Djam/kernel-5.15
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/kernel-5.15.git synced 2025-02-23 18:42:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

patch: support loading GOST-signed modules

Browse source
This commit is contained in:
Mikhail Novosyolov 2020-08-06 14:30:23 +03:00
parent 0f1ce67516
commit 4c7232ab3e
2 changed files with 49 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
0001-crypto-support-loading-GOST-signed-kernel-modules.patch Normal file
View file

@ -0,0 +1,46 @@
From 59bf6ed4709ea82d63be300814af2c4c94503e14 Mon Sep 17 00:00:00 2001
From: Mikhail Novosyolov <m.novosyolov@rosalinux.ru>
Date: Thu, 6 Aug 2020 14:17:31 +0300
Subject: [PATCH] crypto: support loading GOST-signed kernel modules
Support loading kernel modules signed with:
* 1.2.643.7.1.1.1.1 id-tc26-gost3410-12-256
* 1.2.643.7.1.1.1.2 id-tc26-gost3410-12-512
Signed-off-by: Mikhail Novosyolov <m.novosyolov@rosalinux.ru>
---
crypto/asymmetric_keys/pkcs7_parser.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c
index 967329e0a07b..39c260a04167 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -248,6 +248,12 @@ int pkcs7_sig_note_digest_algo(void *context, size_t hdrlen,
case OID_sha224:
ctx->sinfo->sig->hash_algo = "sha224";
break;
+ case OID_gost2012Digest256:
+ ctx->sinfo->sig->hash_algo = "streebog256";
+ break;
+ case OID_gost2012Digest512:
+ ctx->sinfo->sig->hash_algo = "streebog512";
+ break;
default:
printk("Unsupported digest algo: %u\n", ctx->last_oid);
return -ENOPKG;
@@ -269,6 +275,11 @@ int pkcs7_sig_note_pkey_algo(void *context, size_t hdrlen,
ctx->sinfo->sig->pkey_algo = "rsa";
ctx->sinfo->sig->encoding = "pkcs1";
break;
+ case OID_gost2012PKey256:
+ case OID_gost2012PKey512:
+ ctx->sinfo->sig->pkey_algo = "ecrdsa";
+ ctx->sinfo->sig->encoding = "raw";
+ break;
default:
printk("Unsupported pkey algo: %u\n", ctx->last_oid);
return -ENOPKG;
--
2.17.1

4
kernel.spec
View file

@ -24,7 +24,7 @@
%define sublevel 40 %define sublevel 40
# Release number. Increase this before a rebuild. # Release number. Increase this before a rebuild.
%define rpmrel 7 %define rpmrel 9
%define fullrpmrel %{rpmrel} %define fullrpmrel %{rpmrel}
%define rpmtag %{disttag} %define rpmtag %{disttag}
@ -282,6 +282,8 @@ Patch302: 0001-sign-file-full-functionality-with-modern-LibreSSL.patch
Patch303: perf-5.4.20-binutil-libs-2.34.patch Patch303: perf-5.4.20-binutil-libs-2.34.patch
# Add sysctl to disable disk-based swap # Add sysctl to disable disk-based swap
Patch304: 0001-mm-add-sysctl-to-disable-disk-based-swap.patch Patch304: 0001-mm-add-sysctl-to-disable-disk-based-swap.patch
# Support loading GOST-signed modules
Patch305: 0001-crypto-support-loading-GOST-signed-kernel-modules.patch
# Disable AutoReq # Disable AutoReq
AutoReq: 0 AutoReq: 0