These changes are the raw update to linux-4.4.6-rt14. Kernel sources

[kvmfornfv.git] / kernel / crypto / asymmetric_keys / pkcs7_key_type.c

diff --git a/kernel/crypto/asymmetric_keys/pkcs7_key_type.c b/kernel/crypto/asymmetric_keys/pkcs7_key_type.c
index 751f8fd..e2d0edb 100644 (file)
--- a/kernel/crypto/asymmetric_keys/pkcs7_key_type.c
+++ b/kernel/crypto/asymmetric_keys/pkcs7_key_type.c
@@ -12,17 +12,28 @@
 #define pr_fmt(fmt) "PKCS7key: "fmt
 #include <linux/key.h>
 #include <linux/err.h>
+#include <linux/module.h>
 #include <linux/key-type.h>
+#include <keys/asymmetric-type.h>
 #include <crypto/pkcs7.h>
 #include <keys/user-type.h>
 #include <keys/system_keyring.h>
 #include "pkcs7_parser.h"
 
+MODULE_LICENSE("GPL");
+MODULE_DESCRIPTION("PKCS#7 testing key type");
+
+static unsigned pkcs7_usage;
+module_param_named(usage, pkcs7_usage, uint, S_IWUSR | S_IRUGO);
+MODULE_PARM_DESC(pkcs7_usage,
+                "Usage to specify when verifying the PKCS#7 message");
+
 /*
  * Preparse a PKCS#7 wrapped and validated data blob.
  */
 static int pkcs7_preparse(struct key_preparsed_payload *prep)
 {
+       enum key_being_used_for usage = pkcs7_usage;
        struct pkcs7_message *pkcs7;
        const void *data, *saved_prep_data;
        size_t datalen, saved_prep_datalen;
@@ -31,6 +42,11 @@ static int pkcs7_preparse(struct key_preparsed_payload *prep)
 
        kenter("");
 
+       if (usage >= NR__KEY_BEING_USED_FOR) {
+               pr_err("Invalid usage type %d\n", usage);
+               return -EINVAL;
+       }
+
        saved_prep_data = prep->data;
        saved_prep_datalen = prep->datalen;
        pkcs7 = pkcs7_parse_message(saved_prep_data, saved_prep_datalen);
@@ -39,7 +55,7 @@ static int pkcs7_preparse(struct key_preparsed_payload *prep)
                goto error;
        }
 
-       ret = pkcs7_verify(pkcs7);
+       ret = pkcs7_verify(pkcs7, usage);
        if (ret < 0)
                goto error_free;