From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5] helo=mx0a-001b2d01.pphosted.com) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1gkH2K-00075h-WE for kexec@lists.infradead.org; Thu, 17 Jan 2019 23:25:26 +0000 Received: from pps.filterd (m0098414.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id x0HNJKLE130135 for ; Thu, 17 Jan 2019 18:25:23 -0500 Received: from e06smtp04.uk.ibm.com (e06smtp04.uk.ibm.com [195.75.94.100]) by mx0b-001b2d01.pphosted.com with ESMTP id 2q30h45ywb-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 17 Jan 2019 18:25:23 -0500 Received: from localhost by e06smtp04.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 17 Jan 2019 23:25:21 -0000 Subject: Re: [PATCH v3 2/2] kexec, KEYS: Make use of platform keyring for signature verify From: Mimi Zohar Date: Thu, 17 Jan 2019 18:25:01 -0500 In-Reply-To: <20190116101654.7288-3-kasong@redhat.com> References: <20190116101654.7288-1-kasong@redhat.com> <20190116101654.7288-3-kasong@redhat.com> Mime-Version: 1.0 Message-Id: <1547767501.3931.60.camel@linux.ibm.com> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: "kexec" Errors-To: kexec-bounces+dwmw2=infradead.org@lists.infradead.org To: Kairui Song , linux-kernel@vger.kernel.org Cc: jwboyer@fedoraproject.org, ebiggers@google.com, dyoung@redhat.com, nayna@linux.ibm.com, kexec@lists.infradead.org, jmorris@namei.org, dhowells@redhat.com, keyrings@vger.kernel.org, linux-integrity@vger.kernel.org, dwmw2@infradead.org, bauerman@linux.ibm.com, serge@hallyn.com T24gV2VkLCAyMDE5LTAxLTE2IGF0IDE4OjE2ICswODAwLCBLYWlydWkgU29uZyB3cm90ZToKPiBX aXRoIEtFWEVDX0JaSU1BR0VfVkVSSUZZX1NJRyBlbmFibGVkLCBrZXhlY19maWxlX2xvYWQgd2ls bCBuZWVkIHRvCj4gdmVyaWZ5IHRoZSBrZXJuZWwgaW1hZ2UuIAoKVGhlIGtleGVjX2ZpbGVfbG9h ZCBzeXNjYWxsIGNhbiB2ZXJpZnkgdGhlIFBFIHNpZ25lZCBrZXJuZWwgaW1hZ2UKc2lnbmF0dXJl LCB0aGUga2VybmVsIGltYWdlIHNpZ25hdHVyZSBzdG9yZWQgYXMgYW4geGF0dHIsIG9yIGJvdGgu CgpBbnlvbmUgYm9vdGluZyB0aGUgc3lzdGVtIHdpdGggdGhlICJhcHByYWlzZV90Y2IiIHBvbGlj eSBvciB3aXRoIGEKc2ltaWxhciBhcHByYWlzZSBwb2xpY3kgcnVsZSwgd2FudGluZyB0byBvbmx5 IHZlcmlmeWluZyB0aGUgUEUgc2lnbmVkCmtlcm5lbCBpbWFnZSwgd2lsbCBuZWVkIHRvIGluY2x1 ZGUgYSAiZG9udF9hcHByYWlzZQpmdW5jPUtFWEVDX0tFUk5FTF9DSEVDSyIgcnVsZSBpbiB0aGVp ciBjdXN0b20gcG9saWN5LgoKPiBUaGUgaW1hZ2UgbWlnaHQgYmUgc2lnbmVkIHdpdGggdGhpcmQg cGFydCBrZXlzLAo+IGFuZCB0aGUga2V5cyBjb3VsZCBiZSBzdG9yZWQgaW4gZmlybXdhcmUsIHRo ZW4gZ290IGxvYWRlZCBpbnRvIHRoZQo+IC5wbGF0Zm9ybSBrZXlyaW5nLiBOb3cgd2UgaGF2ZSBh IHN5bWJvbCAucGxhdGZvcm1fdHJ1c3RlZF9rZXlyaW5nIGFzIHRoZQo+IHJlZmVyZW5jZSB0byAu