[RFC][PATCH 0/6] KEYS: Fixes
David Howells
dhowells at redhat.com
Thu Feb 22 16:17:54 UTC 2018
Hi James,
Here's a collection of fixes for Linux keyrings, mostly thanks to Eric
Biggers, if you could pass them along to Linus. They include:
(1) Fix some PKCS#7 verification issues.
(2) Fix handling of unsupported crypto in X.509.
(3) Fix too-large allocation in big_key.
The patches can be found here also:
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/tag/?h=keys-fixes-20180222
And also on the keys-fixes branch.
David
---
David Howells (1):
KEYS: Use individual pages in big_key for crypto buffers
Eric Biggers (5):
PKCS#7: fix certificate chain verification
PKCS#7: fix certificate blacklisting
PKCS#7: fix direct verification of SignerInfo signature
X.509: fix BUG_ON() when hash algorithm is unsupported
X.509: fix NULL dereference when restricting key with unsupported_sig
crypto/asymmetric_keys/pkcs7_trust.c | 1
crypto/asymmetric_keys/pkcs7_verify.c | 12 ++--
crypto/asymmetric_keys/public_key.c | 4 +
crypto/asymmetric_keys/restrict.c | 21 ++++--
security/keys/big_key.c | 110 ++++++++++++++++++++++++++-------
5 files changed, 111 insertions(+), 37 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list