OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/Documentation
History
David Howells 5ac7eace2d KEYS: Add a facility to restrict new links into a keyring 
Add a facility whereby proposed new links to be added to a keyring can be
vetted, permitting them to be rejected if necessary.  This can be used to
block public keys from which the signature cannot be verified or for which
the signature verification fails.  It could also be used to provide
blacklisting.

This affects operations like add_key(), KEYCTL_LINK and KEYCTL_INSTANTIATE.

To this end:

 (1) A function pointer is added to the key struct that, if set, points to
     the vetting function.  This is called as:

	int (*restrict_link)(struct key *keyring,
			     const struct key_type *key_type,
			     unsigned long key_flags,
			     const union key_payload *key_payload),

     where 'keyring' will be the keyring being added to, key_type and
     key_payload will describe the key being added and key_flags[*] can be
     AND'ed with KEY_FLAG_TRUSTED.

     [*] This parameter will be removed in a later patch when
     	 KEY_FLAG_TRUSTED is removed.

     The function should return 0 to allow the link to take place or an
     error (typically -ENOKEY, -ENOPKG or -EKEYREJECTED) to reject the
     link.

     The pointer should not be set directly, but rather should be set
     through keyring_alloc().

     Note that if called during add_key(), preparse is called before this
     method, but a key isn't actually allocated until after this function
     is called.

 (2) KEY_ALLOC_BYPASS_RESTRICTION is added.  This can be passed to
     key_create_or_update() or key_instantiate_and_link() to bypass the
     restriction check.

 (3) KEY_FLAG_TRUSTED_ONLY is removed.  The entire contents of a keyring
     with this restriction emplaced can be considered 'trustworthy' by
     virtue of being in the keyring when that keyring is consulted.

 (4) key_alloc() and keyring_alloc() take an extra argument that will be
     used to set restrict_link in the new key.  This ensures that the
     pointer is set before the key is published, thus preventing a window
     of unrestrictedness.  Normally this argument will be NULL.

 (5) As a temporary affair, keyring_restrict_trusted_only() is added.  It
     should be passed to keyring_alloc() as the extra argument instead of
     setting KEY_FLAG_TRUSTED_ONLY on a keyring.  This will be replaced in
     a later patch with functions that look in the appropriate places for
     authoritative keys.

Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
 		2016-04-11 22:37:37 +01:00
..
ABI Merge tag 'ofs-pull-tag-1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux 2016-03-26 12:59:04 -07:00
DocBook Merge branch 'drm-next' of git://people.freedesktop.org/~airlied/linux 2016-03-21 13:48:00 -07:00
EDID
PCI
RCU documentation: Update RCU requirements based on expedited changes 2015-12-05 12:34:32 -08:00
accounting Documentation-getdelays: Apply a recommendation from "checkpatch.pl" in main() 2015-12-24 07:22:32 -07:00
acpi mfd: core: redo ACPI matching of the children devices 2015-10-26 15:25:53 +01:00
aoe
arm ARM: SoC 64-bit changes for v4.6 2016-03-20 15:08:45 -07:00
arm64 arm64: Add workaround for Cavium erratum 27456 2016-02-26 15:14:27 +00:00
auxdisplay
backlight
blackfin
block A relatively boring cycle in the docs tree. There's a few kernel-doc 2016-01-17 11:55:07 -08:00
blockdev cpqarray: remove it from the kernel 2016-03-14 09:06:01 -06:00
bus-devices
cdrom
cgroup-v1 Merge branch 'for-4.6' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup 2016-03-18 20:25:49 -07:00
cma
connector
console
cpu-freq Documentation: cpufreq: intel_pstate: fix typo 2016-02-18 20:31:53 +01:00
cpuidle
cris
crypto crypto: doc - Use ahash 2016-02-06 15:33:11 +08:00
development-process
device-mapper dm cache: make the 'mq' policy an alias for 'smq' 2016-03-10 17:12:08 -05:00
devicetree SCSI misc on 20160326 2016-03-26 11:31:01 -07:00
dmaengine Merge branch 'topic/async' into for-linus 2016-01-06 15:17:47 +05:30
driver-model Merge branch 'for-linus' of git://ftp.arm.linux.org.uk/~rmk/linux-arm 2016-03-19 16:31:54 -07:00
dvb [media] media: change email address 2016-01-25 12:01:08 -02:00
early-userspace
extcon
fault-injection net: Add support for CHANGEUPPER notifier error injection 2015-12-03 11:49:23 -05:00
fb
features arm64 updates for 4.6: 2016-03-17 20:03:47 -07:00
filesystems Merge tag 'ofs-pull-tag-1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux 2016-03-26 12:59:04 -07:00
firmware_class
fmc
fpga
frv
gpio gpio: documenatation: fix GPIO_LOOKUP{,_IDX} documentation 2016-02-25 16:01:51 +01:00
hid
hwmon hwmon: Create an NSA320 hardware monitoring driver 2016-03-08 18:40:49 -08:00
i2c Doc: i2c: Fix typo in Documentation/i2c 2016-02-10 13:12:14 -07:00
ia64
ide
iio iio: Documentation: Add IIO configfs documentation 2015-12-03 18:19:28 +00:00
infiniband staging/rdma/hfi1: Method to toggle "fast ECN" detection 2016-03-10 20:37:50 -05:00
input Input: add userio module 2015-10-27 18:55:31 -07:00
ioctl gpio: uapi: use 0xB4 as ioctl() major 2016-03-10 16:02:52 +07:00
isdn isdn: i4l: move active-isdn drivers to staging 2016-03-05 15:00:38 -08:00
ja_JP Doc: ja_JP: Fix a typo in HOWTO 2016-02-10 13:14:37 -07:00
kbuild
kdump
ko_KR Documentation/ko_KR: update maintainer information 2016-02-17 14:10:39 -07:00
laptops
leds Documentation: leds: Add description of brightness setting API 2016-01-04 09:57:31 +01:00
locking Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2015-11-03 16:10:43 -08:00
m68k
memory-devices
metag
mic Char/Misc patches for 4.6-rc1 2016-03-17 13:47:50 -07:00
mips
misc-devices Merge char-misc-next into staging-next 2016-02-22 14:46:24 -08:00
mmc mmc: core: Remove MMC_CLKGATE 2015-10-26 16:00:09 +01:00
mn10300
mtd Documentation: mtd: improve nand_ecc.txt for readability and correctness 2015-11-17 17:05:14 -08:00
namespaces
netlabel
networking switchdev: fix typo in comments/doc 2016-03-24 14:51:24 -04:00
nfc
nios2
nvdimm libnvdimm: documentation clarifications 2015-11-12 09:55:23 -08:00
