payload.rcudata, \ rwsem_is_locked(&((struct key *)(KEY))->sem))) +#define rcu_assign_keypointer(KEY, PAYLOAD) \ + (rcu_assign_pointer((KEY)->payload.rcudata, PAYLOAD)) + #ifdef CONFIG_SYSCTL extern ctl_table key_sysctls[]; #endif diff --git a/lib/Kconfig b/lib/Kconfig index 201e1b33d721..169eb7c598e5 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -286,25 +286,24 @@ config CORDIC calculations are in fixed point. Module will be called cordic. config MPILIB - tristate "Multiprecision maths library" + tristate help Multiprecision maths library from GnuPG. It is used to implement RSA digital signature verification, which is used by IMA/EVM digital signature extension. config MPILIB_EXTRA - bool "Multiprecision maths library - additional sources" + bool depends on MPILIB help - Multiprecision maths library from GnuPG. - It is used to implement RSA digital signature verification, - which is used by IMA/EVM digital signature extension. - This code in unnecessary for RSA digital signature verification, - and can be compiled if needed. + Additional sources of multiprecision maths library from GnuPG. + This code is unnecessary for RSA digital signature verification, + but can be compiled if needed. -config DIGSIG - tristate "In-kernel signature checker" - depends on KEYS +config SIGNATURE + tristate + depends on KEYS && CRYPTO + select CRYPTO_SHA1 select MPILIB help Digital signature verification. Currently only RSA is supported. diff --git a/lib/Makefile b/lib/Makefile index dace162c7e1c..d71aae1b01b3 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -119,7 +119,7 @@ obj-$(CONFIG_CORDIC) += cordic.o obj-$(CONFIG_DQL) += dynamic_queue_limits.o obj-$(CONFIG_MPILIB) += mpi/ -obj-$(CONFIG_DIGSIG) += digsig.o +obj-$(CONFIG_SIGNATURE) += digsig.o hostprogs-y := gen_crc32table clean-files := crc32table.h diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig index d384ea921482..5bd1cc1b4a54 100644 --- a/security/integrity/Kconfig +++ b/security/integrity/Kconfig @@ -3,11 +3,11 @@ config INTEGRITY def_bool y depends on IMA || EVM -config INTEGRITY_DIGSIG +config INTEGRITY_SIGNATURE boolean "Digital signature verification using multiple keyrings" depends on INTEGRITY && KEYS default n - select DIGSIG + select SIGNATURE help This option enables digital signature verification support using multiple keyrings. It defines separate keyrings for each diff --git a/security/integrity/Makefile b/security/integrity/Makefile index bece0563ee5e..d43799cc14f6 100644 --- a/security/integrity/Makefile +++ b/security/integrity/Makefile @@ -3,7 +3,7 @@ # obj-$(CONFIG_INTEGRITY) += integrity.o -obj-$(CONFIG_INTEGRITY_DIGSIG) += digsig.o +obj-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o integrity-y := iint.o diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h index 4da6ba81d153..7a25ecec5aaa 100644 --- a/security/integrity/integrity.h +++ b/security/integrity/integrity.h @@ -51,7 +51,7 @@ struct integrity_iint_cache *integrity_iint_find(struct inode *inode); #define INTEGRITY_KEYRING_IMA 2 #define INTEGRITY_KEYRING_MAX 3 -#ifdef CONFIG_INTEGRITY_DIGSIG +#ifdef CONFIG_INTEGRITY_SIGNATURE int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen, const char *digest, int digestlen); @@ -65,7 +65,7 @@ static inline int integrity_digsig_verify(const unsigned int id, return -EOPNOTSUPP; } -#endif /* CONFIG_INTEGRITY_DIGSIG */ +#endif /* CONFIG_INTEGRITY_SIGNATURE */ /* set during initialization */ extern int iint_initialized; diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c index 41144f71d615..2d1bb8af7696 100644 --- a/security/keys/encrypted-keys/encrypted.c +++ b/security/keys/encrypted-keys/encrypted.c @@ -314,7 +314,7 @@ static struct key *request_user_key(const char *master_desc, u8 **master_key, goto error; down_read(&ukey->sem); - upayload = rcu_dereference(ukey->payload.data); + upayload = ukey->payload.data; *master_key = upayload->data; *master_keylen = upayload->datalen; error: @@ -810,7 +810,7 @@ static int encrypted_instantiate(struct key *key, const void *data, goto out; } - rcu_assign_pointer(key->payload.data, epayload); + rcu_assign_keypointer(key, epayload); out: kfree(datablob); return ret; @@ -874,7 +874,7 @@ static int encrypted_update(struct key *key, const void *data, size_t datalen) memcpy(new_epayload->payload_data, epayload->payload_data, epayload->payload_datalen); - rcu_assign_pointer(key->payload.data, new_epayload); + rcu_assign_keypointer(key, new_epayload); call_rcu(&epayload->rcu, encrypted_rcu_free); out: