Hello everyone, On 22.07.21 11:17, Ahmad Fatoum wrote: > While keys of differing type have a common struct key definition, there is > no common scheme to the payload and key material extraction differs. > > For kernel functionality that supports different key types, > this means duplicated code for key material extraction and because key type > is discriminated by a pointer to a global, users need to replicate > reachability checks as well, so builtin code doesn't depend on a key > type symbol offered by a module. > > Make this easier by adding a common helper with initial support for > user, logon, encrypted and trusted keys. > > This series contains two example of its use: dm-crypt uses it to reduce > boilerplate and ubifs authentication uses it to gain support for trusted > and encrypted keys alongside the already supported logon keys. > > Looking forward to your feedback,
@Mike, Aliasdair: Do you think of key_extract_material as an improvement? Does someone share the opinion that the helper is useful or should I drop it and just send out the ubifs auth patch seperately? Cheers, Ahmad > Ahmad > > --- > To: David Howells <dhowe...@redhat.com> > To: Jarkko Sakkinen <jar...@kernel.org> > To: James Morris <jmor...@namei.org> > To: "Serge E. Hallyn" <se...@hallyn.com> > To: Alasdair Kergon <a...@redhat.com> > To: Mike Snitzer <snit...@redhat.com> > To: dm-devel@redhat.com > To: Song Liu <s...@kernel.org> > To: Richard Weinberger <rich...@nod.at> > Cc: linux-ker...@vger.kernel.org > Cc: linux-r...@vger.kernel.org > Cc: linux-integr...@vger.kernel.org > Cc: keyri...@vger.kernel.org > Cc: linux-...@lists.infradead.org > Cc: linux-security-mod...@vger.kernel.org > > Ahmad Fatoum (4): > keys: introduce key_extract_material helper > dm: crypt: use new key_extract_material helper > ubifs: auth: remove never hit key type error check > ubifs: auth: consult encrypted and trusted keys if no logon key was found > > Documentation/filesystems/ubifs.rst | 2 +- > drivers/md/dm-crypt.c | 65 ++++-------------------------- > fs/ubifs/auth.c | 25 +++++------- > include/linux/key.h | 45 +++++++++++++++++++++- > security/keys/key.c | 40 ++++++++++++++++++- > 5 files changed, 107 insertions(+), 70 deletions(-) > > base-commit: 2734d6c1b1a089fb593ef6a23d4b70903526fe0c > -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | -- dm-devel mailing list dm-devel@redhat.com https://listman.redhat.com/mailman/listinfo/dm-devel
