archives/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-03-08 02:44:41 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
Linux kernel source tree
1336248 commits 1 branch 921 tags 8.5 GiB
Find a file
Marek Behún ba8755ab54
firmware: turris-mox-rwtm: Add support for ECDSA signatures with HW private key 
Add support for digital message signing with the private key stored in
the rWTM secure coprocessor. Turris Mox devices have an ECDSA private
key generated and burned into rWTM eFuses when manufactured. This
private key is not readable from the rWTM, but rWTM firmware allows for
signing messages with it and retrieving the public key.

This is exposed to userspace via the keyctl API.

User can find the key by either looking at /proc/keys or listing the
keyring:

  $ cat /proc/keys
  0240b221 ... keyring   .turris-signing-keys: 1
  34ff9ac9 ... turris-si Turris MOX SN 0000000D30000005 rWTM ECDSA ke...

  $ keyctl rlist %:.turris-signing-keys
  889166537

To get the public key:

  $ keyctl read 889166537
  67 bytes of data in key:
  0201a05c 1a79242b 13f2fc02 b48ffdbb 6ee8d5ba 812d6784 5f04f302 c0894d3e
  b93474f9 46235777 5c926fb4 cce89b50 88cf5d10 c07fd9c5 fdcea257 3d8f1c33
  1bf826

To sign a message:

  $ dd if=/dev/urandom of=msg_to_sign bs=64 count=1
  $ keyctl pkey_sign 889166537 0 msg_to_sign >signature

Signed-off-by: Marek Behún <kabel@kernel.org>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2025-03-20 17:56:57 +01:00
arch Samsung mach/soc changes for v6.15 2025-03-19 22:39:12 +01:00
block block-6.14-20250214 2025-02-14 11:40:59 -08:00
certs sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3 2024-09-20 19:52:48 +03:00
crypto treewide: const qualify ctl_tables where applicable 2025-01-28 13:48:37 +01:00
Documentation firmware: turris-mox-rwtm: Drop ECDSA signatures via debugfs 2025-03-20 17:56:57 +01:00
drivers firmware: turris-mox-rwtm: Add support for ECDSA signatures with HW private key 2025-03-20 17:56:57 +01:00
fs SMB3 client multichannel fix 2025-02-14 14:42:52 -08:00
include platform: cznic: Add keyctl helpers for Turris platform 2025-03-20 17:56:56 +01:00
init Kbuild updates for v6.14 2025-01-31 12:07:07 -08:00
io_uring io_uring-6.14-20250214 2025-02-14 11:30:53 -08:00
ipc treewide: const qualify ctl_tables where applicable 2025-01-28 13:48:37 +01:00
kernel - Remove an unused config item GENERIC_PENDING_IRQ_CHIPFLAGS 2025-02-16 10:55:17 -08:00
lib hardening fixes for v6.14-rc2 2025-02-08 14:12:17 -08:00
LICENSES LICENSES: add 0BSD license text 2024-09-01 20:43:24 -07:00
mm assorted stuff for this merge window 2025-02-01 15:07:56 -08:00
net Including fixes from netfilter, wireless and bluetooth. 2025-02-13 12:17:04 -08:00
rust Driver core api addition for 6.14-rc3 2025-02-16 12:54:42 -08:00
samples Driver core api addition for 6.14-rc3 2025-02-16 12:54:42 -08:00
scripts modpost: Fix a few typos in a comment 2025-02-16 03:10:58 +09:00
security Redo of pathname patternization and fix spelling errors. 2025-02-11 10:19:36 -08:00
sound sound fixes for 6.14-rc1 2025-01-31 09:17:02 -08:00
tools - Move a warning about a lld.ld breakage into the verbose setting as said 2025-02-16 10:30:58 -08:00
usr kbuild: Drop support for include/asm-<arch> in headers_check.pl 2024-12-21 11:43:17 +09:00
virt KVM: remove kvm_arch_post_init_vm 2025-02-04 11:27:45 -05:00
.clang-format clang-format: Update with v6.11-rc1's for_each macro list 2024-08-02 13:20:31 +02:00
.clippy.toml rust: give Clippy the minimum supported Rust version 2025-01-10 00:17:25 +01:00
.cocciconfig
.editorconfig .editorconfig: remove trim_trailing_whitespace option 2024-06-13 16:47:52 +02:00
.get_maintainer.ignore MAINTAINERS: Retire Ralf Baechle 2024-11-12 15:48:59 +01:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore rust: use host dylib naming convention to support macOS 2025-01-10 01:01:24 +01:00
.mailmap wireless fixes for v6.14-rc3 2025-02-10 18:13:07 -08:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: Move Pavel to kernel.org address 2025-02-07 09:12:33 -08:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS platform: cznic: Add keyctl helpers for Turris platform 2025-03-20 17:56:56 +01:00
Makefile Linux 6.14-rc3 2025-02-16 14:02:44 -08:00
README README: Fix spelling 2024-03-18 03:36:32 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the reStructuredText markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.