[PATCH v13 00/10] Make keyring link restrictions accessible from userspace
David Howells
dhowells at redhat.com
Tue Apr 4 07:28:21 UTC 2017
Mat Martineau <mathew.j.martineau at linux.intel.com> wrote:
> Documentation/crypto/asymmetric-keys.txt | 51 +++++++++
> Documentation/security/keys.txt | 66 +++++++++---
> certs/system_keyring.c | 39 +++++--
> crypto/asymmetric_keys/asymmetric_type.c | 102 ++++++++++++++++--
> crypto/asymmetric_keys/restrict.c | 161 ++++++++++++++++++++++++++-
> include/crypto/public_key.h | 15 ++-
> include/keys/system_keyring.h | 6 +-
> include/linux/key-type.h | 8 ++
> include/linux/key.h | 34 +++---
> include/uapi/linux/keyctl.h | 1 +
> security/keys/compat.c | 4 +
> security/keys/gc.c | 11 ++
> security/keys/internal.h | 5 +
> security/keys/key.c | 46 ++++----
> security/keys/keyctl.c | 58 ++++++++++
> security/keys/keyring.c | 179 +++++++++++++++++++++++++++++--
This breaks the integrity code which also uses keyring restrictions:
../security/integrity/digsig.c:46:30: error: passing argument 7 of 'keyring_alloc' from incompatible pointer type [-Werror=incompatible-pointer-types]
../security/integrity/digsig.c:46:30: note: in definition of macro 'restrict_link_to_ima'
#define restrict_link_to_ima restrict_link_by_builtin_and_secondary_trusted
David
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list