On 08/22/2013 02:43 PM, Chen Gang wrote:
> Share code between CPU_ONLINE and CPU_DOWN_FAILED, same to
> CPU_DOWN_PREPARE and CPU_UP_CANCELED.
>
> It will fix 2 bugs:
>
> "not check the return value of __padata_remove_cpu() and
> __padata_add_cpu()".
> "need add 'break' between CPU_UP_CANCELE
Implement Octet String to Integer conversion [RFC3447 sec 4.2] in rsa.c. It's
the second step of signature generation operation.
This patch is temporary set non-RSASP1 message to pks->S for debugging.
Reviewed-by: Jiri Kosina
Signed-off-by: Lee, Chun-Yi
---
crypto/asymmetric_keys/rsa.c | 29
Hi experts,
This patchset is the implementation for signature verification of hibernate
snapshot image. The origin idea is from Jiri Kosina: Let EFI bootloader
generate key-pair in UEFI secure boot environment, then pass it to kernel
for sign/verify S4 image.
Due to there have potential threat fr
Implement EMSA_PKCS1-v1_5-ENCODE [RFC3447 sec 9.2] in rsa.c. It's the
first step of signature generation operation (RSASSA-PKCS1-v1_5-SIGN).
This patch is temporary set emLen to pks->k, and temporary set EM to
pks->S for debugging. We will replace the above values to real signature
after implement
Add generate_signature interface on signature.c, asymmetric-subtype and
rsa.c for prepare to implement signature generation.
Reviewed-by: Jiri Kosina
Signed-off-by: Lee, Chun-Yi
---
crypto/asymmetric_keys/private_key.h | 29 +
crypto/asymmetric_keys/public_key.c |
Implement RSASP1 and fill-in the following data to public key signature
structure: signature length (pkcs->k), signature octet
strings (pks->S) and MPI of signature (pks->rsa.s).
Reviewed-by: Jiri Kosina
Signed-off-by: Lee, Chun-Yi
---
crypto/asymmetric_keys/rsa.c | 47 +++
Add ASN.1 files and parser to support parsing PKCS #8 noncompressed private
key information. It's better than direct parsing pure private key because
PKCS #8 has a privateKeyAlgorithm to indicate the algorithm of private
key, e.g. RSA from PKCS #1
Reviewed-by: Jiri Kosina
Signed-off-by: Lee, Chun
From: Matthew Garrett
Secure boot adds certain policy requirements, including that root must not
be able to do anything that could cause the kernel to execute arbitrary code.
The simplest way to handle this would seem to be to add a new capability
and gate various functionality on that. We'll the
Per PKCS1 spec, the EMSA-PKCS1-v1_5 encoded message is leading by 0x00 0x01 in
its first 2 bytes. The leading zero byte is suppressed by MPI so we pass a
pointer to the _preceding_ byte to RSA_verify() in original code, but it has
risk for the byte is not zero because it's not in EM buffer's scope,
From: Josh Boyer
This forcibly drops CAP_COMPROMISE_KERNEL from both cap_permitted and cap_bset
in the init_cred struct, which everything else inherits from. This works on
any machine and can be used to develop even if the box doesn't have UEFI.
Signed-off-by: Josh Boyer
Acked-by: Lee, Chun-Yi
From: Matthew Garrett
The firmware has a set of flags that indicate whether secure boot is enabled
and enforcing. Use them to indicate whether the kernel should lock itself
down. We also indicate the machine is in secure boot mode by adding the
EFI_SECURE_BOOT bit for use with efi_enabled.
Sign
Introduced a hibernate_key.c file to query the key pair from EFI variables
and maintain key pair for check signature of S4 snapshot image. We
loaded the private key when snapshot image stored success.
This patch introduced 2 EFI variables for store the key to sign S4 image and
verify signature whe
Show the verification time for monitor the performance of SHA256 and RSA
verification.
Reviewed-by: Jiri Kosina
Signed-off-by: Lee, Chun-Yi
---
kernel/power/snapshot.c |7 +++
1 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/kernel/power/snapshot.c b/kernel/power/snapshot.
In current solution, the snapshot signature check used the RSA key-pair
that are generated by bootloader(e.g. shim) and pass the key-pair to
kernel through EFI variables. I choice to binding the snapshot
signature check mechanism with UEFI secure boot for provide stronger
protection of hibernate. C
This patch applied SNAPSHOT_VERIFICATION kernel config for switching
signature check of hibernate snapshot image.
Reviewed-by: Jiri Kosina
Signed-off-by: Lee, Chun-Yi
---
kernel/power/snapshot.c | 19 +++
kernel/power/swap.c | 30 +++---
kernel/po
This patch add the code for generate/verify signature of snapshot, it
put the signature to snapshot header. This approach can support both
on userspace hibernate and in-kernel hibernate.
v2:
- Due to loaded S4 sign key before ExitBootServices, we need forward key from
boot kernel to resume targe
This patch add swsusp_page_is_sign_key() method to hibernate_key.c and
check the page is S4 sign key data when collect saveable page in
snapshot.c to avoid sign key data included in snapshot image.
Reviewed-by: Jiri Kosina
Signed-off-by: Lee, Chun-Yi
---
kernel/power/snapshot.c |6 ++
1
This patch introduced SNAPSHOT_REGEN_KEYS kernel config, enable this
option let kernel notify booloader (e.g. shim) to regenerate key-pair of
snapshot verification for each hibernate.
Kernel loaded S4 sign key in efi stub, so the private key forward from
efi bootloader to kernel in UEFI secure env
This patch introduced SNAPSHOT_SIG_HASH config for user to select which
hash algorithm will be used during signature generation of snapshot.
v2:
Add define check of oCONFIG_SNAPSHOT_VERIFICATION in snapshot.c before
declare pkey_hash().
Reviewed-by: Jiri Kosina
Signed-off-by: Lee, Chun-Yi
---
Due to RSA_I2OSP is not only used by signature verification path but also used
in signature generation path. So, separate the length checking of octet string
because it's not for generate 0x00 0x01 leading string when used in signature
generation.
Reviewed-by: Jiri Kosina
Signed-off-by: Lee, Chun
Add generate_signature interface on signature.c, asymmetric-subtype and
rsa.c for prepare to implement signature generation.
Reviewed-by: Jiri Kosina
Signed-off-by: Lee, Chun-Yi
---
crypto/asymmetric_keys/private_key.h | 29 +
crypto/asymmetric_keys/public_key.c |
Hi experts,
This patchset is the implementation for signature verification of hibernate
snapshot image. The origin idea is from Jiri Kosina: Let EFI bootloader
generate key-pair in UEFI secure boot environment, then pass it to kernel
for sign/verify S4 image.
Due to there have potential threat fr
Share code between CPU_ONLINE and CPU_DOWN_FAILED, same to
CPU_DOWN_PREPARE and CPU_UP_CANCELED.
It will fix 2 bugs:
"not check the return value of __padata_remove_cpu() and __padata_add_cpu()".
"need add 'break' between CPU_UP_CANCELED and CPU_DOWN_FAILED".
Signed-off-by: Chen Gang
---
k
On 08/22/2013 02:05 PM, Steffen Klassert wrote:
> On Thu, Aug 22, 2013 at 01:27:16PM +0800, Chen Gang wrote:
>> On 08/22/2013 01:11 PM, Steffen Klassert wrote:
>>> On Tue, Aug 20, 2013 at 11:44:31AM +0800, Chen Gang wrote:
If this patch is correct, better to let CPU_ONLINE and CPU_DOWN_FA
24 matches
Mail list logo
