From patchwork Fri Nov 27 16:45:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 11936649 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 02F961746 for ; Fri, 27 Nov 2020 16:45:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D3C8A206DF for ; Fri, 27 Nov 2020 16:45:51 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="grSQ3QAG" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732236AbgK0Qpn (ORCPT ); Fri, 27 Nov 2020 11:45:43 -0500 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:22402 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731691AbgK0Qpm (ORCPT ); Fri, 27 Nov 2020 11:45:42 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1606495542; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=2LpJE5rOdV4hMtk26RhHDvVV+1Wfjn8DBqwcbIRmPfk=; b=grSQ3QAGbjGY0Cbx58P2ebmUo2jxo/Um89JRW5P2iaYOeSZCESbCqOdeOo5/6VKIvWt1az N7gZqElaCNqcniDJH7QrqA0MUcOAWRWtIF0xhGcSLNQC5DJPA5i8KNNZt6JSEN1BfsxjRn bIc3Ig64/reNxuT9y8/m4nMTrlTZ4zE= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-425-MRTALt54OHqUClBMAkHjIA-1; Fri, 27 Nov 2020 11:45:37 -0500 X-MC-Unique: MRTALt54OHqUClBMAkHjIA-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A2CF41842145; Fri, 27 Nov 2020 16:45:35 +0000 (UTC) Received: from warthog.procyon.org.uk (ovpn-112-159.rdu2.redhat.com [10.10.112.159]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8AA049CA0; Fri, 27 Nov 2020 16:45:34 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 Subject: [PATCH 1/9] security: keys: Fix fall-through warnings for Clang From: David Howells To: Jarkko Sakkinen Cc: "Gustavo A. R. Silva" , Jarkko Sakkinen , dhowells@redhat.com, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org Date: Fri, 27 Nov 2020 16:45:33 +0000 Message-ID: <160649553373.2744658.6386159665634958499.stgit@warthog.procyon.org.uk> In-Reply-To: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> References: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> User-Agent: StGit/0.23 MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Gustavo A. R. Silva In preparation to enable -Wimplicit-fallthrough for Clang, fix a warning by explicitly adding a break statement instead of letting the code fall through to the next case. Link: https://github.com/KSPP/linux/issues/115 Signed-off-by: Gustavo A. R. Silva Signed-off-by: David Howells Reviewed-by: Jarkko Sakkinen --- security/keys/process_keys.c | 1 + 1 file changed, 1 insertion(+) diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index 1fe8b934f656..e3d79a7b6db6 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c @@ -783,6 +783,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags, if (need_perm != KEY_AUTHTOKEN_OVERRIDE && need_perm != KEY_DEFER_PERM_CHECK) goto invalid_key; + break; case 0: break; } From patchwork Fri Nov 27 16:45:40 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 11936653 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 2707115E6 for ; Fri, 27 Nov 2020 16:45:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0C6FB20657 for ; Fri, 27 Nov 2020 16:45:52 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="dFVt4HyG" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732223AbgK0Qps (ORCPT ); Fri, 27 Nov 2020 11:45:48 -0500 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:34418 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731233AbgK0Qpr (ORCPT ); Fri, 27 Nov 2020 11:45:47 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1606495546; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=e1SC77/gmsTtCItAM3yMxTuezkHcxFKFW3rr38I5Qso=; b=dFVt4HyGS5wV8qLbZMVlRaz/SUd68n5a/dv2zt908qghhCO6Ex1AdG5J8O+IYCxW6AwhuD 1JTrohbuqcmJ5igml/4FbPZ8xR0RS5qs53TPe/eWvY6+LhtjEG6INjh83WN7DmQGvp92GC TjeIIIK2QQIfvdSItcEYK0WBCjsdaQc= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-476-Qk7GTGt_NbG6SgEpkcUbxQ-1; Fri, 27 Nov 2020 11:45:43 -0500 X-MC-Unique: