MODSIGN: Extract the blob PKCS#7 signature verifier from module signing
authorDavid Howells <dhowells@redhat.com>
Mon, 20 Jul 2015 20:16:28 +0000 (21:16 +0100)
committerDavid Howells <dhowells@redhat.com>
Fri, 7 Aug 2015 15:26:13 +0000 (16:26 +0100)
commit091f6e26eb326adbd718f406e440c838bed8ebb6
tree9562f51745eb81fdf44d1fb56d6e79090935d2e4
parent1c39449921fc6db1f942051f79868a19c92f4d47
MODSIGN: Extract the blob PKCS#7 signature verifier from module signing

Extract the function that drives the PKCS#7 signature verification given a
data blob and a PKCS#7 blob out from the module signing code and lump it with
the system keyring code as it's generic.  This makes it independent of module
config options and opens it to use by the firmware loader.

Signed-off-by: David Howells <dhowells@redhat.com>
Cc: Luis R. Rodriguez <mcgrof@suse.com>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Ming Lei <ming.lei@canonical.com>
Cc: Seth Forshee <seth.forshee@canonical.com>
Cc: Kyle McMartin <kyle@kernel.org>
include/keys/system_keyring.h
init/Kconfig
kernel/module_signing.c
kernel/system_keyring.c