Commit | Line | Data |
---|---|---|
b886d83c | 1 | // SPDX-License-Identifier: GPL-2.0-only |
e0751257 DK |
2 | /* |
3 | * Copyright (C) 2013 Intel Corporation | |
4 | * | |
5 | * Author: | |
6 | * Dmitry Kasatkin <dmitry.kasatkin@intel.com> | |
e0751257 DK |
7 | */ |
8 | ||
9 | #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt | |
10 | ||
11 | #include <linux/err.h> | |
d9a2e5d7 | 12 | #include <linux/ratelimit.h> |
e0751257 DK |
13 | #include <linux/key-type.h> |
14 | #include <crypto/public_key.h> | |
4e8ae72a | 15 | #include <crypto/hash_info.h> |
e0751257 | 16 | #include <keys/asymmetric-type.h> |
41c89b64 | 17 | #include <keys/system_keyring.h> |
e0751257 DK |
18 | |
19 | #include "integrity.h" | |
20 | ||
e0751257 DK |
21 | /* |
22 | * Request an asymmetric key. | |
23 | */ | |
24 | static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid) | |
25 | { | |
26 | struct key *key; | |
27 | char name[12]; | |
28 | ||
594081ee | 29 | sprintf(name, "id:%08x", keyid); |
e0751257 DK |
30 | |
31 | pr_debug("key search: \"%s\"\n", name); | |
32 | ||
41c89b64 PM |
33 | key = get_ima_blacklist_keyring(); |
34 | if (key) { | |
35 | key_ref_t kref; | |
36 | ||
37 | kref = keyring_search(make_key_ref(key, 1), | |
dcf49dbc | 38 | &key_type_asymmetric, name, true); |
41c89b64 PM |
39 | if (!IS_ERR(kref)) { |
40 | pr_err("Key '%s' is in ima_blacklist_keyring\n", name); | |
41 | return ERR_PTR(-EKEYREJECTED); | |
42 | } | |
43 | } | |
44 | ||
e0751257 DK |
45 | if (keyring) { |
46 | /* search in specific keyring */ | |
47 | key_ref_t kref; | |
41c89b64 | 48 | |
e0751257 | 49 | kref = keyring_search(make_key_ref(keyring, 1), |
dcf49dbc | 50 | &key_type_asymmetric, name, true); |
e0751257 DK |
51 | if (IS_ERR(kref)) |
52 | key = ERR_CAST(kref); | |
53 | else | |
54 | key = key_ref_to_ptr(kref); | |
55 | } else { | |
028db3e2 | 56 | key = request_key(&key_type_asymmetric, name, NULL); |
e0751257 DK |
57 | } |
58 | ||
59 | if (IS_ERR(key)) { | |
d9a2e5d7 DK |
60 | pr_err_ratelimited("Request for unknown key '%s' err %ld\n", |
61 | name, PTR_ERR(key)); | |
e0751257 DK |
62 | switch (PTR_ERR(key)) { |
63 | /* Hide some search errors */ | |
64 | case -EACCES: | |
65 | case -ENOTDIR: | |
66 | case -EAGAIN: | |
67 | return ERR_PTR(-ENOKEY); | |
68 | default: | |
69 | return key; | |
70 | } | |
71 | } | |
72 | ||
73 | pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key)); | |
74 | ||
75 | return key; | |
76 | } | |
77 | ||
78 | int asymmetric_verify(struct key *keyring, const char *sig, | |
79 | int siglen, const char *data, int datalen) | |
80 | { | |
81 | struct public_key_signature pks; | |
82 | struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig; | |
83 | struct key *key; | |
84 | int ret = -ENOMEM; | |
85 | ||
86 | if (siglen <= sizeof(*hdr)) | |
87 | return -EBADMSG; | |
88 | ||
89 | siglen -= sizeof(*hdr); | |
90 | ||
bb543e39 | 91 | if (siglen != be16_to_cpu(hdr->sig_size)) |
e0751257 DK |
92 | return -EBADMSG; |
93 | ||
4e8ae72a | 94 | if (hdr->hash_algo >= HASH_ALGO__LAST) |
e0751257 DK |
95 | return -ENOPKG; |
96 | ||
bb543e39 | 97 | key = request_asymmetric_key(keyring, be32_to_cpu(hdr->keyid)); |
e0751257 DK |
98 | if (IS_ERR(key)) |
99 | return PTR_ERR(key); | |
100 | ||
101 | memset(&pks, 0, sizeof(pks)); | |
102 | ||
4e8ae72a | 103 | pks.hash_algo = hash_algo_name[hdr->hash_algo]; |
be08f0c6 VC |
104 | if (hdr->hash_algo == HASH_ALGO_STREEBOG_256 || |
105 | hdr->hash_algo == HASH_ALGO_STREEBOG_512) { | |
106 | /* EC-RDSA and Streebog should go together. */ | |
107 | pks.pkey_algo = "ecrdsa"; | |
108 | pks.encoding = "raw"; | |
109 | } else { | |
110 | pks.pkey_algo = "rsa"; | |
111 | pks.encoding = "pkcs1"; | |
112 | } | |
e0751257 DK |
113 | pks.digest = (u8 *)data; |
114 | pks.digest_size = datalen; | |
eb5798f2 TS |
115 | pks.s = hdr->sig; |
116 | pks.s_size = siglen; | |
117 | ret = verify_signature(key, &pks); | |
e0751257 DK |
118 | key_put(key); |
119 | pr_debug("%s() = %d\n", __func__, ret); | |
120 | return ret; | |
121 | } | |
6eb864c1 MK |
122 | |
123 | /** | |
124 | * integrity_kernel_module_request - prevent crypto-pkcs1pad(rsa,*) requests | |
125 | * @kmod_name: kernel module name | |
126 | * | |
127 | * We have situation, when public_key_verify_signature() in case of RSA | |
128 | * algorithm use alg_name to store internal information in order to | |
129 | * construct an algorithm on the fly, but crypto_larval_lookup() will try | |
130 | * to use alg_name in order to load kernel module with same name. | |
131 | * Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules, | |
132 | * we are safe to fail such module request from crypto_larval_lookup(). | |
133 | * | |
134 | * In this way we prevent modprobe execution during digsig verification | |
135 | * and avoid possible deadlock if modprobe and/or it's dependencies | |
136 | * also signed with digsig. | |
137 | */ | |
138 | int integrity_kernel_module_request(char *kmod_name) | |
139 | { | |
140 | if (strncmp(kmod_name, "crypto-pkcs1pad(rsa,", 20) == 0) | |
141 | return -EINVAL; | |
142 | ||
143 | return 0; | |
144 | } |