review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Eric Snowberg <eric.snowberg@oracle.com>
	Mon, 22 May 2023 23:09:42 +0000 (19:09 -0400)
committer	Jarkko Sakkinen <jarkko@kernel.org>
	Thu, 17 Aug 2023 20:12:20 +0000 (20:12 +0000)
commit	4cfb908054456ad8b6b8cd5108bbdf80faade8cd
tree	bd4046f55cb525db633927638a605ce51e813606	tree \| snapshot
parent	bff24699b94a34c5fcb8d3283794e7d39adb092c	commit \| diff

KEYS: DigitalSignature link restriction

Add a new link restriction. Restrict the addition of keys in a keyring
based on the key having digitalSignature usage set. Additionally, verify
the new certificate against the ones in the system keyrings. Add two
additional functions to use the new restriction within either the builtin
or secondary keyrings.

[jarkko@kernel.org: Fix checkpatch.pl --strict issues]
Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-and-tested-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>

certs/system_keyring.c		diff \| blob \| history
crypto/asymmetric_keys/restrict.c		diff \| blob \| history
include/crypto/public_key.h		diff \| blob \| history
include/keys/system_keyring.h		diff \| blob \| history