Re: [PATCH v2 5/7] efi: Import certificates from UEFI Secure Boot

From: James Morris
Date: Tue Dec 11 2018 - 13:48:22 EST

Next message: Robin Murphy: "[PATCH v2] arm64: Add memory hotplug support"
Previous message: Jens Axboe: "Re: [PATCH] aio: Convert ioctx_table to XArray"
In reply to: Nayna Jain: "[PATCH v2 5/7] efi: Import certificates from UEFI Secure Boot"
Next in thread: Nayna Jain: "Re: [PATCH v2 5/7] efi: Import certificates from UEFI Secure Boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 9 Dec 2018, Nayna Jain wrote:

> +/*
> + * Blacklist an X509 TBS hash.
> + */
> +static __init void uefi_blacklist_x509_tbs(const char *source,
> + const void *data, size_t len)
> +{
> + char *hash, *p;
> +
> + hash = kmalloc(4 + len * 2 + 1, GFP_KERNEL);
> + if (!hash)
> + return;
> + p = memcpy(hash, "tbs:", 4);
> + p += 4;
> + bin2hex(p, data, len);
> + p += len * 2;
> + *p = 0;
> +
> + mark_hash_blacklisted(hash);
> + kfree(hash);
> +}
> +
> +/*
> + * Blacklist the hash of an executable.
> + */
> +static __init void uefi_blacklist_binary(const char *source,
> + const void *data, size_t len)
> +{
> + char *hash, *p;
> +
> + hash = kmalloc(4 + len * 2 + 1, GFP_KERNEL);
> + if (!hash)
> + return;
> + p = memcpy(hash, "bin:", 4);
> + p += 4;
> + bin2hex(p, data, len);
> + p += len * 2;
> + *p = 0;
> +
> + mark_hash_blacklisted(hash);
> + kfree(hash);
> +}
>

These could be refactored into one function.

--
James Morris
<jmorris@xxxxxxxxx>

Next message: Robin Murphy: "[PATCH v2] arm64: Add memory hotplug support"
Previous message: Jens Axboe: "Re: [PATCH] aio: Convert ioctx_table to XArray"
In reply to: Nayna Jain: "[PATCH v2 5/7] efi: Import certificates from UEFI Secure Boot"
Next in thread: Nayna Jain: "Re: [PATCH v2 5/7] efi: Import certificates from UEFI Secure Boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]