Qk7GTGt_NbG6SgEpkcUbxQ-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A1ED63FD0; Fri, 27 Nov 2020 16:45:42 +0000 (UTC) Received: from warthog.procyon.org.uk (ovpn-112-159.rdu2.redhat.com [10.10.112.159]) by smtp.corp.redhat.com (Postfix) with ESMTP id A5EB160861; Fri, 27 Nov 2020 16:45:41 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 Subject: [PATCH 2/9] keys: Remove outdated __user annotations From: David Howells To: Jarkko Sakkinen Cc: Jann Horn , dhowells@redhat.com, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org Date: Fri, 27 Nov 2020 16:45:40 +0000 Message-ID: <160649554087.2744658.17033829730920396113.stgit@warthog.procyon.org.uk> In-Reply-To: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> References: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> User-Agent: StGit/0.23 MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Jann Horn When the semantics of the ->read() handlers were changed such that "buffer" is a kernel pointer, some __user annotations survived. Since they're wrong now, get rid of them. Fixes: d3ec10aa9581 ("KEYS: Don't write out to userspace while holding key semaphore") Signed-off-by: Jann Horn Signed-off-by: David Howells --- security/keys/keyring.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 14abfe765b7e..977066208387 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -452,7 +452,7 @@ static void keyring_describe(const struct key *keyring, struct seq_file *m) struct keyring_read_iterator_context { size_t buflen; size_t count; - key_serial_t __user *buffer; + key_serial_t *buffer; }; static int keyring_read_iterator(const void *object, void *data) @@ -479,7 +479,7 @@ static int keyring_read_iterator(const void *object, void *data) * times. */ static long keyring_read(const struct key *keyring, - char __user *buffer, size_t buflen) + char *buffer, size_t buflen) { struct keyring_read_iterator_context ctx; long ret; @@ -491,7 +491,7 @@ static long keyring_read(const struct key *keyring, /* Copy as many key IDs as fit into the buffer */ if (buffer && buflen) { - ctx.buffer = (key_serial_t __user *)buffer; + ctx.buffer = (key_serial_t *)buffer; ctx.buflen = buflen; ctx.count = 0; ret = assoc_array_iterate(&keyring->keys, From patchwork Fri Nov 27 16:45:47 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 11936677 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id CEF1E15E6 for ; Fri, 27 Nov 2020 16:46:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B40F920674 for ; Fri, 27 Nov 2020 16:46:20 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="Yh2TBEWK" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732283AbgK0Qp5 (ORCPT ); Fri, 27 Nov 2020 11:45:57 -0500 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:27329 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731469AbgK0Qp4 (ORCPT ); Fri, 27 Nov 2020 11:45:56 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1606495555; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=P5k7KJvg8wmzcRHJ3bsoF7DcRPmiZuGP5cXttM2bqGs=; b=Yh2TBEWK7KsGkVWb7VW0tHsBo+81eOS7Q+Gdzf+uMmRv/sJ7HrQPYRluoxPSVlh2Oh5eRf yENa9sA6iMJflYeYZdZ1b3KO/nMK6qkqFWnnOmdsm0uia2Xgb6wzbKEcCy10ZHlMPjH/mt vVq7Pq8iixTFN9p/1NUg/8O9McXym1A= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-512-FMDyPTdpMdyWHQy4yhoDZA-1; Fri, 27 Nov 2020 11:45:50 -0500 X-MC-Unique: FMDyPTdpMdyWHQy4yhoDZA-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 811AF1005D50; Fri, 27 Nov 2020 16:45:49 +0000 (UTC) Received: from warthog.procyon.org.uk (ovpn-112-159.rdu2.redhat.com [10.10.112.159]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9D2E56085D; Fri, 27 Nov 2020 16:45:48 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 Subject: [PATCH 3/9] watch_queue: Drop references to /dev/watch_queue From: David Howells To: Jarkko Sakkinen Cc: Gabriel Krisman Bertazi , dhowells@redhat.com, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org Date: Fri, 27 Nov 2020 16:45:47 +0000 Message-ID: <160649554788.2744658.2677540173062709534.stgit@warthog.procyon.org.uk> In-Reply-To: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> References: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> User-Agent: StGit/0.23 MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Gabriel Krisman Bertazi The merged API doesn't use a watch_queue device, but instead relies on pipes, so let the documentation reflect that. Fixes: f7e47677e39a ("watch_queue: Add a key/keyring notification facility") Signed-off-by: Gabriel Krisman Bertazi Signed-off-by: David Howells --- Documentation/security/keys/core.rst | 4 ++-- samples/Kconfig | 2 +- samples/watch_queue/watch_test.c | 2 +- security/keys/Kconfig | 8 ++++---- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Documentation/security/keys/core.rst b/Documentation/security/keys/core.rst index aa0081685ee1..b3ed5c581034 100644 --- a/Documentation/security/keys/core.rst +++ b/Documentation/security/keys/core.rst @@ -1040,8 +1040,8 @@ The keyctl syscall functions are: "key" is the ID of the key to be watched. - "queue_fd" is a file descriptor referring to an open "/dev/watch_queue" - which manages the buffer into which notifications will be delivered. + "queue_fd" is a file descriptor referring to an open pipe which + manages the buffer into which notifications will be delivered. "filter" is either NULL to remove a watch or a filter specification to indicate what events are required from the key. diff --git a/samples/Kconfig b/samples/Kconfig index 0ed6e4d71d87..e76cdfc50e25 100644 --- a/samples/Kconfig +++ b/samples/Kconfig @@ -210,7 +210,7 @@ config SAMPLE_WATCHDOG depends on CC_CAN_LINK config SAMPLE_WATCH_QUEUE - bool "Build example /dev/watch_queue notification consumer" + bool "Build example watch_queue notification API consumer" depends on CC_CAN_LINK && HEADERS_INSTALL help Build example userspace program to use the new mount_notify(), diff --git a/samples/watch_queue/watch_test.c b/samples/watch_queue/watch_test.c index 46e618a897fe..8c6cb57d5cfc 100644 --- a/samples/watch_queue/watch_test.c +++ b/samples/watch_queue/watch_test.c @@ -1,5 +1,5 @@ // SPDX-License-Identifier: GPL-2.0 -/* Use /dev/watch_queue to watch for notifications. +/* Use watch_queue API to watch for notifications. * * Copyright (C) 2020 Red Hat, Inc. All Rights Reserved. * Written by David Howells (dhowells@redhat.com) diff --git a/security/keys/Kconfig b/security/keys/Kconfig index 83bc23409164..c161642a8484 100644 --- a/security/keys/Kconfig +++ b/security/keys/Kconfig @@ -119,7 +119,7 @@ config KEY_NOTIFICATIONS bool "Provide key/keyring change notifications" depends on KEYS && WATCH_QUEUE help - This option provides support for getting change notifications on keys - and keyrings on which the caller has View permission. This makes use - of the /dev/watch_queue misc device to handle the notification - buffer and provides KEYCTL_WATCH_KEY to enable/disable watches. + This option provides support for getting change notifications + on keys and keyrings on which the caller has View permission. + This makes use of pipes to handle the notification buffer and + provides KEYCTL_WATCH_KEY to enable/disable watches. From patchwork Fri Nov 27 16:45:54 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 11936679 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0035B697 for ; Fri, 27 Nov 2020 16:46:21 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DACAB20674 for ; Fri, 27 Nov 2020 16:46:20 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="Jlz0BKgZ" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731966AbgK0QqB (ORCPT ); Fri, 27 Nov 2020 11:46:01 -0500 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:51435 