cGxhdGZvcm0ga2V5cmluZywgdGhpcyBwYXRjaCBtYWtlcyB1c2UgaWYgaXQgYW5kIGFsbG93Cj4g a2V4ZWNfZmlsZV9sb2FkIHRvIHZlcmlmeSB0aGUgaW1hZ2UgYWdhaW5zdCBrZXlzIGluIC5wbGF0 Zm9ybSBrZXlyaW5nLgoKVGhlcmUncyBubyBuZWVkIHRvIGludHJvZHVjZSB0aGUgY29uY2VwdCBv ZiAidGhpcmQgcGFydHkiIG9yICJmaXJtd2FyZQprZXlzIiBoZXJlLiDCoFJlZmVycmluZyB0byB0 aGVtIGFzIHRoZSAicHJlYm9vdCIga2V5cywgY2FuIHNpbXBsaWZ5IHRoZQphYm92ZSBwYXJhZ3Jh cGguCgo+IAo+IFRoaXMgY29tbWl0IGFkZHMgYSBWRVJJRllfVVNFX1BMQVRGT1JNX0tFWVJJTkcg c2ltaWxhciB0byBwcmV2aW91cwo+IFZFUklGWV9VU0VfU0VDT05EQVJZX0tFWVJJTkcgaW5kaWNh dGluZyB0aGF0IHZlcmlmeV9wa2NzN19zaWduYXR1cmUKPiBzaG91bGQgdmVyaWZ5IHRoZSBzaWdu YXR1cmUgdXNpbmcgcGxhdGZvcm0ga2V5cmluZy4gQWxzbywgZGVjcmVhc2UKPiB0aGUgZXJyb3Ig bWVzc2FnZSBsb2cgbGV2ZWwgd2hlbiB2ZXJpZmljYXRpb24gZmFpbGVkIHdpdGggLUVOT0tFWSwK PiBzbyB0aGF0IGlmIGNhbGxlZCB0cmllZCBtdWx0aXBsZSB0aW1lIHdpdGggZGlmZmVyZW50IGtl eXJpbmcgaXQKPiB3b24ndCBnZW5lcmF0ZSBleHRyYSBub2lzZXMuCj4gCj4gU2lnbmVkLW9mZi1i eTogS2FpcnVpIFNvbmcgPGthc29uZ0ByZWRoYXQuY29tPgoKUmV2aWV3ZWQvVGVzdGVkLWJ5OiBN aW1pIFpvaGFyIDx6b2hhckBsaW51eC5pYm0uY29tPgoKPiAtLS0KPiAgYXJjaC94ODYva2VybmVs L2tleGVjLWJ6aW1hZ2U2NC5jIHwgMTMgKysrKysrKysrKy0tLQo+ICBjZXJ0cy9zeXN0ZW1fa2V5 cmluZy5jICAgICAgICAgICAgfCAxMyArKysrKysrKysrKystCj4gIGluY2x1ZGUvbGludXgvdmVy aWZpY2F0aW9uLmggICAgICB8ICAxICsKPiAgMyBmaWxlcyBjaGFuZ2VkLCAyMyBpbnNlcnRpb25z KCspLCA0IGRlbGV0aW9ucygtKQo+IAo+IGRpZmYgLS1naXQgYS9hcmNoL3g4Ni9rZXJuZWwva2V4 ZWMtYnppbWFnZTY0LmMgYi9hcmNoL3g4Ni9rZXJuZWwva2V4ZWMtYnppbWFnZTY0LmMKPiBpbmRl eCA3ZDk3ZTQzMmNiYmMuLjJjMDA3YWJkM2Q0MCAxMDA2NDQKPiAtLS0gYS9hcmNoL3g4Ni9rZXJu ZWwva2V4ZWMtYnppbWFnZTY0LmMKPiArKysgYi9hcmNoL3g4Ni9rZXJuZWwva2V4ZWMtYnppbWFn ZTY0LmMKPiBAQCAtNTM0LDkgKzUzNCwxNiBAQCBzdGF0aWMgaW50IGJ6SW1hZ2U2NF9jbGVhbnVw KHZvaWQgKmxvYWRlcl9kYXRhKQo+ICAjaWZkZWYgQ09ORklHX0tFWEVDX0JaSU1BR0VfVkVSSUZZ X1NJRwo+ICBzdGF0aWMgaW50IGJ6SW1hZ2U2NF92ZXJpZnlfc2lnKGNvbnN0IGNoYXIgKmtlcm5l bCwgdW5zaWduZWQgbG9uZyBrZXJuZWxfbGVuKQo+ICB7Cj4gLQlyZXR1cm4gdmVyaWZ5X3BlZmls ZV9zaWduYXR1cmUoa2VybmVsLCBrZXJuZWxfbGVuLAo+IC0JCQkJICAgICAgIFZFUklGWV9VU0Vf U0VDT05EQVJZX0tFWVJJTkcsCj4gLQkJCQkgICAgICAgVkVSSUZZSU5HX0tFWEVDX1BFX1NJR05B VFVSRSk7Cj4gKwlpbnQgcmV0Owo+ICsJcmV0ID0gdmVyaWZ5X3BlZmlsZV9zaWduYXR1cmUoa2Vy bmVsLCBrZXJuZWxfbGVuLAo+ICsJCQkJICAgICAgVkVSSUZZX1VTRV9TRUNPTkRBUllfS0VZUklO RywKPiArCQkJCSAgICAgIFZFUklGWUlOR19LRVhFQ19QRV9TSUdOQVRVUkUpOwo+ICsJaWYgKHJl dCA9PSAtRU5PS0VZICYmIElTX0VOQUJMRUQoQ09ORklHX0lOVEVHUklUWV9QTEFURk9STV9LRVlS SU5HKSkgewo+ICsJCXJldCA9IHZlcmlmeV9wZWZpbGVfc2lnbmF0dXJlKGtlcm5lbCwga2VybmVs