From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5] helo=mx0a-001b2d01.pphosted.com) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1gkH2K-00075h-WE for kexec@lists.infradead.org; Thu, 17 Jan 2019 23:25:26 +0000 Received: from pps.filterd (m0098414.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id x0HNJKLE130135 for ; Thu, 17 Jan 2019 18:25:23 -0500 Received: from e06smtp04.uk.ibm.com (e06smtp04.uk.ibm.com [195.75.94.100]) by mx0b-001b2d01.pphosted.com with ESMTP id 2q30h45ywb-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 17 Jan 2019 18:25:23 -0500 Received: from localhost by e06smtp04.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 17 Jan 2019 23:25:21 -0000 Subject: Re: [PATCH v3 2/2] kexec, KEYS: Make use of platform keyring for signature verify From: Mimi Zohar Date: Thu, 17 Jan 2019 18:25:01 -0500 In-Reply-To: <20190116101654.7288-3-kasong@redhat.com> References: <20190116101654.7288-1-kasong@redhat.com> <20190116101654.7288-3-kasong@redhat.com> Mime-Version: 1.0 Message-Id: <1547767501.3931.60.camel@linux.ibm.com> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: "kexec" Errors-To: kexec-bounces+dwmw2=infradead.org@lists.infradead.org To: Kairui Song , linux-kernel@vger.kernel.org Cc: jwboyer@fedoraproject.org, ebiggers@google.com, dyoung@redhat.com, nayna@linux.ibm.com, kexec@lists.infradead.org, jmorris@namei.org, dhowells@redhat.com, keyrings@vger.kernel.org, linux-integrity@vger.kernel.org, dwmw2@infradead.org, bauerman@linux.ibm.com, serge@hallyn.com T24gV2VkLCAyMDE5LTAxLTE2IGF0IDE4OjE2ICswODAwLCBLYWlydWkgU29uZyB3cm90ZToKPiBX aXRoIEtFWEVDX0JaSU1BR0VfVkVSSUZZX1NJRyBlbmFibGVkLCBrZXhlY19maWxlX2xvYWQgd2ls bCBuZWVkIHRvCj4gdmVyaWZ5IHRoZSBrZXJuZWwgaW1hZ2UuIAoKVGhlIGtleGVjX2ZpbGVfbG9h ZCBzeXNjYWxsIGNhbiB2ZXJpZnkgdGhlIFBFIHNpZ25lZCBrZXJuZWwgaW1hZ2UKc2lnbmF0dXJl LCB0aGUga2VybmVsIGltYWdlIHNpZ25hdHVyZSBzdG9yZWQgYXMgYW4geGF0dHIsIG9yIGJvdGgu CgpBbnlvbmUgYm9vdGluZyB0aGUgc3lzdGVtIHdpdGggdGhlICJhcHByYWlzZV90Y2IiIHBvbGlj eSBvciB3aXRoIGEKc2ltaWxhciBhcHByYWlzZSBwb2xpY3kgcnVsZSwgd2FudGluZyB0byBvbmx5 IHZlcmlmeWluZyB0aGUgUEUgc2lnbmVkCmtlcm5lbCBpbWFnZSwgd2lsbCBuZWVkIHRvIGluY2x1 ZGUgYSAiZG9udF9hcHByYWlzZQpmdW5jPUtFWEVDX0tFUk5FTF9DSEVDSyIgcnVsZSBpbiB0aGVp ciBjdXN0b20gcG9saWN5LgoKPiBUaGUgaW1hZ2UgbWlnaHQgYmUgc2lnbmVkIHdpdGggdGhpcmQg cGFydCBrZXlzLAo+IGFuZCB0aGUga2V5cyBjb3VsZCBiZSBzdG9yZWQgaW4gZmlybXdhcmUsIHRo