nvmem
parisc
pcmcia
phy
platform
power Merge branches 'pm-pci' and 'pm-core' 2016-01-12 01:10:52 +01:00
powerpc cxl: Support to flash a new image on the adapter from a guest 2016-03-09 23:39:56 +11:00
pps
prctl Documentation: Fix int/unsigned int comparison 2016-02-17 14:09:43 -07:00
pti
ptp Another relatively boring cycle for the docs tree: typo fixes, translation 2016-03-17 12:09:35 -07:00
rapidio rapidio: add mport char device driver 2016-03-22 15:36:02 -07:00
s390 s390/zcore: remove /sys/kernel/debug/zcore/mem 2015-11-27 09:24:12 +01:00
scheduler
scsi st: Fix MTMKPART to work with newer drives 2016-02-23 21:27:02 -05:00
security KEYS: Add a facility to restrict new links into a keyring 2016-04-11 22:37:37 +01:00
serial tty: Remove chars_in_buffer() line discipline method 2016-01-27 15:01:44 -08:00
sh
sound Merge branch 'topic/hda-mst' into for-next 2016-02-10 09:25:15 +01:00
spi spi: tools: move spidev_test metadata 2015-11-30 12:14:12 +00:00
sysctl Merge branch 'akpm' (patches from Andrew) 2016-03-18 19:26:54 -07:00
target target/user: Report capability of handling out-of-order completions to userspace 2016-03-10 21:49:09 -08:00
thermal thermal: doc: Add details of devm_thermal_zone_of_sensor_{register,unregister} 2016-03-09 10:51:41 -08:00
timers Another relatively boring cycle for the docs tree: typo fixes, translation 2016-03-17 12:09:35 -07:00
tpm
trace x86, tracing, perf: Add trace point for MSR accesses 2015-12-06 12:56:10 +01:00
usb usb: devio: Add ioctl to disallow detaching kernel USB drivers. 2016-03-05 12:05:01 -08:00
vDSO
video4linux [media] saa7134: Add support for Snazio TvPVR PRO 2016-03-03 09:03:48 -03:00
virtual One of the largest releases for KVM... Hardly any generic improvement, 2016-03-16 09:55:35 -07:00
vm mm: thp: set THP defrag by default to madvise and add a stall-free defrag option 2016-03-17 15:09:34 -07:00
w1
watchdog Merge git://www.linux-watchdog.org/linux-watchdog 2016-03-19 19:35:51 -07:00
wimax
x86 x86/Documentation: Start documenting x86 topology 2016-03-29 10:45:04 +02:00
xtensa
zh_CN Documentation: Chinese translation of arm64/silicon-errata.txt 2016-02-17 14:08:07 -07:00
00-INDEX
BUG-HUNTING
Changes There is a nice new document from Neil on how pathname lookups work and 2015-11-05 15:59:24 -08:00
CodeOfConflict
CodingStyle Documentation/CodingStyle: add space before parenthesis in example macro 2016-01-25 12:36:28 -07:00
DMA-API-HOWTO.txt dma-mapping: always provide the dma_map_ops based implementation 2016-01-20 17:09:18 -08:00
DMA-API.txt DMA-API: fix confusing sentence in Documentation/DMA-API.txt 2016-01-11 18:29:00 -07:00
DMA-ISA-LPC.txt
DMA-attributes.txt ARM: 8506/1: common: DMA-mapping: add DMA_ATTR_ALLOC_SINGLE_PAGES attribute 2016-02-11 15:33:38 +00:00
HOWTO Documentation: Howto: Fixed subtitles style 2016-03-09 15:30:03 -07:00
IPMI.txt ipmi watchdog : add panic_wdt_timeout parameter 2015-11-16 06:28:43 -06:00
IRQ-affinity.txt
IRQ-domain.txt
IRQ.txt
Intel-IOMMU.txt iommu/vt-d: Fix link to Intel IOMMU Specification 2016-01-29 12:32:12 +01:00
Makefile spi: Move spi code from Documentation to tools 2015-11-23 14:54:01 +00:00
ManagementStyle
SAK.txt
SM501.txt
SecurityBugs
SubmitChecklist
SubmittingDrivers
SubmittingPatches SubmittingPatches: fix spelling of "git send-email" 2016-01-25 12:30:18 -07:00
VGA-softcursor.txt
adding-syscalls.txt
applying-patches.txt
assoc_array.txt
atomic_ops.txt
bad_memory.txt
basic_profiling.txt
bcache.txt
binfmt_misc.txt
braille-console.txt
bt8xxgpio.txt