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730675AbgK0QqB (ORCPT ); Fri, 27 Nov 2020 11:46:01 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1606495560; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YwmNy2yecVSpA3zuuQKT7O6PCaKtPmRiW5EIYH3QEW8=; b=Jlz0BKgZ3V7KTru6ljTUUoK6V/Ob9lg3NdBHvV6JJ4IeRMIOQ6DicgAJC7x1yWiLKNVF7C X0sVDBrQG4XcjOzaCwwzxMiFVer5MzmoHV5JzaNe4ROlhaaE8n8q/uc09CmxmpYnICnA6T dKMg5DQW6r08sDR3dYJFMubrxmgS+Gk= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-56-YhBPAwE0PyikhJ33stj0TA-1; Fri, 27 Nov 2020 11:45:57 -0500 X-MC-Unique: YhBPAwE0PyikhJ33stj0TA-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 8EF388049C3; Fri, 27 Nov 2020 16:45:56 +0000 (UTC) Received: from warthog.procyon.org.uk (ovpn-112-159.rdu2.redhat.com [10.10.112.159]) by smtp.corp.redhat.com (Postfix) with ESMTP id 859989CA0; Fri, 27 Nov 2020 16:45:55 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 Subject: [PATCH 4/9] security/keys: use kvfree_sensitive() From: David Howells To: Jarkko Sakkinen Cc: Denis Efremov , dhowells@redhat.com, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org Date: Fri, 27 Nov 2020 16:45:54 +0000 Message-ID: <160649555474.2744658.8529054739735872592.stgit@warthog.procyon.org.uk> In-Reply-To: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> References: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> User-Agent: StGit/0.23 MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Denis Efremov Use kvfree_sensitive() instead of open-coding it. Signed-off-by: Denis Efremov Signed-off-by: David Howells Reviewed-by: Jarkko Sakkinen --- security/keys/big_key.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/security/keys/big_key.c b/security/keys/big_key.c index 691347dea3c1..d17e5f09eeb8 100644 --- a/security/keys/big_key.c +++ b/security/keys/big_key.c @@ -121,8 +121,7 @@ int big_key_preparse(struct key_preparsed_payload *prep) *path = file->f_path; path_get(path); fput(file); - memzero_explicit(buf, enclen); - kvfree(buf); + kvfree_sensitive(buf, enclen); } else { /* Just store the data in a buffer */ void *data = kmalloc(datalen, GFP_KERNEL); @@ -140,8 +139,7 @@ int big_key_preparse(struct key_preparsed_payload *prep) err_enckey: kfree_sensitive(enckey); error: - memzero_explicit(buf, enclen); - kvfree(buf); + kvfree_sensitive(buf, enclen); return ret; } @@ -273,8 +271,7 @@ long big_key_read(const struct key *key, char *buffer, size_t buflen) err_fput: fput(file); error: - memzero_explicit(buf, enclen); - kvfree(buf); + kvfree_sensitive(buf, enclen); } else { ret = datalen; memcpy(buffer, key->payload.data[big_key_data], datalen); From patchwork Fri Nov 27 16:46:01 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 11936681 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 2409217CF for ; Fri, 27 Nov 2020 16:46:21 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0A9B620674 for ; Fri, 27 Nov 2020 16:46:21 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="NGbrhxbQ" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731905AbgK0QqL (ORCPT ); Fri, 27 Nov 2020 11:46:11 -0500 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:48238 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731893AbgK0QqL (ORCPT ); Fri, 27 Nov 2020 11:46:11 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1606495569; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=2hCEY4/SQPzDg3IIM7GlZ/Meflenf1/Y7AL3ZB5FbPk=; b=NGbrhxbQGZX7qgqivG90PagwPBoB9uRlvIMMdFMnY4uiz1B9A0GfOO4/6bp63S4SdV34cf bPQ4K/HuwiDfW2LYhGYUtuJqcvtKpo1yYhiK89S/1uGdns8F7xVBUM/lWWLlXfufhi81aX BHyGDpkGijbOa/toeBcZUbiOzOdOzqU= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-89-rbL1CJCzMbmWEYoHhNLmiA-1; Fri, 27 Nov 2020 11:46:05 -0500 X-MC-Unique: rbL1CJCzMbmWEYoHhNLmiA-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 00C658049CC; Fri, 27 Nov 2020 16:46:04 +0000 (UTC) Received: from