git.baikalelectronics.ru Git - kernel.git/commit

author	Mickaël Salaün <mic@linux.microsoft.com>
	Mon, 12 Jul 2021 17:03:11 +0000 (19:03 +0200)
committer	Jarkko Sakkinen <jarkko@kernel.org>
	Mon, 23 May 2022 15:47:49 +0000 (18:47 +0300)
commit	42c3e5f76e3add1a6e17a38d57d2509146ae1c07
tree	661133dac90d80dcb4b9d6a68544447a2fc55bf5	tree \| snapshot
parent	fa38bdaecbcf587a8fe040310312cafc537804ab	commit \| diff

certs: Make blacklist_vet_description() more strict

Before exposing this new key type to user space, make sure that only
meaningful blacklisted hashes are accepted. This is also checked for
builtin blacklisted hashes, but a following commit make sure that the
user will notice (at built time) and will fix the configuration if it
already included errors.

Check that a blacklist key description starts with a valid prefix and
then a valid hexadecimal string.

Cc: David Howells <dhowells@redhat.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Eric Snowberg <eric.snowberg@oracle.com>
Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Link: https://lore.kernel.org/r/20210712170313.884724-4-mic@digikod.net
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>