X2xlbiwKPiArCQkJCQkgICAgICBWRVJJRllfVVNFX1BMQVRGT1JNX0tFWVJJTkcsCj4gKwkJCQkJ ICAgICAgVkVSSUZZSU5HX0tFWEVDX1BFX1NJR05BVFVSRSk7Cj4gKwl9Cj4gKwlyZXR1cm4gcmV0 Owo+ICB9Cj4gICNlbmRpZgo+ICAKPiBkaWZmIC0tZ2l0IGEvY2VydHMvc3lzdGVtX2tleXJpbmcu YyBiL2NlcnRzL3N5c3RlbV9rZXlyaW5nLmMKPiBpbmRleCA0NjkwZWY5Y2RhOGEuLjcwODVjMjg2 ZjRiZCAxMDA2NDQKPiAtLS0gYS9jZXJ0cy9zeXN0ZW1fa2V5cmluZy5jCj4gKysrIGIvY2VydHMv c3lzdGVtX2tleXJpbmcuYwo+IEBAIC0yNDAsMTEgKzI0MCwyMiBAQCBpbnQgdmVyaWZ5X3BrY3M3 X3NpZ25hdHVyZShjb25zdCB2b2lkICpkYXRhLCBzaXplX3QgbGVuLAo+ICAjZWxzZQo+ICAJCXRy dXN0ZWRfa2V5cyA9IGJ1aWx0aW5fdHJ1c3RlZF9rZXlzOwo+ICAjZW5kaWYKPiArCX0gZWxzZSBp ZiAodHJ1c3RlZF9rZXlzID09IFZFUklGWV9VU0VfUExBVEZPUk1fS0VZUklORykgewo+ICsjaWZk ZWYgQ09ORklHX0lOVEVHUklUWV9QTEFURk9STV9LRVlSSU5HCj4gKwkJdHJ1c3RlZF9rZXlzID0g cGxhdGZvcm1fdHJ1c3RlZF9rZXlzOwo+ICsjZWxzZQo+ICsJCXRydXN0ZWRfa2V5cyA9IE5VTEw7 Cj4gKyNlbmRpZgo+ICsJCWlmICghdHJ1c3RlZF9rZXlzKSB7Cj4gKwkJCXJldCA9IC1FTk9LRVk7 Cj4gKwkJCXByX2RldmVsKCJQS0NTIzcgcGxhdGZvcm0ga2V5cmluZyBpcyBub3QgYXZhaWxhYmxl XG4iKTsKPiArCQkJZ290byBlcnJvcjsKPiArCQl9Cj4gIAl9Cj4gIAlyZXQgPSBwa2NzN192YWxp ZGF0ZV90cnVzdChwa2NzNywgdHJ1c3RlZF9rZXlzKTsKPiAgCWlmIChyZXQgPCAwKSB7Cj4gIAkJ aWYgKHJldCA9PSAtRU5PS0VZKQo+IC0JCQlwcl9lcnIoIlBLQ1MjNyBzaWduYXR1cmUgbm90IHNp Z25lZCB3aXRoIGEgdHJ1c3RlZCBrZXlcbiIpOwo+ICsJCQlwcl9kZXZlbCgiUEtDUyM3IHNpZ25h dHVyZSBub3Qgc2lnbmVkIHdpdGggYSB0cnVzdGVkIGtleVxuIik7Cj4gIAkJZ290byBlcnJvcjsK PiAgCX0KPiAgCj4gZGlmZiAtLWdpdCBhL2luY2x1ZGUvbGludXgvdmVyaWZpY2F0aW9uLmggYi9p bmNsdWRlL2xpbnV4L3ZlcmlmaWNhdGlvbi5oCj4gaW5kZXggY2ZhNDczMGQ2MDdhLi4wMThmYjVm MTNkNDQgMTAwNjQ0Cj4gLS0tIGEvaW5jbHVkZS9saW51eC92ZXJpZmljYXRpb24uaAo+ICsrKyBi L2luY2x1ZGUvbGludXgvdmVyaWZpY2F0aW9uLmgKPiBAQCAtMTcsNiArMTcsNyBAQAo+ICAgKiBz aG91bGQgYmUgdXNlZC4KPiAgICovCj4gICNkZWZpbmUgVkVSSUZZX1VTRV9TRUNPTkRBUllfS0VZ UklORyAoKHN0cnVjdCBrZXkgKikxVUwpCj4gKyNkZWZpbmUgVkVSSUZZX1VTRV9QTEFURk9STV9L RVlSSU5HICAoKHN0cnVjdCBrZXkgKikyVUwpCj4gIAo+ICAvKgo+ICAgKiBUaGUgdXNlIHRvIHdo aWNoIGFuIGFzeW1tZXRyaWMga2V5IGlzIGJlaW5nIHB1dC4KCgpfX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fXwprZXhlYyBtYWlsaW5nIGxpc3QKa2V4ZWNAbGlz dHMuaW5mcmFkZWFkLm9yZwpodHRwOi8vbGlzdHMuaW5mcmFkZWFkLm9yZy9tYWlsbWFuL2xpc3Rp bmZvL2tleGVjCg== From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mimi Zohar Date: Thu, 17 Jan 2019 23:25:01 +0000 Subject: Re: [PATCH v3 2/2] kexec, KEYS: Make use of platform keyring for signature verify Message-Id: <1547767501.3931.60.camel@linux.