1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2013 Intel Corporation 4 * 5 * Author: 6 * Dmitry Kasatkin <dmitry.kasatkin@intel.com> 7 */ 8 9 #include <linux/err.h> 10 #include <linux/ratelimit.h> 11 #include <linux/key-type.h> 12 #include <crypto/public_key.h> 13 #include <crypto/hash_info.h> 14 #include <keys/asymmetric-type.h> 15 #include <keys/system_keyring.h> 16 17 #include "integrity.h" 18 19 /* 20 * Request an asymmetric key. 21 */ 22 static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid) 23 { 24 struct key *key; 25 char name[12]; 26 27 sprintf(name, "id:%08x", keyid); 28 29 pr_debug("key search: \"%s\"\n", name); 30 31 key = get_ima_blacklist_keyring(); 32 if (key) { 33 key_ref_t kref; 34 35 kref = keyring_search(make_key_ref(key, 1), 36 &key_type_asymmetric, name, true); 37 if (!IS_ERR(kref)) { 38 pr_err("Key '%s' is in ima_blacklist_keyring\n", name); 39 return ERR_PTR(-EKEYREJECTED); 40 } 41 } 42 43 if (keyring) { 44 /* search in specific keyring */ 45 key_ref_t kref; 46 47 kref = keyring_search(make_key_ref(keyring, 1), 48 &key_type_asymmetric, name, true); 49 if (IS_ERR(kref)) 50 key = ERR_CAST(kref); 51 else 52 key = key_ref_to_ptr(kref); 53 } else { 54 key = request_key(&key_type_asymmetric, name, NULL); 55 } 56 57 if (IS_ERR(key)) { 58 pr_err_ratelimited("Request for unknown key '%s' err %ld\n", 59 name, PTR_ERR(key)); 60 switch (PTR_ERR(key)) { 61 /* Hide some search errors */ 62 case -EACCES: 63 case -ENOTDIR: 64 case -EAGAIN: 65 return ERR_PTR(-ENOKEY); 66 default: 67 return key; 68 } 69 } 70 71 pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key)); 72 73 return key; 74 } 75 76 int asymmetric_verify(struct key *keyring, const char *sig, 77 int siglen, const char *data, int datalen) 78 { 79 struct public_key_signature pks; 80 struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig; 81 struct key *key; 82 int ret; 83 84 if (siglen <= sizeof(*hdr)) 85 return -EBADMSG; 86 87 siglen -= sizeof(*hdr); 88 89 if (siglen != be16_to_cpu(hdr->sig_size)) 90 return -EBADMSG; 91 92 if (hdr->hash_algo >= HASH_ALGO__LAST) 93 return -ENOPKG; 94 95 key = request_asymmetric_key(keyring, be32_to_cpu(hdr->keyid)); 96 if (IS_ERR(key)) 97 return PTR_ERR(key); 98 99 memset(&pks, 0, sizeof(pks)); 100 101 pks.hash_algo = hash_algo_name[hdr->hash_algo]; 102 switch (hdr->hash_algo) { 103 case HASH_ALGO_STREEBOG_256: 104 case HASH_ALGO_STREEBOG_512: 105 /* EC-RDSA and Streebog should go together. */ 106 pks.pkey_algo = "ecrdsa"; 107 pks.encoding = "raw"; 108 break; 109 case HASH_ALGO_SM3_256: 110 /* SM2 and SM3 should go together. */ 111 pks.pkey_algo = "sm2"; 112 pks.encoding = "raw"; 113 break; 114 default: 115 pks.pkey_algo = "rsa"; 116 pks.encoding = "pkcs1"; 117 break; 118 } 119 pks.digest = (u8 *)data; 120 pks.digest_size = datalen; 121 pks.s = hdr->sig; 122 pks.s_size = siglen; 123 ret = verify_signature(key, &pks); 124 key_put(key); 125 pr_debug("%s() = %d\n", __func__, ret); 126 return ret; 127 } 128 129 /** 130 * integrity_kernel_module_request - prevent crypto-pkcs1pad(rsa,*) requests 131 * @kmod_name: kernel module name 132 * 133 * We have situation, when public_key_verify_signature() in case of RSA 134 * algorithm use alg_name to store internal information in order to 135 * construct an algorithm on the fly, but crypto_larval_lookup() will try 136 * to use alg_name in order to load kernel module with same name. 137 * Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules, 138 * we are safe to fail such module request from crypto_larval_lookup(). 139 * 140 * In this way we prevent modprobe execution during digsig verification 141 * and avoid possible deadlock if modprobe and/or it's dependencies 142 * also signed with digsig. 143 */ 144 int integrity_kernel_module_request(char *kmod_name) 145 { 146 if (strncmp(kmod_name, "crypto-pkcs1pad(rsa,", 20) == 0) 147 return -EINVAL; 148 149 return 0; 150 } 151