kfree(buf); diff --git a/security/keys/encrypted-keys/masterkey_trusted.c b/security/keys/encrypted-keys/masterkey_trusted.c index df87272e3f51..013f7e5d3a2f 100644 --- a/security/keys/encrypted-keys/masterkey_trusted.c +++ b/security/keys/encrypted-keys/masterkey_trusted.c @@ -18,6 +18,8 @@ #include #include #include +#include +#include "encrypted.h" /* * request_trusted_key - request the trusted key @@ -37,7 +39,7 @@ struct key *request_trusted_key(const char *trusted_desc, goto error; down_read(&tkey->sem); - tpayload = rcu_dereference(tkey->payload.data); + tpayload = tkey->payload.data; *master_key = tpayload->key; *master_keylen = tpayload->key_len; error: diff --git a/security/keys/gc.c b/security/keys/gc.c index bf4d8da5a795..a42b45531aac 100644 --- a/security/keys/gc.c +++ b/security/keys/gc.c @@ -145,7 +145,9 @@ static void key_gc_keyring(struct key *keyring, time_t limit) if (!klist) goto unlock_dont_gc; - for (loop = klist->nkeys - 1; loop >= 0; loop--) { + loop = klist->nkeys; + smp_rmb(); + for (loop--; loop >= 0; loop--) { key = klist->keys[loop]; if (test_bit(KEY_FLAG_DEAD, &key->flags) || (key->expiry > 0 && key->expiry <= limit)) diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 37a7f3b28852..d605f75292e4 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -319,7 +319,7 @@ key_ref_t keyring_search_aux(key_ref_t keyring_ref, struct key *keyring, *key; key_ref_t key_ref; long err; - int sp, kix; + int sp, nkeys, kix; keyring = key_ref_to_ptr(keyring_ref); possessed = is_key_possessed(keyring_ref); @@ -380,7 +380,9 @@ descend: goto not_this_keyring; /* iterate through the keys in this keyring first */ - for (kix = 0; kix < keylist->nkeys; kix++) { + nkeys = keylist->nkeys; + smp_rmb(); + for (kix = 0; kix < nkeys; kix++) { key = keylist->keys[kix]; kflags = key->flags; @@ -421,7 +423,9 @@ descend: /* search through the keyrings nested in this one */ kix = 0; ascend: - for (; kix < keylist->nkeys; kix++) { + nkeys = keylist->nkeys; + smp_rmb(); + for (; kix < nkeys; kix++) { key = keylist->keys[kix]; if (key->type != &key_type_keyring) continue; @@ -515,7 +519,7 @@ key_ref_t __keyring_search_one(key_ref_t keyring_ref, struct keyring_list *klist; unsigned long possessed; struct key *keyring, *key; - int loop; + int nkeys, loop; keyring = key_ref_to_ptr(keyring_ref); possessed = is_key_possessed(keyring_ref); @@ -524,7 +528,9 @@ key_ref_t __keyring_search_one(key_ref_t keyring_ref, klist = rcu_dereference(keyring->payload.subscriptions); if (klist) { - for (loop = 0; loop < klist->nkeys; loop++) { + nkeys = klist->nkeys; + smp_rmb(); + for (loop = 0; loop < nkeys ; loop++) { key = klist->keys[loop]; if (key->type == ktype && @@ -622,7 +628,7 @@ static int keyring_detect_cycle(struct key *A, struct key *B) struct keyring_list *keylist; struct key *subtree, *key; - int sp, kix, ret; + int sp, nkeys, kix, ret; rcu_read_lock(); @@ -645,7 +651,9 @@ descend: ascend: /* iterate through the remaining keys in this keyring */ - for (; kix < keylist->nkeys; kix++) { + nkeys = keylist->nkeys; + smp_rmb(); + for (; kix < nkeys; kix++) { key = keylist->keys[kix]; if (key == A) diff --git a/security/keys/trusted.c b/security/keys/trusted.c index 0ed5fdf238a2..2d5d041f2049 100644 --- a/security/keys/trusted.c +++ b/security/keys/trusted.c @@ -993,7 +993,7 @@ out: kfree(datablob); kfree(options); if (!ret) - rcu_assign_pointer(key->payload.data, payload); + rcu_assign_keypointer(key, payload); else kfree(payload); return ret; @@ -1067,7 +1067,7 @@ static int trusted_update(struct key *key, const void *data, size_t datalen) goto out; } } - rcu_assign_pointer(key->payload.data, new_p); + rcu_assign_keypointer(key, new_p); call_rcu(&p->rcu, trusted_rcu_free); out: kfree(datablob); diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c index 4a9b4b2eb755..867558c98334 100644 --- a/security/tomoyo/util.c +++ b/security/tomoyo/util.c @@ -492,13 +492,13 @@ static bool tomoyo_correct_word2(const char *string, size_t len) if (d < '0' || d > '7' || e < '0' || e > '7') break; c = tomoyo_make_byte(c, d, e); - if (tomoyo_invalid(c)) - continue; /* pattern is not \000 */ + if (c <= ' ' || c >= 127) + continue; } goto out; } else if (in_repetition && c == '/') { goto out; - } else if (tomoyo_invalid(c)) { + } else if (c <= ' ' || c >= 127) { goto out; } }