From: Roberto Sassu <roberto.sassu@huaweicloud.com>
To: dhowells@redhat.com, dwmw2@infradead.org,
herbert@gondor.apana.org.au, davem@davemloft.net,
jarkko@kernel.org, zohar@linux.ibm.com,
dmitry.kasatkin@gmail.com, paul@paul-moore.com,
jmorris@namei.org, serge@hallyn.com
Cc: linux-kernel@vger.kernel.org, keyrings@vger.kernel.org,
linux-crypto@vger.kernel.org, linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org, pbrobinson@gmail.com,
zbyszek@in.waw.pl, wiktor@metacode.biz,
devel@lists.sequoia-pgp.org, gnupg-devel@gnupg.org,
ebiggers@kernel.org, Jason@zx2c4.com, mail@maciej.szmigiero.name,
antony@vennard.ch, konstantin@linuxfoundation.org,
James.Bottomley@HansenPartnership.com,
Roberto Sassu <roberto.sassu@huawei.com>
Subject: [RFC][PATCH v3 8/9] KEYS: Introduce load_uasym_keyring()
Date: Thu, 20 Jul 2023 17:32:44 +0200 [thread overview]
Message-ID: <20230720153247.3755856-9-roberto.sassu@huaweicloud.com> (raw)
In-Reply-To: <20230720153247.3755856-1-roberto.sassu@huaweicloud.com>
From: Roberto Sassu <roberto.sassu@huawei.com>
Preload user asymmetric keys from 'uasym_keys.bin', placed in certs/ of the
kernel source directory.
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
certs/Kconfig | 11 ++++++++++
certs/Makefile | 7 +++++++
certs/system_certificates.S | 18 ++++++++++++++++
certs/system_keyring.c | 41 +++++++++++++++++++++++++++++++++++--
4 files changed, 75 insertions(+), 2 deletions(-)
diff --git a/certs/Kconfig b/certs/Kconfig
index 1f109b07087..16bbf0f4bb6 100644
--- a/certs/Kconfig
+++ b/certs/Kconfig
@@ -138,4 +138,15 @@ config SYSTEM_BLACKLIST_AUTH_UPDATE
keyring. The PKCS#7 signature of the description is set in the key
payload. Blacklist keys cannot be removed.
+config UASYM_PRELOAD_PUBLIC_KEYS
+ bool "Preload user asymmetric keys"
+ depends on SYSTEM_TRUSTED_KEYRING
+ select UASYM_KEYS_SIGS
+ default n
+ help
+ Load at boot time the user asymmetric keys from a reserved area
+ (populated with the content of 'certs/uasym_keys.bin' provided at
+ kernel build time), and add them to the built-in keyring. Invalid
+ keys are ignored and the loading continues.
+
endmenu
diff --git a/certs/Makefile b/certs/Makefile
index 799ad7b9e68..2e5be6668a6 100644
--- a/certs/Makefile
+++ b/certs/Makefile
@@ -22,6 +22,13 @@ $(obj)/blacklist_hash_list: $(CONFIG_SYSTEM_BLACKLIST_HASH_LIST) FORCE
targets += blacklist_hash_list
+ifdef CONFIG_UASYM_PRELOAD_PUBLIC_KEYS
+ifeq ($(shell ls $(srctree)/certs/uasym_keys.bin 2> /dev/null), $(srctree)/certs/uasym_keys.bin)
+AFLAGS_system_certificates.o += -DHAVE_UASYM_KEYRING_BLOB
+$(obj)/system_certificates.o: $(srctree)/certs/uasym_keys.bin
+endif
+endif
+
quiet_cmd_extract_certs = CERT $@
cmd_extract_certs = $(obj)/extract-cert "$(extract-cert-in)" $@
extract-cert-in = $(filter-out $(obj)/extract-cert, $(real-prereqs))
diff --git a/certs/system_certificates.S b/certs/system_certificates.S
index 003e25d4a17..67b7c5effb6 100644
--- a/certs/system_certificates.S
+++ b/certs/system_certificates.S
@@ -44,3 +44,21 @@ module_cert_size:
#else
.long __module_cert_end - __module_cert_start
#endif
+
+ .align 8
+ .globl uasym_keys
+uasym_keys:
+__uasym_key_list_start:
+#ifdef HAVE_UASYM_KEYRING_BLOB
+ .incbin "certs/uasym_keys.bin"
+#endif
+__uasym_key_list_end:
+
+ .align 8
+ .globl uasym_keys_size
+uasym_keys_size:
+#ifdef CONFIG_64BIT
+ .quad __uasym_key_list_end - __uasym_key_list_start
+#else
+ .long __uasym_key_list_end - __uasym_key_list_start
+#endif
diff --git a/certs/system_keyring.c b/certs/system_keyring.c
index dbee2e5b732..6035bd2f795 100644
--- a/certs/system_keyring.c
+++ b/certs/system_keyring.c
@@ -179,6 +179,31 @@ static __init int system_trusted_keyring_init(void)
return 0;
}
+#ifdef CONFIG_UASYM_PRELOAD_PUBLIC_KEYS
+extern __initconst const u8 uasym_keys[];
+extern __initconst const unsigned long uasym_keys_size;
+
+/**
+ * load_uasym_keyring - Load user asymmetric keys from a keyring blob
+ *
+ * Load user asymmetric keys from a keyring blob. Halt the parsing if
+ * a parsing error is encountered. If parsing succeed, ignore invalid keys.
