Re: [GIT PULL] KEYS: Blacklisting, restrictions and DH

From: James Morris
Date: Mon Apr 17 2017 - 17:39:01 EST

Next message: Sinan Kaya: "Re: [PATCH v8 10/15] ACPI: platform-msi: retrieve dev id from IORT"
Previous message: Alex Williamson: "Re: [PATCH v4 1/2] vfio/type1: Remove locked page accounting workqueue"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 12 Apr 2017, David Howells wrote:

>
> Hi James,
>
> Could you pull these changes into security/next please:
>
> (1) Provide a blacklist keyring and a blacklist key type such that X.509
> keys and PKCS#7 certs can be blacklisted. It is possible to load the
> blacklist from a file at compile time. A future patch will
> additionally load the blacklist from the UEFI blacklist if available.
>
> (2) Make it possible to create a userspace keyring and to apply a
> restriction to it such that no new keys can be added unless they meet
> the criteria.
>
> (3) Add SP800-56A KDF support for the DH operation.
>

Pulled, thanks.

--
James Morris
<jmorris@xxxxxxxxx>

Next message: Sinan Kaya: "Re: [PATCH v8 10/15] ACPI: platform-msi: retrieve dev id from IORT"
Previous message: Alex Williamson: "Re: [PATCH v4 1/2] vfio/type1: Remove locked page accounting workqueue"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]