From 5ce3e312ec5c11abce13215be70700778bf601f0 Mon Sep 17 00:00:00 2001 From: Dmitry Kasatkin Date: Wed, 31 Aug 2011 14:05:16 +0300 Subject: crypto: GnuPG based MPI lib - header files (part 2) Adds the multi-precision-integer maths library which was originally taken from GnuPG and ported to the kernel by (among others) David Howells. This version is taken from Fedora kernel 2.6.32-71.14.1.el6. The difference is that checkpatch reported errors and warnings have been fixed. This library is used to implemenet RSA digital signature verification used in IMA/EVM integrity protection subsystem. Due to patch size limitation, the patch is divided into 4 parts. Signed-off-by: Dmitry Kasatkin --- include/linux/mpi.h | 146 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 146 insertions(+) create mode 100644 include/linux/mpi.h (limited to 'include/linux') diff --git a/include/linux/mpi.h b/include/linux/mpi.h new file mode 100644 index 000000000000..06f88994ccaa --- /dev/null +++ b/include/linux/mpi.h @@ -0,0 +1,146 @@ +/* mpi.h - Multi Precision Integers + * Copyright (C) 1994, 1996, 1998, 1999, + * 2000, 2001 Free Software Foundation, Inc. + * + * This file is part of GNUPG. + * + * GNUPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * GNUPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * + * Note: This code is heavily based on the GNU MP Library. + * Actually it's the same code with only minor changes in the + * way the data is stored; this is to support the abstraction + * of an optional secure memory allocation which may be used + * to avoid revealing of sensitive data due to paging etc. + * The GNU MP Library itself is published under the LGPL; + * however I decided to publish this code under the plain GPL. + */ + +#ifndef G10_MPI_H +#define G10_MPI_H + +#include + +/* DSI defines */ + +#define SHA1_DIGEST_LENGTH 20 + +/*end of DSI defines */ + +#define BYTES_PER_MPI_LIMB (BITS_PER_LONG / 8) +#define BITS_PER_MPI_LIMB BITS_PER_LONG + +typedef unsigned long int mpi_limb_t; +typedef signed long int mpi_limb_signed_t; + +struct gcry_mpi { + int alloced; /* array size (# of allocated limbs) */ + int nlimbs; /* number of valid limbs */ + int nbits; /* the real number of valid bits (info only) */ + int sign; /* indicates a negative number */ + unsigned flags; /* bit 0: array must be allocated in secure memory space */ + /* bit 1: not used */ + /* bit 2: the limb is a pointer to some m_alloced data */ + mpi_limb_t *d; /* array with the limbs */ +}; + +typedef struct gcry_mpi *MPI; + +#define MPI_NULL NULL + +#define mpi_get_nlimbs(a) ((a)->nlimbs) +#define mpi_is_neg(a) ((a)->sign) + +/*-- mpiutil.c --*/ +MPI mpi_alloc(unsigned nlimbs); +MPI mpi_alloc_secure(unsigned nlimbs); +MPI mpi_alloc_like(MPI a); +void mpi_free(MPI a); +int mpi_resize(MPI a, unsigned nlimbs); +int mpi_copy(MPI *copy, const MPI a); +void mpi_clear(MPI a); +int mpi_set(MPI w, MPI u); +int mpi_set_ui(MPI w, ulong u); +MPI mpi_alloc_set_ui(unsigned long u); +void mpi_m_check(MPI a); +void mpi_swap(MPI a, MPI b); + +/*-- mpicoder.c --*/ +MPI do_encode_md(const void *sha_buffer, unsigned nbits); +MPI mpi_read_from_buffer(const void *buffer, unsigned *ret_nread); +int mpi_fromstr(MPI val, const char *str); +u32 mpi_get_keyid(MPI a, u32 *keyid); +void *mpi_get_buffer(MPI a, unsigned *nbytes, int *sign); +void *mpi_get_secure_buffer(MPI a, unsigned *nbytes, int *sign); +int mpi_set_buffer(MPI a, const void *buffer, unsigned nbytes, int sign); + +#define log_mpidump g10_log_mpidump + +/*-- mpi-add.c --*/ +int mpi_add_ui(MPI