1 /* 2 * Copyright (C) 2013 Intel Corporation 3 * 4 * Author: 5 * Dmitry Kasatkin <dmitry.kasatkin@intel.com> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation, version 2 of the License. 10 * 11 */ 12 13 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 14 15 #include <linux/err.h> 16 #include <linux/ratelimit.h> 17 #include <linux/key-type.h> 18 #include <crypto/public_key.h> 19 #include <crypto/hash_info.h> 20 #include <keys/asymmetric-type.h> 21 #include <keys/system_keyring.h> 22 23 #include "integrity.h" 24 25 /* 26 * Request an asymmetric key. 27 */ 28 static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid) 29 { 30 struct key *key; 31 char name[12]; 32 33 sprintf(name, "id:%08x", keyid); 34 35 pr_debug("key search: \"%s\"\n", name); 36 37 key = get_ima_blacklist_keyring(); 38 if (key) { 39 key_ref_t kref; 40 41 kref = keyring_search(make_key_ref(key, 1), 42 &key_type_asymmetric, name); 43 if (!IS_ERR(kref)) { 44 pr_err("Key '%s' is in ima_blacklist_keyring\n", name); 45 return ERR_PTR(-EKEYREJECTED); 46 } 47 } 48 49 if (keyring) { 50 /* search in specific keyring */ 51 key_ref_t kref; 52 53 kref = keyring_search(make_key_ref(keyring, 1), 54 &key_type_asymmetric, name); 55 if (IS_ERR(kref)) 56 key = ERR_CAST(kref); 57 else 58 key = key_ref_to_ptr(kref); 59 } else { 60 key = request_key(&key_type_asymmetric, name, NULL); 61 } 62 63 if (IS_ERR(key)) { 64 pr_err_ratelimited("Request for unknown key '%s' err %ld\n", 65 name, PTR_ERR(key)); 66 switch (PTR_ERR(key)) { 67 /* Hide some search errors */ 68 case -EACCES: 69 case -ENOTDIR: 70 case -EAGAIN: 71 return ERR_PTR(-ENOKEY); 72 default: 73 return key; 74 } 75 } 76 77 pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key)); 78 79 return key; 80 } 81 82 int asymmetric_verify(struct key *keyring, const char *sig, 83 int siglen, const char *data, int datalen) 84 { 85 struct public_key_signature pks; 86 struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig; 87 struct key *key; 88 int ret = -ENOMEM; 89 90 if (siglen <= sizeof(*hdr)) 91 return -EBADMSG; 92 93 siglen -= sizeof(*hdr); 94 95 if (siglen != be16_to_cpu(hdr->sig_size)) 96 return -EBADMSG; 97 98 if (hdr->hash_algo >= HASH_ALGO__LAST) 99 return -ENOPKG; 100 101 key = request_asymmetric_key(keyring, be32_to_cpu(hdr->keyid)); 102 if (IS_ERR(key)) 103 return PTR_ERR(key); 104 105 memset(&pks, 0, sizeof(pks)); 106 107 pks.pkey_algo = "rsa"; 108 pks.hash_algo = hash_algo_name[hdr->hash_algo]; 109 pks.digest = (u8 *)data; 110 pks.digest_size = datalen; 111 pks.s = hdr->sig; 112 pks.s_size = siglen; 113 ret = verify_signature(key, &pks); 114 key_put(key); 115 pr_debug("%s() = %d\n", __func__, ret); 116 return ret; 117 } 118 119 /** 120 * integrity_kernel_module_request - prevent crypto-pkcs1pad(rsa,*) requests 121 * @kmod_name: kernel module name 122 * 123 * We have situation, when public_key_verify_signature() in case of RSA 124 * algorithm use alg_name to store internal information in order to 125 * construct an algorithm on the fly, but crypto_larval_lookup() will try 126 * to use alg_name in order to load kernel module with same name. 127 * Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules, 128 * we are safe to fail such module request from crypto_larval_lookup(). 129 * 130 * In this way we prevent modprobe execution during digsig verification 131 * and avoid possible deadlock if modprobe and/or it's dependencies 132 * also signed with digsig. 133 */ 134 int integrity_kernel_module_request(char *kmod_name) 135 { 136 if (strncmp(kmod_name, "crypto-pkcs1pad(rsa,", 20) == 0) 137 return -EINVAL; 138 139 return 0; 140 } 141