warthog.procyon.org.uk (ovpn-112-159.rdu2.redhat.com [10.10.112.159]) by smtp.corp.redhat.com (Postfix) with ESMTP id 923565C1C2; Fri, 27 Nov 2020 16:46:02 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 Subject: [PATCH 5/9] KEYS: asymmetric: Fix kerneldoc From: David Howells To: Jarkko Sakkinen Cc: Krzysztof Kozlowski , Randy Dunlap , Ben Boeckel , Jarkko Sakkinen , dhowells@redhat.com, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org Date: Fri, 27 Nov 2020 16:46:01 +0000 Message-ID: <160649556179.2744658.5657111975428542349.stgit@warthog.procyon.org.uk> In-Reply-To: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> References: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> User-Agent: StGit/0.23 MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Krzysztof Kozlowski Fix W=1 compile warnings (invalid kerneldoc): crypto/asymmetric_keys/asymmetric_type.c:160: warning: Function parameter or member 'kid1' not described in 'asymmetric_key_id_same' crypto/asymmetric_keys/asymmetric_type.c:160: warning: Function parameter or member 'kid2' not described in 'asymmetric_key_id_same' crypto/asymmetric_keys/asymmetric_type.c:160: warning: Excess function parameter 'kid_1' description in 'asymmetric_key_id_same' crypto/asymmetric_keys/asymmetric_type.c:160: warning: Excess function parameter 'kid_2' description in 'asymmetric_key_id_same' Signed-off-by: Krzysztof Kozlowski Signed-off-by: David Howells Acked-by: Randy Dunlap Reviewed-by: Ben Boeckel Reviewed-by: Jarkko Sakkinen --- crypto/asymmetric_keys/asymmetric_type.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/crypto/asymmetric_keys/asymmetric_type.c b/crypto/asymmetric_keys/asymmetric_type.c index 33e77d846caa..ad8af3d70ac0 100644 --- a/crypto/asymmetric_keys/asymmetric_type.c +++ b/crypto/asymmetric_keys/asymmetric_type.c @@ -152,7 +152,8 @@ EXPORT_SYMBOL_GPL(asymmetric_key_generate_id); /** * asymmetric_key_id_same - Return true if two asymmetric keys IDs are the same. - * @kid_1, @kid_2: The key IDs to compare + * @kid1: The key ID to compare + * @kid2: The key ID to compare */ bool asymmetric_key_id_same(const struct asymmetric_key_id *kid1, const struct asymmetric_key_id *kid2) @@ -168,7 +169,8 @@ EXPORT_SYMBOL_GPL(asymmetric_key_id_same); /** * asymmetric_key_id_partial - Return true if two asymmetric keys IDs * partially match - * @kid_1, @kid_2: The key IDs to compare + * @kid1: The key ID to compare + * @kid2: The key ID to compare */ bool asymmetric_key_id_partial(const struct asymmetric_key_id *kid1, const struct asymmetric_key_id *kid2) From patchwork Fri Nov 27 16:46:09 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 11936683 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4815D1746 for ; Fri, 27 Nov 2020 16:46:21 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2BED720674 for ; Fri, 27 Nov 2020 16:46:21 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="BP4rYSWC" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732323AbgK0QqT (ORCPT ); Fri, 27 Nov 2020 11:46:19 -0500 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:27653 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731803AbgK0QqT (ORCPT ); Fri, 27 Nov 2020 11:46:19 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1606495577; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/mvd3i8Iisj3of36p/MCFCEO3iZ3VRAoJPd3yylzh6w=; b=BP4rYSWCCHqNHcoT6Yc1+9ZFGwv8NI8807AhFrIeXLD9hscL9qiJET5eE30XPtZcOfQdkM NW+VDZZO+m23F54OYEOS+NogxTd5IXWTgpCEI1XcJZahlBXKtA5a//NzxdIjU2d0GWbcX+ ExwfqgifbX+tUdP8hQvzl50LebfEgYc= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-224-tMlGuxYsMbW12dS3_fjLnQ-1; Fri, 27 Nov 2020 11:46:13 -0500 X-MC-Unique: tMlGuxYsMbW12dS3_fjLnQ-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 91472107ACF7; Fri, 27 Nov 2020 16:46:11 +0000 (UTC) Received: from warthog.procyon.org.uk (ovpn-112-159.rdu2.redhat.com [10.10.112.159]) by smtp.corp.redhat.com (Postfix) with ESMTP id 061F460BF1; Fri, 27 Nov 2020 16:46:09 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 Subject: [PATCH 6/9] security: keys: delete repeated words in comments From: David Howells To: Jarkko Sakkinen Cc: Randy Dunlap , keyrings@vger.kernel.org, James Morris , "Serge E. Hallyn" , linux-security-module@vger.kernel.org, dhowells@redhat.com, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org Date: Fri, 27 Nov 2020 16:46:09 +0000 Message-ID: <160649556922.2744658.10487958329960976523.stgit@warthog.procyon.org.uk> In-Reply-To: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> References: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> User-Agent: StGit/0.23 MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Randy Dunlap Drop repeated words in comments. {to, will, the} Signed-off-by: Randy Dunlap Signed-off-by: David Howells Reviewed-by: Jarkko Sakkinen Cc: keyrings@vger.kernel.org Cc: James Morris Cc: "Serge E. Hallyn" Cc: linux-security-module@vger.kernel.org --- security/keys/keyctl.c | 2 +- security/keys/keyring.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index 61a614c21b9b..96a92a645216 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c @@ -506,7 +506,7 @@ long keyctl_keyring_clear(key_serial_t ringid) * keyring, otherwise replace the link to the matching key with a link to the * new key. * - * The key must grant the caller Link permission and the the keyring must grant + * The key must grant the caller Link permission and the keyring must grant * the caller Write permission. Furthermore, if an additional link is created, * the keyring's quota will be extended. * diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 977066208387..5e6a90760753 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -881,7 +881,7 @@ static bool search_nested_keyrings(struct key *keyring, * * Keys are matched to the type provided and are then filtered by the match * function, which is given the description to use in any way it sees fit. The - * match function may use any attributes of a key that it wishes to to + * match function may use any attributes of a key that it wishes to * determine the match. Normally the match function from the key type would be * used. * @@ -1204,7 +1204,7 @@ static int keyring_detect_cycle_iterator(const void *object, } /* - * See if a cycle will will be created by inserting acyclic tree B in acyclic + * See if a cycle will be created by inserting acyclic tree B in acyclic * tree A at the topmost level (ie: as a direct child of A). * * Since we are adding B to A at the top level, checking for cycles should just From patchwork Fri Nov 27 16:46:16 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 11936727 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 625A915E6 for ; Fri, 27 Nov 2020 16:46:39 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 46F67221EB for ; Fri, 27 Nov 2020 16:46:39 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="I96eT258" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731975AbgK0QqX (ORCPT ); Fri, 27 Nov 2020 11:46:23 -0500 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:32437 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731438AbgK0QqX (ORCPT ); Fri, 27 Nov 2020 11:46:23 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1606495582; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=zGZTiwKPbzuNxYRc0EhfYab3vSDv6XVztRD7Rd/Qdu8=; b=I96eT258QX4vXb75WpJrkIXgHnK/EOV0czyHp/Z3EZvutjR4Y1JSQaatDOgJrJIcCpAFkW KtVW1pHzk5H9b/R/TiI7TSK7AtFPvRkCWOpgGDWQ3HXeSsyt53H5XQxRIAILmCbskpxYYq aNZgyYFVl34DRVr88snNZ5pBBz4U/M8= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-262-K9r7XvQOPMWUAzziIVS4dA-1; Fri, 27 Nov 2020 11:46:19 -0500 X-MC-Unique: K9r7XvQOPMWUAzziIVS4dA-1 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A62943FD0; Fri, 