apfs/linux-apfs
0
0
Fork 0
mirror of https://github.com/linux-apfs/linux-apfs.git synced 2026-05-01 15:00:59 -07:00
Code Issues Packages Projects Releases Wiki Activity

MODSIGN: Extract the blob PKCS#7 signature verifier from module signing

Browse Source 
Extract the function that drives the PKCS#7 signature verification given a
data blob and a PKCS#7 blob out from the module signing code and lump it with
the system keyring code as it's generic.  This makes it independent of module
config options and opens it to use by the firmware loader.

Signed-off-by: David Howells <dhowells@redhat.com>
Cc: Luis R. Rodriguez <mcgrof@suse.com>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Ming Lei <ming.lei@canonical.com>
Cc: Seth Forshee <seth.forshee@canonical.com>
Cc: Kyle McMartin <kyle@kernel.org>
This commit is contained in:
David Howells
2015-07-20 21:16:28 +01:00
parent 1c39449921
commit 091f6e26eb
4 changed files with 75 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files
include/keys/system_keyring.h
+5
View File
@@ -28,4 +28,9 @@ static inline struct key *get_system_trusted_keyring(void)
}
#endif
#ifdef CONFIG_SYSTEM_DATA_VERIFICATION
extern int system_verify_data(const void *data, unsigned long len,
const void *raw_pkcs7, size_t pkcs7_len);
#endif
#endif /* _KEYS_SYSTEM_KEYRING_H */