ZW4gZ290IGxvYWRlZCBpbnRvIHRoZQo+IC5wbGF0Zm9ybSBrZXlyaW5nLiBOb3cgd2UgaGF2ZSBh IHN5bWJvbCAucGxhdGZvcm1fdHJ1c3RlZF9rZXlyaW5nIGFzIHRoZQo+IHJlZmVyZW5jZSB0byAu cGxhdGZvcm0ga2V5cmluZywgdGhpcyBwYXRjaCBtYWtlcyB1c2UgaWYgaXQgYW5kIGFsbG93Cj4g a2V4ZWNfZmlsZV9sb2FkIHRvIHZlcmlmeSB0aGUgaW1hZ2UgYWdhaW5zdCBrZXlzIGluIC5wbGF0 Zm9ybSBrZXlyaW5nLgoKVGhlcmUncyBubyBuZWVkIHRvIGludHJvZHVjZSB0aGUgY29uY2VwdCBv ZiAidGhpcmQgcGFydHkiIG9yICJmaXJtd2FyZQprZXlzIiBoZXJlLiDCoFJlZmVycmluZyB0byB0 aGVtIGFzIHRoZSAicHJlYm9vdCIga2V5cywgY2FuIHNpbXBsaWZ5IHRoZQphYm92ZSBwYXJhZ3Jh cGguCgo+IAo+IFRoaXMgY29tbWl0IGFkZHMgYSBWRVJJRllfVVNFX1BMQVRGT1JNX0tFWVJJTkcg c2ltaWxhciB0byBwcmV2aW91cwo+IFZFUklGWV9VU0VfU0VDT05EQVJZX0tFWVJJTkcgaW5kaWNh dGluZyB0aGF0IHZlcmlmeV9wa2NzN19zaWduYXR1cmUKPiBzaG91bGQgdmVyaWZ5IHRoZSBzaWdu YXR1cmUgdXNpbmcgcGxhdGZvcm0ga2V5cmluZy4gQWxzbywgZGVjcmVhc2UKPiB0aGUgZXJyb3Ig bWVzc2FnZSBsb2cgbGV2ZWwgd2hlbiB2ZXJpZmljYXRpb24gZmFpbGVkIHdpdGggLUVOT0tFWSwK PiBzbyB0aGF0IGlmIGNhbGxlZCB0cmllZCBtdWx0aXBsZSB0aW1lIHdpdGggZGlmZmVyZW50IGtl eXJpbmcgaXQKPiB3b24ndCBnZW5lcmF0ZSBleHRyYSBub2lzZXMuCj4gCj4gU2lnbmVkLW9mZi1i eTogS2FpcnVpIFNvbmcgPGthc29uZ0ByZWRoYXQuY29tPgoKUmV2aWV3ZWQvVGVzdGVkLWJ5OiBN aW1pIFpvaGFyIDx6b2hhckBsaW51eC5pYm0uY29tPgoKPiAtLS0KPiAgYXJjaC94ODYva2VybmVs L2tleGVjLWJ6aW1hZ2U2NC5jIHwgMTMgKysrKysrKysrKy0tLQo+ICBjZXJ0cy9zeXN0ZW1fa2V5 cmluZy5jICAgICAgICAgICAgfCAxMyArKysrKysrKysrKystCj4gIGluY2x1ZGUvbGludXgvdmVy aWZpY2F0aW9uLmggICAgICB8ICAxICsKPiAgMyBmaWxlcyBjaGFuZ2VkLCAyMyBpbnNlcnRpb25z KCspLCA0IGRlbGV0aW9ucygtKQo+IAo+IGRpZmYgLS1naXQgYS9hcmNoL3g4Ni9rZXJuZWwva2V4 ZWMtYnppbWFnZTY0LmMgYi9hcmNoL3g4Ni9rZXJuZWwva2V4ZWMtYnppbWFnZTY0LmMKPiBpbmRl eCA3ZDk3ZTQzMmNiYmMuLjJjMDA3YWJkM2Q0MCAxMDA2NDQKPiAtLS0gYS9hcmNoL3g4Ni9rZXJu ZWwva2V4ZWMtYnppbWFnZTY0LmMKPiArKysgYi9hcmNoL3g4Ni9rZXJuZWwva2V4ZWMtYnppbWFn ZTY0LmMKPiBAQCAtNTM0LDkgKzUzNCwxNiBAQCBzdGF0aWMgaW50IGJ6SW1hZ2U2NF9jbGVhbnVw KHZvaWQgKmxvYWRlcl9kYXRhKQo+ICAjaWZkZWYgQ09ORklHX0tFWEVDX0JaSU1BR0VfVkVSSUZZ X1NJRwo+ICBzdGF0aWMgaW50IGJ6SW1hZ2U2NF92ZXJpZnlfc2lnKGNvbnN0IGNoYXIgKmtlcm5l bCwgdW5zaWduZWQgbG9uZyBrZXJuZWxfbGVuKQo+ICB7Cj4gLQlyZXR1cm4gdmVyaWZ5X3BlZmls ZV9zaWduYXR1cmUoa2VybmVsLCBrZXJuZWxfbGVuLAo+IC0JCQkJICAgICAgIFZFUklGWV9VU0Vf U0VDT05EQVJZX0tFWVJJTkcsCj4gLQkJCQkgICAgICAgVkVSSUZZSU5HX0tFWEVDX1BFX1NJR05B VFVSRSk7Cj4gKwlpbnQgcmV0Owo+ICsJcmV0ID0gdmVyaWZ5X3BlZmlsZV9zaWduYXR1cmUoa2Vy bmVsLCBrZXJuZWxfbGVuLAo+ICsJCQkJICAgICAgVkVSSUZZX1VTRV9TRUNPTkRBUllfS0VZUklO RywKPiArCQkJCSAgICAgIFZFUklGWUlOR19LRVhFQ19QRV9TSUdOQVRVUkUpOwo+ICsJaWYgKHJl dCA9PSAtRU5PS0VZICYmIElTX0VOQUJMRUQoQ09ORklHX0lOVEVHUklUWV9QTEFURk9STV9LRVlS SU5HKSkgewo+ICsJCXJldCA9IHZlcmlmeV9wZWZpbGVfc2lnbmF0dXJlKGtlcm5lbCwga2VybmVs X2xlbiwKPiArCQkJCQkgICAgICBWRVJJRllfVVNFX1BMQVRGT1JNX0tFWVJJTkcsCj4gKwkJCQkJ ICAgICAgVkVSSUZZSU5HX0tFWEVDX1BFX1NJR05BVFVSRSk7Cj4gKwl9Cj4gKwlyZXR1cm4gcmV0 Owo+ICB9Cj4gICNlbmRpZgo+ICAKPiBkaWZmIC0tZ2l0IGEvY2VydHMvc3lzdGVtX2tleXJpbmcu YyBiL2NlcnRzL3N5c3RlbV9rZXlyaW5nLmMKPiBpbmRleCA0NjkwZWY5Y2RhOGEuLjcwODVjMjg2 ZjRiZCAxMDA2NDQKPiAtLS0gYS9jZXJ0cy9zeXN0ZW1fa2V5cmluZy5jCj4gKysrIGIvY2VydHMv c3lzdGVtX2tleXJpbmcuYwo+IEBAIC0yNDAsMTEgKzI0MCwyMiBAQCBpbnQgdmVyaWZ5X3BrY3M3 X3NpZ25hdHVyZShjb25zdCB2b2lkICpkYXRhLCBzaXplX3QgbGVuLAo+ICAjZWxzZQo+ICAJCXRy dXN0ZWRfa2V5cyA9IGJ1aWx0aW5fdHJ1c3RlZF9rZXlzOwo+ICAjZW5kaWYKPiArCX0gZWxzZSBp ZiAodHJ1c3RlZF9rZXlzID09IFZFUklGWV9VU0VfUExBVEZPUk1fS0VZUklORykgewo+ICsjaWZk ZWYgQ09ORklHX0lOVEVHUklUWV9QTEFURk9STV9LRVlSSU5HCj4gKwkJdHJ1c3RlZF9rZXlzID0g cGxhdGZvcm1fdHJ1c3RlZF9rZXlzOwo+ICsjZWxzZQo+ICsJCXRydXN0ZWRfa2V5cyA9IE5VTEw7 Cj4gKyNlbmRpZgo+ICsJCWlmICghdHJ1c3RlZF9rZXlzKSB7Cj4gKwkJCXJldCA9IC1FTk9LRVk7 Cj4gKwkJCXByX2RldmVsKCJQS0NTIzcgcGxhdGZvcm0ga2V5cmluZyBpcyBub3QgYXZhaWxhYmxl XG4iKTsKPiArCQkJZ290byBlcnJvcjsKPiArCQl9Cj4gIAl9Cj4gIAlyZXQgPSBwa2NzN192YWxp ZGF0ZV90cnVzdChwa2NzNywgdHJ1c3RlZF9rZXlzKTsKPiAgCWlmIChyZXQgPCAwKSB7Cj4gIAkJ aWYgKHJldCA9PSAtRU5PS0VZKQo+IC0JCQlwcl9lcnIoIlBLQ1MjNyBzaWduYXR1cmUgbm90IHNp Z25lZCB3aXRoIGEgdHJ1c3RlZCBrZXlcbiIpOwo+ICsJCQlwcl9kZXZlbCgiUEtDUyM3IHNpZ25h dHVyZSBub3Qgc2lnbmVkIHdpdGggYSB0cnVzdGVkIGtleVxuIik7Cj4gIAkJZ290byBlcnJvcjsK PiAgCX0KPiAgCj4gZGlmZiAtLWdpdCBhL2luY2x1ZGUvbGludXgvdmVyaWZpY2F0aW9uLmggYi9p bmNsdWRlL2xpbnV4L3ZlcmlmaWNhdGlvbi5oCj4gaW5kZXggY2ZhNDczMGQ2MDdhLi4wMThmYjVm MTNkNDQgMTAwNjQ0Cj4gLS0tIGEvaW5jbHVkZS9saW51eC92ZXJpZmljYXRpb24uaAo+ICsrKyBi L2luY2x1ZGUvbGludXgvdmVyaWZpY2F0aW9uLmgKPiBAQCAtMTcsNiArMTcsNyBAQAo+ICAgKiBz aG91bGQgYmUgdXNlZC4KPiAgICovCj4gICNkZWZpbmUgVkVSSUZZX1VTRV9TRUNPTkRBUllfS0VZ UklORyAoKHN0cnVjdCBrZXkgKikxVUwpCj4gKyNkZWZpbmUgVkVSSUZZX1VTRV9QTEFURk9STV9L RVlSSU5HICAoKHN0cnVjdCBrZXkgKikyVUwpCj4gIAo+ICAvKgo+ICAgKiBUaGUgdXNlIHRvIHdo aWNoIGFuIGFzeW1tZXRyaWMga2V5IGlzIGJlaW5nIHB1dC4KCgpfX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fXwprZXhlYyBtYWlsaW5nIGxpc3QKa2V4ZWNAbGlz dHMuaW5mcmFkZWFkLm9yZwpodHRwOi8vbGlzdHMuaW5mcmFkZWFkLm9yZy9tYWlsbWFuL2xpc3Rp bmZvL2tleGVjCg==