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="ibm852" Content-Transfer-Encoding: base64 List-Id: References: <20190116101654.7288-1-kasong@redhat.com> <20190116101654.7288-3-kasong@redhat.com> In-Reply-To: <20190116101654.7288-3-kasong@redhat.com> To: Kairui Song , linux-kernel@vger.kernel.org Cc: dhowells@redhat.com, dwmw2@infradead.org, jwboyer@fedoraproject.org, keyrings@vger.kernel.org, jmorris@namei.org, serge@hallyn.com, bauerman@linux.ibm.com, ebiggers@google.com, nayna@linux.ibm.com, dyoung@redhat.com, linux-integrity@vger.kernel.org, kexec@lists.infradead.org T24gV2VkLCAyMDE5LTAxLTE2IGF0IDE4OjE2ICswODAwLCBLYWlydWkgU29uZyB3cm90ZToKPiBX aXRoIEtFWEVDX0JaSU1BR0VfVkVSSUZZX1NJRyBlbmFibGVkLCBrZXhlY19maWxlX2xvYWQgd2ls bCBuZWVkIHRvCj4gdmVyaWZ5IHRoZSBrZXJuZWwgaW1hZ2UuIAoKVGhlIGtleGVjX2ZpbGVfbG9h ZCBzeXNjYWxsIGNhbiB2ZXJpZnkgdGhlIFBFIHNpZ25lZCBrZXJuZWwgaW1hZ2UKc2lnbmF0dXJl LCB0aGUga2VybmVsIGltYWdlIHNpZ25hdHVyZSBzdG9yZWQgYXMgYW4geGF0dHIsIG9yIGJvdGgu CgpBbnlvbmUgYm9vdGluZyB0aGUgc3lzdGVtIHdpdGggdGhlICJhcHByYWlzZV90Y2IiIHBvbGlj eSBvciB3aXRoIGEKc2ltaWxhciBhcHByYWlzZSBwb2xpY3kgcnVsZSwgd2FudGluZyB0byBvbmx5 IHZlcmlmeWluZyB0aGUgUEUgc2lnbmVkCmtlcm5lbCBpbWFnZSwgd2lsbCBuZWVkIHRvIGluY2x1 ZGUgYSAiZG9udF9hcHByYWlzZQpmdW5jPUtFWEVDX0tFUk5FTF9DSEVDSyIgcnVsZSBpbiB0aGVp ciBjdXN0b20gcG9saWN5LgoKPiBUaGUgaW1hZ2UgbWlnaHQgYmUgc2lnbmVkIHdpdGggdGhpcmQg cGFydCBrZXlzLAo+IGFuZCB0aGUga2V5cyBjb3VsZCBiZSBzdG9yZWQgaW4gZmlybXdhcmUsIHRo ZW4gZ290IGxvYWRlZCBpbnRvIHRoZQo+IC5wbGF0Zm9ybSBrZXlyaW5nLiBOb3cgd2UgaGF2ZSBh IHN5bWJvbCAucGxhdGZvcm1fdHJ1c3RlZF9rZXlyaW5nIGFzIHRoZQo+IHJlZmVyZW5jZSB0byAu cGxhdGZvcm0ga2V5cmluZywgdGhpcyBwYXRjaCBtYWtlcyB1c2UgaWYgaXQgYW5kIGFsbG93Cj4g a2V4ZWNfZmlsZV9sb2FkIHRvIHZlcmlmeSB0aGUgaW1hZ2UgYWdhaW5zdCBrZXlzIGluIC5wbGF0 Zm9ybSBrZXlyaW5nLgoKVGhlcmUncyBubyBuZWVkIHRvIGludHJvZHVjZSB0aGUgY29uY2VwdCBv ZiAidGhpcmQgcGFydHkiIG9yICJmaXJtd2FyZQprZXlzIiBoZXJlLiDCoFJlZmVycmluZyB0byB0 aGVtIGFzIHRoZSAicHJlYm9vdCIga2V5cywgY2FuIHNpbXBsaWZ5IHRoZQphYm92ZSBwYXJhZ3Jh cGguCgo+IAo+IFRoaXMgY29tbWl0IGFkZHMgYSBWRVJJRllfVVNFX1BMQVRGT1JNX0tFWVJJTkcg c2ltaWxhciB0byBwcmV2aW91cwo+IFZFUklGWV9VU0VfU0VDT05EQVJZX0tFWVJJTkcgaW5kaWNh dGluZyB0aGF0IHZlcmlmeV9wa2NzN19zaWduYXR1cmUKPiBzaG91bGQgdmVyaWZ5IHRoZSBzaWdu YXR1cmUgdXNpbmcgcGxhdGZvcm0ga2V5cmluZy4gQWxzbywgZGVjcmVhc2UKPiB0aGUgZXJyb3Ig bWVzc2FnZSBsb2cgbGV2ZWwgd2hlbiB2ZXJpZmljYXRpb24gZmFpbGVkIHdpdGggLUVOT0tFWSwK PiBzbyB0aGF0IGlmIGNhbGxlZCB0cmllZCBtdWx0aXBsZSB0aW1lIHdpdGggZGlmZmVyZW50IGtl eXJpbmcgaXQKPiB3b24ndCBnZW5lcmF0ZSBleHRyYSBub2lzZXMuCj4gCj4gU2lnbmVkLW9mZi1i eTogS2FpcnVpIFNvbmcgPGthc29uZ0ByZWRoYXQuY29tPgoKUmV2aWV3ZWQvVGVzdGVkLWJ5OiBN