w, MPI u, ulong v); +int mpi_add(MPI w, MPI u, MPI v); +int mpi_addm(MPI w, MPI u, MPI v, MPI m); +int mpi_sub_ui(MPI w, MPI u, ulong v); +int mpi_sub(MPI w, MPI u, MPI v); +int mpi_subm(MPI w, MPI u, MPI v, MPI m); + +/*-- mpi-mul.c --*/ +int mpi_mul_ui(MPI w, MPI u, ulong v); +int mpi_mul_2exp(MPI w, MPI u, ulong cnt); +int mpi_mul(MPI w, MPI u, MPI v); +int mpi_mulm(MPI w, MPI u, MPI v, MPI m); + +/*-- mpi-div.c --*/ +ulong mpi_fdiv_r_ui(MPI rem, MPI dividend, ulong divisor); +int mpi_fdiv_r(MPI rem, MPI dividend, MPI divisor); +int mpi_fdiv_q(MPI quot, MPI dividend, MPI divisor); +int mpi_fdiv_qr(MPI quot, MPI rem, MPI dividend, MPI divisor); +int mpi_tdiv_r(MPI rem, MPI num, MPI den); +int mpi_tdiv_qr(MPI quot, MPI rem, MPI num, MPI den); +int mpi_tdiv_q_2exp(MPI w, MPI u, unsigned count); +int mpi_divisible_ui(const MPI dividend, ulong divisor); + +/*-- mpi-gcd.c --*/ +int mpi_gcd(MPI g, const MPI a, const MPI b); + +/*-- mpi-pow.c --*/ +int mpi_pow(MPI w, MPI u, MPI v); +int mpi_powm(MPI res, MPI base, MPI exp, MPI mod); + +/*-- mpi-mpow.c --*/ +int mpi_mulpowm(MPI res, MPI *basearray, MPI *exparray, MPI mod); + +/*-- mpi-cmp.c --*/ +int mpi_cmp_ui(MPI u, ulong v); +int mpi_cmp(MPI u, MPI v); + +/*-- mpi-scan.c --*/ +int mpi_getbyte(MPI a, unsigned idx); +void mpi_putbyte(MPI a, unsigned idx, int value); +unsigned mpi_trailing_zeros(MPI a); + +/*-- mpi-bit.c --*/ +void mpi_normalize(MPI a); +unsigned mpi_get_nbits(MPI a); +int mpi_test_bit(MPI a, unsigned n); +int mpi_set_bit(MPI a, unsigned n); +int mpi_set_highbit(MPI a, unsigned n); +void mpi_clear_highbit(MPI a, unsigned n); +void mpi_clear_bit(MPI a, unsigned n); +int mpi_rshift(MPI x, MPI a, unsigned n); + +/*-- mpi-inv.c --*/ +int mpi_invm(MPI x, MPI u, MPI v); + +#endif /*G10_MPI_H */ -- cgit v1.2.3 From 051dbb918c7fb7da8e64a2cd0d804ba73399709f Mon Sep 17 00:00:00 2001 From: Dmitry Kasatkin Date: Fri, 14 Oct 2011 15:25:16 +0300 Subject: crypto: digital signature verification support This patch implements RSA digital signature verification using GnuPG library. The format of the signature and the public key is defined by their respective headers. The signature header contains version information, algorithm, and keyid, which was used to generate the signature. The key header contains version and algorythim type. The payload of the signature and the key are multi-precision integers. The signing and key management utilities evm-utils provide functionality to generate signatures and load keys into the kernel keyring. When the key is added to the kernel keyring, the keyid defines the name of the key. Signed-off-by: Dmitry Kasatkin Acked-by: Mimi Zohar --- include/linux/digsig.h | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 include/linux/digsig.h (limited to 'include/linux') diff --git a/include/linux/digsig.h b/include/linux/digsig.h new file mode 100644 index 000000000000..efae755017d7 --- /dev/null +++ b/include/linux/digsig.h @@ -0,0 +1,64 @@ +/* + * Copyright (C) 2011 Nokia Corporation + * Copyright (C) 2011 Intel Corporation + * + * Author: + * Dmitry Kasatkin + * + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, version 2 of the License. + * + */ + +#ifndef _DIGSIG_H +#define _DIGSIG_H + +#include + +enum pubkey_algo { + PUBKEY_ALGO_RSA, + PUBKEY_ALGO_MAX, +}; + +enum digest_algo { + DIGEST_ALGO_SHA1, + DIGEST_ALGO_SHA256, + DIGEST_ALGO_MAX +}; + +struct pubkey_hdr { + uint8_t version; /* key format version */ + time_t timestamp; /* key made, always 0 for now */ + uint8_t algo; + uint8_t nmpi; + char