wifi: cfg80211: Deduplicate certificate loading
load_keys_from_buffer() in net/wireless/reg.c duplicates x509_load_certificate_list() in crypto/asymmetric_keys/x509_loader.c for no apparent reason. Deduplicate it. No functional change intended. Signed-off-by: Lukas Wunner <lukas@wunner.de> Acked-by: David Howells <dhowells@redhat.com> Link: https://lore.kernel.org/r/e7280be84acda02634bc7cb52c97656182b9c700.1673197326.git.lukas@wunner.de Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This commit is contained in:
parent
e2192de59e
commit
3609ff6401
@ -55,3 +55,4 @@ dodgy_cert:
|
||||
pr_err("Problem parsing in-kernel X.509 certificate list\n");
|
||||
return 0;
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(x509_load_certificate_list);
|
||||
|
@ -737,52 +737,10 @@ static bool valid_country(const u8 *data, unsigned int size,
|
||||
}
|
||||
|
||||
#ifdef CONFIG_CFG80211_REQUIRE_SIGNED_REGDB
|
||||
#include <keys/asymmetric-type.h>
|
||||
|
||||
static struct key *builtin_regdb_keys;
|
||||
|
||||
static void __init load_keys_from_buffer(const u8 *p, unsigned int buflen)
|
||||
{
|
||||
const u8 *end = p + buflen;
|
||||
size_t plen;
|
||||
key_ref_t key;
|
||||
|
||||
while (p < end) {
|
||||
/* Each cert begins with an ASN.1 SEQUENCE tag and must be more
|
||||
* than 256 bytes in size.
|
||||
*/
|
||||
if (end - p < 4)
|
||||
goto dodgy_cert;
|
||||
if (p[0] != 0x30 &&
|
||||
p[1] != 0x82)
|
||||
goto dodgy_cert;
|
||||
plen = (p[2] << 8) | p[3];
|
||||
plen += 4;
|
||||
if (plen > end - p)
|
||||
goto dodgy_cert;
|
||||
|
||||
key = key_create_or_update(make_key_ref(builtin_regdb_keys, 1),
|
||||
"asymmetric", NULL, p, plen,
|
||||
((KEY_POS_ALL & ~KEY_POS_SETATTR) |
|
||||
KEY_USR_VIEW | KEY_USR_READ),
|
||||
KEY_ALLOC_NOT_IN_QUOTA |
|
||||
KEY_ALLOC_BUILT_IN |
|
||||
KEY_ALLOC_BYPASS_RESTRICTION);
|
||||
if (IS_ERR(key)) {
|
||||
pr_err("Problem loading in-kernel X.509 certificate (%ld)\n",
|
||||
PTR_ERR(key));
|
||||
} else {
|
||||
pr_notice("Loaded X.509 cert '%s'\n",
|
||||
key_ref_to_ptr(key)->description);
|
||||
key_ref_put(key);
|
||||
}
|
||||
p += plen;
|
||||
}
|
||||
|
||||
return;
|
||||
|
||||
dodgy_cert:
|
||||
pr_err("Problem parsing in-kernel X.509 certificate list\n");
|
||||
}
|
||||
|
||||
static int __init load_builtin_regdb_keys(void)
|
||||
{
|
||||
builtin_regdb_keys =
|
||||
@ -797,11 +755,15 @@ static int __init load_builtin_regdb_keys(void)
|
||||
pr_notice("Loading compiled-in X.509 certificates for regulatory database\n");
|
||||
|
||||
#ifdef CONFIG_CFG80211_USE_KERNEL_REGDB_KEYS
|
||||
load_keys_from_buffer(shipped_regdb_certs, shipped_regdb_certs_len);
|
||||
x509_load_certificate_list(shipped_regdb_certs,
|
||||
shipped_regdb_certs_len,
|
||||
builtin_regdb_keys);
|
||||
#endif
|
||||
#ifdef CONFIG_CFG80211_EXTRA_REGDB_KEYDIR
|
||||
if (CONFIG_CFG80211_EXTRA_REGDB_KEYDIR[0] != '\0')
|
||||
load_keys_from_buffer(extra_regdb_certs, extra_regdb_certs_len);
|
||||
x509_load_certificate_list(extra_regdb_certs,
|
||||
extra_regdb_certs_len,
|
||||
builtin_regdb_keys);
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
|
Loading…
x
Reference in New Issue
Block a user