aW1pIFpvaGFyIDx6b2hhckBsaW51eC5pYm0uY29tPgoKPiAtLS0KPiAgYXJjaC94ODYva2VybmVs L2tleGVjLWJ6aW1hZ2U2NC5jIHwgMTMgKysrKysrKysrKy0tLQo+ICBjZXJ0cy9zeXN0ZW1fa2V5 cmluZy5jICAgICAgICAgICAgfCAxMyArKysrKysrKysrKystCj4gIGluY2x1ZGUvbGludXgvdmVy aWZpY2F0aW9uLmggICAgICB8ICAxICsKPiAgMyBmaWxlcyBjaGFuZ2VkLCAyMyBpbnNlcnRpb25z KCspLCA0IGRlbGV0aW9ucygtKQo+IAo+IGRpZmYgLS1naXQgYS9hcmNoL3g4Ni9rZXJuZWwva2V4 ZWMtYnppbWFnZTY0LmMgYi9hcmNoL3g4Ni9rZXJuZWwva2V4ZWMtYnppbWFnZTY0LmMKPiBpbmRl eCA3ZDk3ZTQzMmNiYmMuLjJjMDA3YWJkM2Q0MCAxMDA2NDQKPiAtLS0gYS9hcmNoL3g4Ni9rZXJu ZWwva2V4ZWMtYnppbWFnZTY0LmMKPiArKysgYi9hcmNoL3g4Ni9rZXJuZWwva2V4ZWMtYnppbWFn ZTY0LmMKPiBAQCAtNTM0LDkgKzUzNCwxNiBAQCBzdGF0aWMgaW50IGJ6SW1hZ2U2NF9jbGVhbnVw KHZvaWQgKmxvYWRlcl9kYXRhKQo+ICAjaWZkZWYgQ09ORklHX0tFWEVDX0JaSU1BR0VfVkVSSUZZ X1NJRwo+ICBzdGF0aWMgaW50IGJ6SW1hZ2U2NF92ZXJpZnlfc2lnKGNvbnN0IGNoYXIgKmtlcm5l bCwgdW5zaWduZWQgbG9uZyBrZXJuZWxfbGVuKQo+ICB7Cj4gLQlyZXR1cm4gdmVyaWZ5X3BlZmls ZV9zaWduYXR1cmUoa2VybmVsLCBrZXJuZWxfbGVuLAo+IC0JCQkJICAgICAgIFZFUklGWV9VU0Vf U0VDT05EQVJZX0tFWVJJTkcsCj4gLQkJCQkgICAgICAgVkVSSUZZSU5HX0tFWEVDX1BFX1NJR05B VFVSRSk7Cj4gKwlpbnQgcmV0Owo+ICsJcmV0ID0gdmVyaWZ5X3BlZmlsZV9zaWduYXR1cmUoa2Vy bmVsLCBrZXJuZWxfbGVuLAo+ICsJCQkJICAgICAgVkVSSUZZX1VTRV9TRUNPTkRBUllfS0VZUklO RywKPiArCQkJCSAgICAgIFZFUklGWUlOR19LRVhFQ19QRV9TSUdOQVRVUkUpOwo+ICsJaWYgKHJl dCA9IC1FTk9LRVkgJiYgSVNfRU5BQkxFRChDT05GSUdfSU5URUdSSVRZX1BMQVRGT1JNX0tFWVJJ TkcpKSB7Cj4gKwkJcmV0ID0gdmVyaWZ5X3BlZmlsZV9zaWduYXR1cmUoa2VybmVsLCBrZXJuZWxf bGVuLAo+ICsJCQkJCSAgICAgIFZFUklGWV9VU0VfUExBVEZPUk1fS0VZUklORywKPiArCQkJCQkg ICAgICBWRVJJRllJTkdfS0VYRUNfUEVfU0lHTkFUVVJFKTsKPiArCX0KPiArCXJldHVybiByZXQ7 Cj4gIH0KPiAgI2VuZGlmCj4gIAo+IGRpZmYgLS1naXQgYS9jZXJ0cy9zeXN0ZW1fa2V5cmluZy5j IGIvY2VydHMvc3lzdGVtX2tleXJpbmcuYwo+IGluZGV4IDQ2OTBlZjljZGE4YS4uNzA4NWMyODZm NGJkIDEwMDY0NAo+IC0tLSBhL2NlcnRzL3N5c3RlbV9rZXlyaW5nLmMKPiArKysgYi9jZXJ0cy9z eXN0ZW1fa2V5cmluZy5jCj4gQEAgLTI0MCwxMSArMjQwLDIyIEBAIGludCB2ZXJpZnlfcGtjczdf c2lnbmF0dXJlKGNvbnN0IHZvaWQgKmRhdGEsIHNpemVfdCBsZW4sCj4gICNlbHNlCj4gIAkJdHJ1 c3RlZF9rZXlzID0gYnVpbHRpbl90cnVzdGVkX2tleXM7Cj4gICNlbmRpZgo+ICsJfSBlbHNlIGlm ICh0cnVzdGVkX2tleXMgPSBWRVJJRllfVVNFX1BMQVRGT1JNX0tFWVJJTkcpIHsKPiArI2lmZGVm IENPTkZJR19JTlRFR1JJVFlfUExBVEZPUk1fS0VZUklORwo+ICsJCXRydXN0ZWRfa2V5cyA9IHBs YXRmb3JtX3RydXN0ZWRfa2V5czsKPiArI2Vsc2UKPiArCQl0cnVzdGVkX2tleXMgPSBOVUxMOwo+ ICsjZW5kaWYKPiArCQlpZiAoIXRydXN0ZWRfa2V5cykgewo+ICsJCQlyZXQgPSAtRU5PS0VZOwo+ ICsJCQlwcl9kZXZlbCgiUEtDUyM3IHBsYXRmb3JtIGtleXJpbmcgaXMgbm90IGF2YWlsYWJsZVxu Iik7Cj4gKwkJCWdvdG8gZXJyb3I7Cj4gKwkJfQo+ICAJfQo+ICAJcmV0ID0gcGtjczdfdmFsaWRh