mpi[0]; +} __packed; + +struct signature_hdr { + uint8_t version; /* signature format version */ + time_t timestamp; /* signature made */ + uint8_t algo; + uint8_t hash; + uint8_t keyid[8]; + uint8_t nmpi; + char mpi[0]; +} __packed; + +#if defined(CONFIG_DIGSIG) || defined(CONFIG_DIGSIG_MODULE) + +int digsig_verify(struct key *keyring, const char *sig, int siglen, + const char *digest, int digestlen); + +#else + +static inline int digsig_verify(struct key *keyring, const char *sig, + int siglen, const char *digest, int digestlen) +{ + return -EOPNOTSUPP; +} + +#endif /* CONFIG_DIGSIG */ + +#endif /* _DIGSIG_H */ -- cgit v1.2.3 From 1933ca8771585d43d3d2099c0c9ba7ca6b96e303 Mon Sep 17 00:00:00 2001 From: Andrew Morton Date: Tue, 15 Nov 2011 15:11:44 -0800 Subject: include/linux/security.h: fix security_inode_init_security() arg Make the security_inode_init_security() initxattrs arg const, to match the non-stubbed version of that function. Cc: James Morris Signed-off-by: Andrew Morton Signed-off-by: James Morris --- include/linux/security.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/linux') diff --git a/include/linux/security.h b/include/linux/security.h index 19d8e04e1688..051d4e96cb1f 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -2044,7 +2044,7 @@ static inline void security_inode_free(struct inode *inode) static inline int security_inode_init_security(struct inode *inode, struct inode *dir, const struct qstr *qstr, - initxattrs initxattrs, + const initxattrs initxattrs, void *fs_data) { return 0; -- cgit v1.2.3 From 7845bc3964756240863ae453ffe4f7ee27ddc954 Mon Sep 17 00:00:00 2001 From: David Howells Date: Wed, 16 Nov 2011 11:15:54 +0000 Subject: KEYS: Give key types their own lockdep class for key->sem Give keys their own lockdep class to differentiate them from each other in case a key of one type has to refer to a key of another type. Signed-off-by: David Howells Acked-by: Mimi Zohar Signed-off-by: James Morris --- include/linux/key-type.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/linux') diff --git a/include/linux/key-type.h b/include/linux/key-type.h index 9efd081bb31e..39e3c082c49d 100644 --- a/include/linux/key-type.h +++ b/include/linux/key-type.h @@ -92,6 +92,7 @@ struct key_type { /* internal fields */ struct list_head link; /* link in types list */ + struct lock_class_key lock_class; /* key->sem lock class */ }; extern struct key_type key_type_keyring; -- cgit v1.2.3 From 114d6e9c103736487c967060d0a7aec9a7fce967 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Mon, 19 Dec 2011 11:32:56 -0800 Subject: security: update security_file_mmap() docs This documents the fields added to security_file_mmap() that were introduced in ed0321895182ffb6ecf210e066d87911b270d587. Signed-off-by: Kees Cook Signed-off-by: James Morris --- include/linux/security.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include/linux') diff --git a/include/linux/security.h b/include/linux/security.h index 051d4e96cb1f..16bb52a65fa3 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -590,6 +590,8 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @reqprot contains the protection requested by the application. * @prot contains the protection that will be applied by the kernel. * @flags contains the operational flags. + * @addr contains virtual address that will be used for the operation. + * @addr_only contains a boolean: 0 if file-backed VMA, otherwise 1. * Return 0 if permission is granted. * @file_mprotect: * Check permissions before changing memory access permissions. -- cgit v1.2.3