27 Nov 2020 16:46:18 +0000 (UTC) Received: from warthog.procyon.org.uk (ovpn-112-159.rdu2.redhat.com [10.10.112.159]) by smtp.corp.redhat.com (Postfix) with ESMTP id A442B5D6D1; Fri, 27 Nov 2020 16:46:17 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 Subject: [PATCH 7/9] KEYS: remove redundant memset From: David Howells To: Jarkko Sakkinen Cc: Tom Rix , dhowells@redhat.com, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org Date: Fri, 27 Nov 2020 16:46:16 +0000 Message-ID: <160649557681.2744658.2307630527176652528.stgit@warthog.procyon.org.uk> In-Reply-To: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> References: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> User-Agent: StGit/0.23 MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Tom Rix Reviewing use of memset in keyctrl_pkey.c keyctl_pkey_params_get prologue code to set params up memset(params, 0, sizeof(*params)); params->encoding = "raw"; keyctl_pkey_query has the same prologue and calls keyctl_pkey_params_get. So remove the prologue. Signed-off-by: Tom Rix Signed-off-by: David Howells --- security/keys/keyctl_pkey.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/security/keys/keyctl_pkey.c b/security/keys/keyctl_pkey.c index 931d8dfb4a7f..5de0d599a274 100644 --- a/security/keys/keyctl_pkey.c +++ b/security/keys/keyctl_pkey.c @@ -166,8 +166,6 @@ long keyctl_pkey_query(key_serial_t id, struct kernel_pkey_query res; long ret; - memset(¶ms, 0, sizeof(params)); - ret = keyctl_pkey_params_get(id, _info, ¶ms); if (ret < 0) goto error; From patchwork Fri Nov 27 16:46:23 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 11936729 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 918B6697 for ; Fri, 27 Nov 2020 16:46:39 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6D9FF20674 for ; Fri, 27 Nov 2020 16:46:39 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="DxTaEryN" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731813AbgK0Qqa (ORCPT ); Fri, 27 Nov 2020 11:46:30 -0500 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:46881 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731803AbgK0Qqa (ORCPT ); Fri, 27 Nov 2020 11:46:30 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1606495589; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=aHzSkHSzjoS+gFz+yV6eFCrIuBgpftRSDaDJB/PyNOc=; b=DxTaEryNZqlAUkD5SmXr0GpGJuG0eD8rqzpPbzFDlxezsTri2uxDKWqoANIVSrA0dplWCr jtq9upw8P0O+JSVuo8whRESMoAyAlfcL7JeeibRuWsJsJdFsnDvkBGgWibjw6w1bVmNqZM tis7iF102sGme3maE6q7AK5PlsU2cUU= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-438-8Kax5rUkP7uqKzhcCSVRvg-1; Fri, 27 Nov 2020 11:46:26 -0500 X-MC-Unique: 8Kax5rUkP7uqKzhcCSVRvg-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C0D6E107ACF9; Fri, 27 Nov 2020 16:46:25 +0000 (UTC) Received: from warthog.procyon.org.uk (ovpn-112-159.rdu2.redhat.com [10.10.112.159]) by smtp.corp.redhat.com (Postfix) with ESMTP id C07E89CA0; Fri, 27 Nov 2020 16:46:24 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 Subject: [PATCH 8/9] crypto: asymmetric_keys: fix some comments in pkcs7_parser.h From: David Howells To: Jarkko Sakkinen Cc: Randy Dunlap , keyrings@vger.kernel.org, dhowells@redhat.com, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org Date: Fri, 27 Nov 2020 16:46:23 +0000 Message-ID: <160649558391.2744658.6652084516839724811.stgit@warthog.procyon.org.uk> In-Reply-To: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> References: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> User-Agent: StGit/0.23 MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Randy Dunlap Drop the doubled word "the" in a comment. Change "THis" to "This". Signed-off-by: Randy Dunlap Signed-off-by: David Howells Cc: keyrings@vger.kernel.org --- crypto/asymmetric_keys/pkcs7_parser.