dGVfdHJ1c3QocGtjczcsIHRydXN0ZWRfa2V5cyk7Cj4gIAlpZiAocmV0IDwgMCkgewo+ICAJCWlm IChyZXQgPSAtRU5PS0VZKQo+IC0JCQlwcl9lcnIoIlBLQ1MjNyBzaWduYXR1cmUgbm90IHNpZ25l ZCB3aXRoIGEgdHJ1c3RlZCBrZXlcbiIpOwo+ICsJCQlwcl9kZXZlbCgiUEtDUyM3IHNpZ25hdHVy ZSBub3Qgc2lnbmVkIHdpdGggYSB0cnVzdGVkIGtleVxuIik7Cj4gIAkJZ290byBlcnJvcjsKPiAg CX0KPiAgCj4gZGlmZiAtLWdpdCBhL2luY2x1ZGUvbGludXgvdmVyaWZpY2F0aW9uLmggYi9pbmNs dWRlL2xpbnV4L3ZlcmlmaWNhdGlvbi5oCj4gaW5kZXggY2ZhNDczMGQ2MDdhLi4wMThmYjVmMTNk NDQgMTAwNjQ0Cj4gLS0tIGEvaW5jbHVkZS9saW51eC92ZXJpZmljYXRpb24uaAo+ICsrKyBiL2lu Y2x1ZGUvbGludXgvdmVyaWZpY2F0aW9uLmgKPiBAQCAtMTcsNiArMTcsNyBAQAo+ICAgKiBzaG91 bGQgYmUgdXNlZC4KPiAgICovCj4gICNkZWZpbmUgVkVSSUZZX1VTRV9TRUNPTkRBUllfS0VZUklO RyAoKHN0cnVjdCBrZXkgKikxVUwpCj4gKyNkZWZpbmUgVkVSSUZZX1VTRV9QTEFURk9STV9LRVlS SU5HICAoKHN0cnVjdCBrZXkgKikyVUwpCj4gIAo+ICAvKgo+ICAgKiBUaGUgdXNlIHRvIHdoaWNo IGFuIGFzeW1tZXRyaWMga2V5IGlzIGJlaW5nIHB1dC4K From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.0 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BE7A4C43387 for ; Thu, 17 Jan 2019 23:25:30 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 8E7C620859 for ; Thu, 17 Jan 2019 23:25:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727001AbfAQXZ3 (ORCPT ); Thu, 17 Jan 2019 18:25:29 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:43886 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726968AbfAQXZZ (ORCPT ); Thu, 17 Jan 2019 18:25:25 -0500 Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id x0HNJKpP032159 for ; Thu, 17 Jan 2019 18:25:24 -0500 Received: from e06smtp04.uk.ibm.com (e06smtp04.uk.ibm.com [195.75.94.100]) by mx0a-001b2d01.pphosted.com with ESMTP id 2q32jtsfdj-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 17 Jan 2019 18:25:23 -0500 Received: from localhost by e06smtp04.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 17 Jan 2019 23:25:21 -0000 Received: from b06cxnps4074.portsmouth.uk.ibm.com (9.149.109.196) by e06smtp04.uk.ibm.com (192.168.101.134) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Thu, 17 Jan 2019 23:25:15 -0000 Received: from d06av24.portsmouth.uk.ibm.com (mk.ibm.com [9.149.105.60]) by b06cxnps4074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x0HNPEjE35651746 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Thu, 17 Jan 2019 23:25:14 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4392A42045; Thu, 17 Jan 2019 23:25:14 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A4C9F42041; Thu, 17 Jan 2019 23:25:12 +0000 (GMT) Received: from