linux/security/keys/encrypted-keys, branch v3.4.22

encrypted-keys: fix rcu and sparse messages

2012-01-17T23:41:30Z

Enabling CONFIG_PROVE_RCU and CONFIG_SPARSE_RCU_POINTER resulted in "suspicious rcu_dereference_check() usage!" and "incompatible types in comparison expression (different address spaces)" messages. Access the masterkey directly when holding the rwsem. Changelog v1: - Use either rcu_read_lock()/rcu_derefence_key()/rcu_read_unlock() or remove the unnecessary rcu_derefence() - David Howells Reported-by: Dmitry Kasatkin Signed-off-by: Mimi Zohar Signed-off-by: David Howells Signed-off-by: James Morris

keys: fix trusted/encrypted keys sparse rcu_assign_pointer messages

2012-01-17T23:41:29Z

Define rcu_assign_keypointer(), which uses the key payload.rcudata instead of payload.data, to resolve the CONFIG_SPARSE_RCU_POINTER message: "incompatible types in comparison expression (different address spaces)" Replace the rcu_assign_pointer() calls in encrypted/trusted keys with rcu_assign_keypointer(). Signed-off-by: Mimi Zohar Signed-off-by: David Howells Signed-off-by: James Morris

encrypted-keys: module build fixes

2011-11-16T19:23:14Z

Encrypted keys are encrypted/decrypted using either a trusted or user-defined key type, which is referred to as the 'master' key. The master key may be of type trusted iff the trusted key is builtin or both the trusted key and encrypted keys are built as modules. This patch resolves the build dependency problem. - Use "masterkey-$(CONFIG_TRUSTED_KEYS)-$(CONFIG_ENCRYPTED_KEYS)" construct to encapsulate the above logic. (Suggested by Dimtry Kasatkin.) - Fixing the encrypted-keys Makefile, results in a module name change from encrypted.ko to encrypted-keys.ko. - Add module dependency for request_trusted_key() definition Signed-off-by: Mimi Zohar

encrypted-keys: fix error return code

2011-11-16T19:23:13Z

Fix request_master_key() error return code. Signed-off-by: Mimi Zohar

security: follow rename pack_hex_byte() to hex_byte_pack()

2011-11-01T00:30:56Z

There is no functional change. Signed-off-by: Andy Shevchenko Cc: Mimi Zohar Cc: James Morris Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

encrypted-keys: check hex2bin result

2011-09-21T03:26:44Z

For each hex2bin call in encrypted keys, check that the ascii hex string is valid. On failure, return -EINVAL. Changelog v1: - hex2bin now returns an int Signed-off-by: Mimi Zohar Acked-by: Andy Shevchenko

encrypted-keys: IS_ERR need include/err.h

2011-09-15T21:37:24Z

Fixes this build error: security/keys/encrypted-keys/masterkey_trusted.c: In function 'request_trusted_key': security/keys/encrypted-keys/masterkey_trusted.c:35:2: error: implicit declaration of function 'IS_ERR' Signed-off-by: Stephen Rothwell Signed-off-by: Mimi Zohar

encrypted-keys: remove trusted-keys dependency

2011-09-14T19:23:49Z

Encrypted keys are decrypted/encrypted using either a trusted-key or, for those systems without a TPM, a user-defined key. This patch removes the trusted-keys and TCG_TPM dependencies. Signed-off-by: Mimi Zohar

encrypted-keys: create encrypted-keys directory

2011-09-14T19:22:26Z

Move all files associated with encrypted keys to keys/encrypted-keys. Signed-off-by: Mimi Zohar