On Wed, 2013-01-30 at 06:32 +, Matthew Garrett wrote:
> On Tue, Jan 29, 2013 at 11:58:53AM -0500, Vivek Goyal wrote:
> > On Mon, Jan 28, 2013 at 08:48:55PM -0500, Mimi Zohar wrote:
> > > The assumption has always been that the initramfs would be measured, for
> > > trusted boot, and appraised,
Kasatkin, Dmitry wrote:
> What about the case when running from integrity protected initramfs?
> Either embedded into the signed kernel, or verified by the boot loader.
> In such case it is possible to assume that all keys which are added by
> user space are implicitly trusted.
> Later on, before
From: Andy Shevchenko
Remove MIN, MAX and ABS macros that are duplicates kernel's native
implementation.
Signed-off-by: Andy Shevchenko
---
lib/mpi/mpi-internal.h |4
lib/mpi/mpicoder.c |8
2 files changed, 4 insertions(+), 8 deletions(-)
diff --git a/lib/mpi/mpi-int
In existing use case, copying of the decoded data is unnecessary in
pkcs_1_v1_5_decode_emsa. It is just enough to get pointer to the message.
Removing copying and extra buffer allocation.
Signed-off-by: Dmitry Kasatkin
---
lib/digsig.c | 41 ++---
1 file cha
Here is couple of cleanups for digsig and libmpi.
- Dmitry
Andy Shevchenko (1):
mpilib: use DIV_ROUND_UP and remove unused macros
Dmitry Kasatkin (1):
digsig: remove unnecessary memory allocation and copying
lib/digsig.c | 41 ++---
lib/mpi/m
On Thu, Jan 17, 2013 at 8:04 PM, David Howells wrote:
> Add KEY_FLAG_TRUSTED to indicate that a key either comes from a trusted source
> or had a cryptographic signature chain that led back to a trusted key the
> kernel already possessed.
>
> Add KEY_FLAGS_TRUSTED_ONLY to indicate that a keyring w