[PATCH v9 00/10] bpf: Add kfuncs for PKCS#7 signature verification

patchwork-bot+netdevbpf at kernel.org patchwork-bot+netdevbpf at kernel.org
Tue Aug 9 16:20:14 UTC 2022


Hello:

This series was applied to bpf/bpf-next.git (master)
by Alexei Starovoitov <ast at kernel.org>:

On Tue, 9 Aug 2022 15:45:53 +0200 you wrote:
> One of the desirable features in security is the ability to restrict import
> of data to a given system based on data authenticity. If data import can be
> restricted, it would be possible to enforce a system-wide policy based on
> the signing keys the system owner trusts.
> 
> This feature is widely used in the kernel. For example, if the restriction
> is enabled, kernel modules can be plugged in only if they are signed with a
> key whose public part is in the primary or secondary keyring.
> 
> [...]

Here is the summary with links:
  - [v9,01/10] btf: Add a new kfunc flag which allows to mark a function to be sleepable
    https://git.kernel.org/bpf/bpf-next/c/fa96b24204af
  - [v9,02/10] bpf: Allow kfuncs to be used in LSM programs
    (no matching commit)
  - [v9,03/10] btf: Handle dynamic pointer parameter in kfuncs
    (no matching commit)
  - [v9,04/10] bpf: Export bpf_dynptr_get_size()
    (no matching commit)
  - [v9,05/10] KEYS: Move KEY_LOOKUP_ to include/linux/key.h
    (no matching commit)
  - [v9,06/10] bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs
    (no matching commit)
  - [v9,07/10] bpf: Add bpf_verify_pkcs7_signature() kfunc
    (no matching commit)
  - [v9,08/10] selftests/bpf: Add verifier tests for bpf_lookup_*_key() and bpf_key_put()
    (no matching commit)
  - [v9,09/10] selftests/bpf: Add additional tests for bpf_lookup_*_key()
    (no matching commit)
  - [v9,10/10] selftests/bpf: Add test for bpf_verify_pkcs7_signature() kfunc
    (no matching commit)

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html




More information about the Linux-security-module-archive mailing list