localhost.localdomain (unknown [9.80.91.54]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Thu, 17 Jan 2019 23:25:12 +0000 (GMT) Subject: Re: [PATCH v3 2/2] kexec, KEYS: Make use of platform keyring for signature verify From: Mimi Zohar To: Kairui Song , linux-kernel@vger.kernel.org Cc: dhowells@redhat.com, dwmw2@infradead.org, jwboyer@fedoraproject.org, keyrings@vger.kernel.org, jmorris@namei.org, serge@hallyn.com, bauerman@linux.ibm.com, ebiggers@google.com, nayna@linux.ibm.com, dyoung@redhat.com, linux-integrity@vger.kernel.org, kexec@lists.infradead.org Date: Thu, 17 Jan 2019 18:25:01 -0500 In-Reply-To: <20190116101654.7288-3-kasong@redhat.com> References: <20190116101654.7288-1-kasong@redhat.com> <20190116101654.7288-3-kasong@redhat.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 x-cbid: 19011723-0016-0000-0000-00000246F2F8 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19011723-0017-0000-0000-000032A118F5 Message-Id: <1547767501.3931.60.camel@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-01-17_09:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1901170162 Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org On Wed, 2019-01-16 at 18:16 +0800, Kairui Song wrote: > With KEXEC_BZIMAGE_VERIFY_SIG enabled, kexec_file_load will need to > verify the kernel image. The kexec_file_load syscall can verify the PE signed kernel image signature, the kernel image signature stored as an xattr, or both. Anyone booting the system with the "appraise_tcb" policy or with a similar appraise policy rule, wanting to only verifying the PE signed kernel image, will need to include a "dont_appraise func=KEXEC_KERNEL_CHECK" rule in their custom policy. > The image might be signed with third part keys, > and the keys could be stored in firmware, then got loaded into the > .platform keyring. Now we have a symbol .platform_trusted_keyring as the > reference to .platform keyring, this patch makes use if it and allow > kexec_file_load to verify the image against keys in .platform keyring. There's no need to introduce the concept of "third party" or "firmware keys" here.  Referring to them as the "preboot" keys, can simplify the above paragraph. > > This commit adds a VERIFY_USE_PLATFORM_KEYRING similar to previous > VERIFY_USE_SECONDARY_KEYRING indicating that verify_pkcs7_signature > should verify the signature using platform keyring. Also, decrease > the error message log level when verification failed with -ENOKEY, > so that if called tried multiple time with