git.monstr.eu Git - linux-2.6-microblaze.git/commit

author	Thiago Jung Bauermann <bauerman@linux.ibm.com>
	Thu, 4 Jul 2019 18:57:34 +0000 (15:57 -0300)
committer	Mimi Zohar <zohar@linux.ibm.com>
	Mon, 5 Aug 2019 22:39:56 +0000 (18:39 -0400)
commit	c8424e776b093280d3fdd104d850706b3b229ac8
tree	3f14381fe576439fa1fa94736b67d1015c40752d	tree \| snapshot
parent	b36f281f4a314de4be0a51d6511b794691f8a244	commit \| diff

MODSIGN: Export module signature definitions

IMA will use the module_signature format for append signatures, so export
the relevant definitions and factor out the code which verifies that the
appended signature trailer is valid.

Also, create a CONFIG_MODULE_SIG_FORMAT option so that IMA can select it
and be able to use mod_check_sig() without having to depend on either
CONFIG_MODULE_SIG or CONFIG_MODULES.

s390 duplicated the definition of struct module_signature so now they can
use the new <linux/module_signature.h> header instead.

Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Acked-by: Jessica Yu <jeyu@kernel.org>
Reviewed-by: Philipp Rudo <prudo@linux.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

arch/s390/Kconfig		diff \| blob \| history
arch/s390/kernel/machine_kexec_file.c		diff \| blob \| history
include/linux/module.h		diff \| blob \| history
include/linux/module_signature.h	[new file with mode: 0644]	blob
init/Kconfig		diff \| blob \| history
kernel/Makefile		diff \| blob \| history
kernel/module.c		diff \| blob \| history
kernel/module_signature.c	[new file with mode: 0644]	blob
kernel/module_signing.c		diff \| blob \| history
scripts/Makefile		diff \| blob \| history