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/crypto/asymmetric_keys/pkcs7_parser.h b/crypto/asymmetric_keys/pkcs7_parser.h index 6565fdc2d4ca..e17f7ce4fb43 100644 --- a/crypto/asymmetric_keys/pkcs7_parser.h +++ b/crypto/asymmetric_keys/pkcs7_parser.h @@ -41,10 +41,9 @@ struct pkcs7_signed_info { * * This contains the generated digest of _either_ the Content Data or * the Authenticated Attributes [RFC2315 9.3]. If the latter, one of - * the attributes contains the digest of the the Content Data within - * it. + * the attributes contains the digest of the Content Data within it. * - * THis also contains the issuing cert serial number and issuer's name + * This also contains the issuing cert serial number and issuer's name * [PKCS#7 or CMS ver 1] or issuing cert's SKID [CMS ver 3]. */ struct public_key_signature *sig; From patchwork Fri Nov 27 16:46:31 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Howells X-Patchwork-Id: 11936803 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E2D16697 for ; Fri, 27 Nov 2020 16:47:12 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C5FC820674 for ; Fri, 27 Nov 2020 16:47:12 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="fTnCDqSO" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732340AbgK0Qqo (ORCPT ); Fri, 27 Nov 2020 11:46:44 -0500 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:24111 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731759AbgK0Qqn (ORCPT ); Fri, 27 Nov 2020 11:46:43 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1606495602; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=I2OeoEaPoabGaS5Q60oqAdJsgF7TInIBkil2seWc1YY=; b=fTnCDqSO3IWRwvxE/3NyrYLHMn/3wuonm8cRMrXdVP9EYaHYZnqKf1aTbGFBlMeC22iGRR jQiuvd6xRKDT20QiZ38DEZc4COz1U41QLQT+cKfpZwPnK+DVPswu13SAQBQ8CNvyhRw5Pb NFkjqpZRGCR8wZHnsB/ZOq/EPOEEXUU= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-60-5Q1et9hdPJuBT-CaDemeag-1; Fri, 27 Nov 2020 11:46:34 -0500 X-MC-Unique: 5Q1et9hdPJuBT-CaDemeag-1 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7DDF63FD1; Fri, 27 Nov 2020 16:46:33 +0000 (UTC) Received: from warthog.procyon.org.uk (ovpn-112-159.rdu2.redhat.com [10.10.112.159]) by smtp.corp.redhat.com (Postfix) with ESMTP id CDCBB19C46; Fri, 27 Nov 2020 16:46:31 +0000 (UTC) Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 Subject: [PATCH 9/9] encrypted-keys: Replace HTTP links with HTTPS ones From: David Howells To: Jarkko Sakkinen Cc: "Alexander A. Klimov" , dhowells@redhat.com, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org Date: Fri, 27 Nov 2020 16:46:31 +0000 Message-ID: <160649559102.2744658.13451906301787711704.stgit@warthog.procyon.org.uk> In-Reply-To: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> References: <160649552401.2744658.15096366594785577090.stgit@warthog.procyon.org.uk> User-Agent: StGit/0.23 MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Alexander A. Klimov Rationale: Reduces attack surface on kernel devs opening the links for MITM as HTTPS traffic is much harder to manipulate. Deterministic algorithm: For each file: If not .svg: For each line: If doesn't contain `\bxmlns\b`: For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`: If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`: If both the HTTP and HTTPS versions return 200 OK and serve the same content: Replace HTTP with HTTPS. Signed-off-by: Alexander A. Klimov Signed-off-by: David Howells --- include/keys/encrypted-type.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/keys/encrypted-type.h b/include/keys/encrypted-type.h index 38afb341c3f2..abfcbe02001a 100644 --- a/include/keys/encrypted-type.h +++ b/include/keys/encrypted-type.h @@ -2,7 +2,7 @@ /* * Copyright (C) 2010 IBM Corporation * Copyright (C) 2010 Politecnico di Torino, Italy - * TORSEC group -- http://security.polito.it + * TORSEC group -- https://security.polito.it * * Authors: * Mimi Zohar