Gitiles
Code Review Sign In
android-review.linaro.org / kernel / hikey-linaro / acddc72015e5bc8f640b02d38b36afd7841c9c14
commitacddc72015e5bc8f640b02d38b36afd7841c9c14[log] [tgz]
authorMat Martineau <mathew.j.martineau@linux.intel.com>Mon Jul 18 00:10:55 2016 +0100
committerJames Morris <james.l.morris@oracle.com>Mon Jul 18 12:19:47 2016 +1000
tree1be27dee2805638585dd161d1f402136341c6f85
parentd128471a14775cd11abd81c09b2a086997ab3150 [diff]
KEYS: Fix for erroneous trust of incorrectly signed X.509 certs

Arbitrary X.509 certificates without authority key identifiers (AKIs)
can be added to "trusted" keyrings, including IMA or EVM certs loaded
from the filesystem. Signature verification is currently bypassed for
certs without AKIs.

Trusted keys were recently refactored, and this bug is not present in
4.6.

restrict_link_by_signature should return -ENOKEY (no matching parent
certificate found) if the certificate being evaluated has no AKIs,
instead of bypassing signature checks and returning 0 (new certificate
accepted).

Reported-by: Petko Manolov <petkan@mip-labs.com>
Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
1 file changed
tree: 1be27dee2805638585dd161d1f402136341c6f85
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .get_maintainer.ignore
  24. .gitignore
  25. .mailmap
  26. COPYING
  27. CREDITS
  28. Kbuild
  29. Kconfig
  30. MAINTAINERS
  31. Makefile
  32. README
  33. REPORTING-BUGS