Hi James, Here's a collection of fixes for Linux keyrings, mostly thanks to Eric Biggers, if you could pass them along to Linus. They include: (1) Fix some PKCS#7 verification issues. (2) Fix handling of unsupported crypto in X.509. (3) Fix too-large allocation in big_key. The patches can be found here also: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/tag/?h=keys-fixes-20180222 And also on the keys-fixes branch. David --- David Howells (1): KEYS: Use individual pages in big_key for crypto buffers Eric Biggers (5): PKCS#7: fix certificate chain verification PKCS#7: fix certificate blacklisting PKCS#7: fix direct verification of SignerInfo signature X.509: fix BUG_ON() when hash algorithm is unsupported X.509: fix NULL dereference when restricting key with unsupported_sig crypto/asymmetric_keys/pkcs7_trust.c | 1 crypto/asymmetric_keys/pkcs7_verify.c | 12 ++-- crypto/asymmetric_keys/public_key.c | 4 + crypto/asymmetric_keys/restrict.c | 21 ++++-- security/keys/big_key.c | 110 ++++++++++++++++++++++++++------- 5 files changed, 111 insertions(+), 37 deletions(-)