git.osdn.net Git - tomoyo/tomoyo-test1.git/commit

author	Jaskaran Khurana <jaskarankhurana@linux.microsoft.com>
	Thu, 18 Jul 2019 00:46:15 +0000 (17:46 -0700)
committer	Mike Snitzer <snitzer@redhat.com>
	Fri, 23 Aug 2019 14:13:14 +0000 (10:13 -0400)
commit	88cd3e6cfac915f50f7aa7b699bdf053afec866e
tree	a7fe35abcd39a0f98375d77a0a8e43d2bec60092	tree \| snapshot
parent	39d13a1ac41dc8254f484fcd21af7ff05e316fad	commit \| diff

dm verity: add root hash pkcs#7 signature verification

The verification is to support cases where the root hash is not secured
by Trusted Boot, UEFI Secureboot or similar technologies.

One of the use cases for this is for dm-verity volumes mounted after
boot, the root hash provided during the creation of the dm-verity volume
has to be secure and thus in-kernel validation implemented here will be
used before we trust the root hash and allow the block device to be
created.

The signature being provided for verification must verify the root hash
and must be trusted by the builtin keyring for verification to succeed.

The hash is added as a key of type "user" and the description is passed
to the kernel so it can look it up and use it for verification.

Adds CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG which can be turned on if root
hash verification is needed.

Kernel commandline dm_verity module parameter 'require_signatures' will
indicate whether to force root hash signature verification (for all dm
verity volumes).

Signed-off-by: Jaskaran Khurana <jaskarankhurana@linux.microsoft.com>
Tested-and-Reviewed-by: Milan Broz <gmazyland@gmail.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>

Documentation/admin-guide/device-mapper/verity.rst		diff \| blob \| history
drivers/md/Kconfig		diff \| blob \| history
drivers/md/Makefile		diff \| blob \| history
drivers/md/dm-verity-target.c		diff \| blob \| history
drivers/md/dm-verity-verify-sig.c	[new file with mode: 0644]	blob
drivers/md/dm-verity-verify-sig.h	[new file with mode: 0644]	blob
drivers/md/dm-verity.h		diff \| blob \| history