From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "Nayna Jain" <nayna@linux.ibm.com>, <linux-integrity@vger.kernel.org>
Cc: "Mimi Zohar" <zohar@linux.ibm.com>,
"Eric Snowberg" <eric.snowberg@oracle.com>,
"Paul Moore" <paul@paul-moore.com>,
"linuxppc-dev" <linuxppc-dev@lists.ozlabs.org>,
<linux-security-module@vger.kernel.org>,
<linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v2 6/6] integrity: PowerVM support for loading third party code signing keys
Date: Fri, 11 Aug 2023 00:54:05 +0300 [thread overview]
Message-ID: <CUP754GCFF2H.15G672KXVX5AJ@suppilovahvero> (raw)
In-Reply-To: <20230809195315.1085656-7-nayna@linux.ibm.com>
On Wed Aug 9, 2023 at 10:53 PM EEST, Nayna Jain wrote:
> On secure boot enabled PowerVM LPAR, third party code signing keys are
> needed during early boot to verify signed third party modules. These
> third party keys are stored in moduledb object in the Platform
> KeyStore(PKS).
^ space
>
> Load third party code signing keys onto .secondary_trusted_keys keyring.
>
> Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
> ---
> certs/system_keyring.c | 23 +++++++++++++++++++
> include/keys/system_keyring.h | 7 ++++++
> security/integrity/integrity.h | 1 +
> .../platform_certs/keyring_handler.c | 8 +++++++
> .../platform_certs/keyring_handler.h | 5 ++++
> .../integrity/platform_certs/load_powerpc.c | 18 ++++++++++++++-
> 6 files changed, 61 insertions(+), 1 deletion(-)
>
> diff --git a/certs/system_keyring.c b/certs/system_keyring.c
> index b348e0898d34..3435d4936fb2 100644
> --- a/certs/system_keyring.c
> +++ b/certs/system_keyring.c
> @@ -396,3 +396,26 @@ void __init set_platform_trusted_keys(struct key *keyring)
> platform_trusted_keys = keyring;
> }
> #endif
> +
spurious newline character
> +void __init add_to_secondary_keyring(const char *source, const void *data,
> + size_t len)
Documentation is lacking, and should be in a single line, as it totals
less than 100 characters.
> +{
> + key_ref_t key;
> + key_perm_t perm; the following structure
> + int rc = 0;
int rc;
> +
> + perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW;
> +
> + key = key_create_or_update(make_key_ref(secondary_trusted_keys, 1),
> + "asymmetric",
> + NULL, data, len, perm,
> + KEY_ALLOC_NOT_IN_QUOTA);
> + if (IS_ERR(key)) {
> + rc = PTR_ERR(key);
This helper variable is not very useful.
> + pr_err("Problem loading X.509 certificate %d\n", rc);
Why pr_err()? What kind of object is "a problem"?
Also X.509 certificates are everywhere. If these are printed to the
klog, how can e.g. an admin deduce the problem over here?
Even without having these log messages at all I could trace the called
function and be informed that some X.509 cert has an issues. Actually
then I could even deduce the location, thanks to call backtrace.
These have a potential to lead into wrong conclusions.
> + } else {
> + pr_notice("Loaded X.509 cert '%s'\n",
> + key_ref_to_ptr(key)->description);
single line
> + key_ref_put(key);
> + }
I'd suggest instead the following structure:
if (IS_ERR(key)) {
pr_err("Problem loading X.509 certificate %d\n", PTR_ERR(key));
return;
}
pr_notice("Loaded X.509 cert '%s'\n", key_ref_to_ptr(key)->description);
key_ref_put(key);
}
BR, Jarkko
prev parent reply other threads:[~2023-08-10 21:54 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-09 19:53 [PATCH v2 0/6] Enable loading local and third party keys on PowerVM guest Nayna Jain
2023-08-09 19:53 ` [PATCH v2 1/6] integrity: PowerVM support for loading CA keys on machine keyring Nayna Jain
2023-08-09 19:53 ` [PATCH v2 2/6] integrity: ignore keys failing CA restrictions on non-UEFI platform Nayna Jain
2023-08-09 19:53 ` [PATCH v2 3/6] integrity: remove global variable from machine_keyring.c Nayna Jain
2023-08-10 15:38 ` Jarkko Sakkinen
2023-08-09 19:53 ` [PATCH v2 4/6] integrity: check whether imputed trust is enabled Nayna Jain
2023-08-09 19:53 ` [PATCH v2 5/6] integrity: PowerVM machine keyring enablement Nayna Jain
2023-08-10 21:30 ` Jarkko Sakkinen
2023-08-09 19:53 ` [PATCH v2 6/6] integrity: PowerVM support for loading third party code signing keys Nayna Jain
2023-08-10 21:54 ` Jarkko Sakkinen [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CUP754GCFF2H.15G672KXVX5AJ@suppilovahvero \
--to=jarkko@kernel.org \
--cc=eric.snowberg@oracle.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=nayna@linux.ibm.com \
--cc=paul@paul-moore.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox