From: wangshouping wangshouping@huawei.com
euleros inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4T4W4?from=project-issue CVE: NA
--------
Reserve some fields beforehand for parsing RSASSA-PSS style certificates
---------
Signed-off-by: wangshouping wangshouping@huawei.com Reviewed-by: Xiu Jianfeng xiujianfeng@huawei.com Reviewed-by: Wang Weiyang wangweiyang2@huawei.com Reviewed-by: Xie XiuQi xiexiuqi@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- include/crypto/akcipher.h | 2 ++ include/crypto/public_key.h | 9 +++++++++ include/linux/keyctl.h | 3 +++ include/linux/oid_registry.h | 2 ++ 4 files changed, 16 insertions(+)
diff --git a/include/crypto/akcipher.h b/include/crypto/akcipher.h index 5764b46bd1ec..4ecbdd745a5f 100644 --- a/include/crypto/akcipher.h +++ b/include/crypto/akcipher.h @@ -8,6 +8,7 @@ #ifndef _CRYPTO_AKCIPHER_H #define _CRYPTO_AKCIPHER_H #include <linux/crypto.h> +#include <linux/kabi.h>
/** * struct akcipher_request - public key request @@ -101,6 +102,7 @@ struct akcipher_alg { unsigned int (*max_size)(struct crypto_akcipher *tfm); int (*init)(struct crypto_akcipher *tfm); void (*exit)(struct crypto_akcipher *tfm); + KABI_RESERVE(1)
unsigned int reqsize; struct crypto_alg base; diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h index f5bd80858fc5..041e2c023a8e 100644 --- a/include/crypto/public_key.h +++ b/include/crypto/public_key.h @@ -13,6 +13,7 @@ #include <linux/keyctl.h> #include <linux/oid_registry.h> #include <crypto/akcipher.h> +#include <linux/kabi.h>
/* * Cryptographic data for the public-key subtype of the asymmetric key type. @@ -29,6 +30,11 @@ struct public_key { bool key_is_private; const char *id_type; const char *pkey_algo; + KABI_RESERVE(1) + KABI_RESERVE(2) + KABI_RESERVE(3) + KABI_RESERVE(4) + KABI_RESERVE(5) };
extern void public_key_free(struct public_key *key); @@ -47,6 +53,9 @@ struct public_key_signature { const char *encoding; const void *data; unsigned int data_size; + KABI_RESERVE(1) + KABI_RESERVE(2) + KABI_RESERVE(3) };
extern void public_key_signature_free(struct public_key_signature *sig); diff --git a/include/linux/keyctl.h b/include/linux/keyctl.h index 5b79847207ef..1228af4053a8 100644 --- a/include/linux/keyctl.h +++ b/include/linux/keyctl.h @@ -9,6 +9,7 @@ #define __LINUX_KEYCTL_H
#include <uapi/linux/keyctl.h> +#include <linux/kabi.h>
struct kernel_pkey_query { __u32 supported_ops; /* Which ops are supported */ @@ -37,6 +38,8 @@ struct kernel_pkey_params { __u32 in2_len; /* 2nd input data size (verify) */ }; enum kernel_pkey_operation op : 8; + KABI_RESERVE(1) + KABI_RESERVE(2) };
#endif /* __LINUX_KEYCTL_H */ diff --git a/include/linux/oid_registry.h b/include/linux/oid_registry.h index f32d91895e4d..72882f35bd88 100644 --- a/include/linux/oid_registry.h +++ b/include/linux/oid_registry.h @@ -116,6 +116,8 @@ enum OID { OID_sm3, /* 1.2.156.10197.1.401 */ OID_SM2_with_SM3, /* 1.2.156.10197.1.501 */ OID_sm3WithRSAEncryption, /* 1.2.156.10197.1.504 */ + OID_mgf1, /* 1.2.840.113549.1.1.8 */ + OID_rsassaPSS, /* 1.2.840.113549.1.1.10 */
OID__NR };