btmrvl.txt
bus-virt-phys-mapping.txt
cachetlb.txt
cgroup-v2.txt Merge branch 'for-4.6-ns' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup 2016-03-21 10:05:13 -07:00
circular-buffers.txt
clk.txt
coccinelle.txt
cpu-hotplug.txt Documentation: cpu-hotplug: Fix sysfs mount instructions 2015-12-10 11:35:30 -07:00
cpu-load.txt
cputopology.txt
crc32.txt
dcdbas.txt
debugging-modules.txt
debugging-via-ohci1394.txt
dell_rbu.txt
devices.txt
digsig.txt
dma-buf-sharing.txt dma-buf: Update docs for SYNC ioctl 2016-03-21 09:26:45 +01:00
dontdiff Documentation: dontdiff: remove media from dontdiff 2015-11-11 10:08:07 -07:00
dynamic-debug-howto.txt
edac.txt EDAC: Remove references to bluesmoke.sourceforge.net 2015-11-26 14:46:06 +01:00
efi-stub.txt doc: efi-stub.txt: Fix arm64 paths 2015-12-14 15:24:03 +00:00
eisa.txt
email-clients.txt A few more documentation patches that wandered in and have no reason to 2015-11-13 09:19:05 -08:00
flexible-arrays.txt
futex-requeue-pi.txt
gcov.txt
gdb-kernel-debugging.txt
highuid.txt
hsi.txt
hw_random.txt
hwspinlock.txt
init.txt
initrd.txt
intel_txt.txt
io-mapping.txt
io_ordering.txt
iostats.txt
irqflags-tracing.txt
isapnp.txt
java.txt
kasan.txt mm, kasan: SLAB support 2016-03-25 16:37:42 -07:00
kcov.txt kernel: add kcov code coverage 2016-03-22 15:36:02 -07:00
kernel-doc-nano-HOWTO.txt
kernel-docs.txt Documentation: translations: update linux cross reference link 2016-01-11 18:26:58 -07:00
kernel-parameters.txt Merge branch 'mm-pkeys-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-03-20 19:08:56 -07:00
kernel-per-CPU-kthreads.txt irq_poll: make blk-iopoll available outside the block layer 2015-12-11 11:52:24 -08:00
kmemcheck.txt
kmemleak.txt
kobject.txt
kprobes.txt
kref.txt
kselftest.txt Documentation: kselftest: Remove duplicate word 2016-03-09 15:33:38 -07:00
ldm.txt
local_ops.txt
lockup-watchdogs.txt kernel/watchdog.c: add sysctl knob hardlockup_panic 2015-11-05 19:34:48 -08:00
logo.gif
logo.txt
lzo.txt
magic-number.txt
mailbox.txt
md-cluster.txt md-cluster: update the documentation 2016-01-06 11:39:06 +11:00
md.txt
memory-barriers.txt documentation: Clarify compiler store-fusion example 2016-03-14 15:52:19 -07:00
memory-hotplug.txt memory-hotplug: add automatic onlining policy for the newly added memory 2016-03-15 16:55:16 -07:00
men-chameleon-bus.txt
module-signing.txt modsign: Fix documentation on module signing enforcement parameter. 2016-03-12 01:48:11 -07:00
mono.txt
nommu-mmap.txt
ntb.txt
numastat.txt
oops-tracing.txt
padata.txt
parport-lowlevel.txt
parport.txt
percpu-rw-semaphore.txt
phy.txt
pi-futex.txt
pinctrl.txt
pnp.txt
preempt-locking.txt
printk-formats.txt mm, printk: introduce new format string for flags 2016-03-15 16:55:16 -07:00
pwm.txt
ramoops.txt
rbtree.txt
remoteproc.txt
rfkill.txt rfkill: Add documentation about LED triggers 2016-02-24 09:13:12 +01:00
robust-futex-ABI.txt
robust-futexes.txt
rpmsg.txt
rtc.txt rtc: implement a sysfs interface for clock offset 2016-03-14 17:08:16 +01:00
serial-console.txt
sgi-ioc4.txt
smsc_ece1099.txt
sparse.txt
stable_api_nonsense.txt
stable_kernel_rules.txt stable_kernel_rules.txt: Remove extra space after Cc: 2015-11-20 16:54:57 -07:00
static-keys.txt
svga.txt
sysfs-rules.txt
sysrq.txt
this_cpu_ops.txt
ubsan.txt UBSAN: run-time undefined behavior sanity checker 2016-01-20 17:09:18 -08:00
unaligned-memory-access.txt
unicode.txt
unshare.txt
vfio.txt
vgaarbiter.txt
video-output.txt
vme_api.txt
volatile-considered-harmful.txt
workqueue.txt
xillybus.txt
xz.txt
zorro.txt