+ *
+ * Return: Zero on success or on failure (ignored).
+ */
+static __init int load_uasym_keyring(void)
+{
+ pr_notice("Loading compiled-in user asymmetric keys\n");
+
+ if (preload_uasym_keys(uasym_keys, uasym_keys_size,
+ builtin_trusted_keys) < 0)
+ pr_err("Can't load user asymmetric keys\n");
+
+ return 0;
+}
+late_initcall(load_uasym_keyring);
+#endif /* CONFIG_UASYM_PRELOAD_PUBLIC_KEYS */
+
/*
* Must be initialised before we try and load the keys into the keyring.
*/
@@ -186,13 +211,25 @@ device_initcall(system_trusted_keyring_init);
__init int load_module_cert(struct key *keyring)
{
+ int ret;
+
if (!IS_ENABLED(CONFIG_IMA_APPRAISE_MODSIG))
return 0;
pr_notice("Loading compiled-in module X.509 certificates\n");
- return x509_load_certificate_list(system_certificate_list,
- module_cert_size, keyring);
+ ret = x509_load_certificate_list(system_certificate_list,
+ module_cert_size, keyring);
+#ifdef CONFIG_UASYM_PRELOAD_PUBLIC_KEYS
+ if (!ret) {
+ pr_notice("Loading compiled-in user asymmetric keys\n");
+
+ ret = preload_uasym_keys(uasym_keys, uasym_keys_size, keyring);
+ if (ret < 0)
+ pr_err("Can't load user asymmetric keys\n");
+ }
+#endif
+ return ret;
}
/*
--
2.34.1
next prev parent reply other threads:[~2023-07-20 15:36 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-20 15:32 [RFC][PATCH v3 0/9] KEYS: Introduce user asymmetric keys and signatures Roberto Sassu
2023-07-20 15:32 ` [RFC][PATCH v3 1/9] lib: Add TLV parser Roberto Sassu
2023-07-20 15:32 ` [RFC][PATCH v3 2/9] crypto: Export public key algorithm information Roberto Sassu
2023-07-20 15:32 ` [RFC][PATCH v3 3/9] crypto: Export signature encoding information Roberto Sassu
2023-07-20 15:32 ` [RFC][PATCH v3 4/9] KEYS: asymmetric: Introduce the user asymmetric key parser Roberto Sassu
2023-07-20 15:32 ` [RFC][PATCH v3 5/9] KEYS: asymmetric: Introduce the user asymmetric key signature parser Roberto Sassu
2023-07-20 15:32 ` [RFC][PATCH v3 6/9] verification: Add verify_uasym_signature() and verify_uasym_sig_message() Roberto Sassu
2023-07-20 15:32 ` [RFC][PATCH v3 7/9] KEYS: asymmetric: Preload user asymmetric keys from a keyring blob Roberto Sassu
2023-07-20 15:32 ` Roberto Sassu [this message]
2023-07-20 15:32 ` [RFC][PATCH v3 9/9] ima: Support non-PKCS#7 modsig types Roberto Sassu
2023-07-20 15:32 ` [RFC][GNUPG][PATCH v3 1/2] Convert PGP keys to the user asymmetric keys format Roberto Sassu
2023-07-20 15:32 ` [RFC][GNUPG][PATCH v3 2/2] Convert PGP signatures to the user asymmetric key signatures format Roberto Sassu
2023-07-20 17:38 ` [RFC][PATCH v3 0/9] KEYS: Introduce user asymmetric keys and signatures Jarkko Sakkinen
2023-07-21 7:04 ` Roberto Sassu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230720153247.3755856-9-roberto.sassu@huaweicloud.com \
--to=roberto.sassu@huaweicloud.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=Jason@zx2c4.com \
--cc=antony@vennard.ch \
--cc=davem@davemloft.net \
--cc=devel@lists.sequoia-pgp.org \
--cc=dhowells@redhat.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=dwmw2@infradead.org \
--cc=ebiggers@kernel.org \
--cc=gnupg-devel@gnupg.org \
--cc=herbert@gondor.apana.org.au \
--cc=jarkko@kernel.org \
--cc=jmorris@namei.org \
--cc=keyrings@vger.kernel.org \
--cc=konstantin@linuxfoundation.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mail@maciej.szmigiero.name \
--cc=paul@paul-moore.com \
--cc=pbrobinson@gmail.com \
--cc=roberto.sassu@huawei.com \
--cc=serge@hallyn.com \
--cc=wiktor@metacode.biz \
--cc=zbyszek@in.waw.pl \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).