different keyring it > won't generate extra noises. > > Signed-off-by: Kairui Song Reviewed/Tested-by: Mimi Zohar > --- > arch/x86/kernel/kexec-bzimage64.c | 13 ++++++++++--- > certs/system_keyring.c | 13 ++++++++++++- > include/linux/verification.h | 1 + > 3 files changed, 23 insertions(+), 4 deletions(-) > > diff --git a/arch/x86/kernel/kexec-bzimage64.c b/arch/x86/kernel/kexec-bzimage64.c > index 7d97e432cbbc..2c007abd3d40 100644 > --- a/arch/x86/kernel/kexec-bzimage64.c > +++ b/arch/x86/kernel/kexec-bzimage64.c > @@ -534,9 +534,16 @@ static int bzImage64_cleanup(void *loader_data) > #ifdef CONFIG_KEXEC_BZIMAGE_VERIFY_SIG > static int bzImage64_verify_sig(const char *kernel, unsigned long kernel_len) > { > - return verify_pefile_signature(kernel, kernel_len, > - VERIFY_USE_SECONDARY_KEYRING, > - VERIFYING_KEXEC_PE_SIGNATURE); > + int ret; > + ret = verify_pefile_signature(kernel, kernel_len, > + VERIFY_USE_SECONDARY_KEYRING, > + VERIFYING_KEXEC_PE_SIGNATURE); > + if (ret == -ENOKEY && IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING)) { > + ret = verify_pefile_signature(kernel, kernel_len, > + VERIFY_USE_PLATFORM_KEYRING, > + VERIFYING_KEXEC_PE_SIGNATURE); > + } > + return ret; > } > #endif > > diff --git a/certs/system_keyring.c b/certs/system_keyring.c > index 4690ef9cda8a..7085c286f4bd 100644 > --- a/certs/system_keyring.c > +++ b/certs/system_keyring.c > @@ -240,11 +240,22 @@ int verify_pkcs7_signature(const void *data, size_t len, > #else > trusted_keys = builtin_trusted_keys; > #endif > + } else if (trusted_keys == VERIFY_USE_PLATFORM_KEYRING) { > +#ifdef CONFIG_INTEGRITY_PLATFORM_KEYRING > + trusted_keys = platform_trusted_keys; > +#else > + trusted_keys = NULL; > +#endif > + if (!trusted_keys) { > + ret = -ENOKEY; > + pr_devel("PKCS#7 platform keyring is not available\n"); > + goto error; > + } > } > ret = pkcs7_validate_trust(pkcs7, trusted_keys); > if (ret < 0) { > if (ret == -ENOKEY) > - pr_err("PKCS#7 signature not signed with a trusted key\n"); > + pr_devel("PKCS#7 signature not signed with a trusted key\n"); > goto error; > } > > diff --git a/include/linux/verification.h b/include/linux/verification.h > index cfa4730d607a..018fb5f13d44 100644 > --- a/include/linux/verification.h > +++ b/include/linux/verification.h > @@ -17,6 +17,7 @@ > * should be used. > */ > #define VERIFY_USE_SECONDARY_KEYRING ((struct key *)1UL) > +#define VERIFY_USE_PLATFORM_KEYRING ((struct key *)2UL) > > /* > * The use to which an asymmetric key is being put.