projects / linux-block.git / blame
| Commit | Line | Data |
|---|---|---|
| b886d83c | 1 | // SPDX-License-Identifier: GPL-2.0-only |
| e0751257 DK |
2 | /* |
| 3 | * Copyright (C) 2013 Intel Corporation | |
| 4 | * | |
| 5 | * Author: | |
| 6 | * Dmitry Kasatkin <dmitry.kasatkin@intel.com> | |
| e0751257 DK |
7 | */ |
| 8 | ||
| e0751257 | 9 | #include <linux/err.h> |
| d9a2e5d7 | 10 | #include <linux/ratelimit.h> |
| e0751257 DK |
11 | #include <linux/key-type.h> |
| 12 | #include <crypto/public_key.h> | |
| 4e8ae72a | 13 | #include <crypto/hash_info.h> |
| e0751257 | 14 | #include <keys/asymmetric-type.h> |
| 41c89b64 | 15 | #include <keys/system_keyring.h> |
| e0751257 DK |
16 | |
| 17 | #include "integrity.h" | |
| 18 | ||
| e0751257 DK |
19 | /* |
| 20 | * Request an asymmetric key. | |
| 21 | */ | |
| 22 | static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid) | |
| 23 | { | |
| 24 | struct key *key; | |
| 25 | char name[12]; | |
| 26 | ||
| 594081ee | 27 | sprintf(name, "id:%08x", keyid); |
| e0751257 DK |
28 | |
| 29 | pr_debug("key search: \"%s\"\n", name); | |
| 30 | ||
| 41c89b64 PM |
31 | key = get_ima_blacklist_keyring(); |
| 32 | if (key) { | |
| 33 | key_ref_t kref; | |
| 34 | ||
| 35 | kref = keyring_search(make_key_ref(key, 1), | |
| dcf49dbc | 36 | &key_type_asymmetric, name, true); |
| 41c89b64 PM |
37 | if (!IS_ERR(kref)) { |
| 38 | pr_err("Key '%s' is in ima_blacklist_keyring\n", name); | |
| 39 | return ERR_PTR(-EKEYREJECTED); | |
| 40 | } | |
| 41 | } | |
| 42 | ||
| e0751257 DK |
43 | if (keyring) { |
| 44 | /* search in specific keyring */ | |
| 45 | key_ref_t kref; | |
| 41c89b64 | 46 | |
| e0751257 | 47 | kref = keyring_search(make_key_ref(keyring, 1), |
| dcf49dbc | 48 | &key_type_asymmetric, name, true); |
| e0751257 DK |
49 | if (IS_ERR(kref)) |
| 50 | key = ERR_CAST(kref); | |
| 51 | else | |
| 52 | key = key_ref_to_ptr(kref); | |
| 53 | } else { | |
| 028db3e2 | 54 | key = request_key(&key_type_asymmetric, name, NULL); |
| e0751257 DK |
55 | } |
| 56 | ||
| 57 | if (IS_ERR(key)) { | |
| 8c2f516c BM |
58 | if (keyring) |
| 59 | pr_err_ratelimited("Request for unknown key '%s' in '%s' keyring. err %ld\n", | |
| 60 | name, keyring->description, | |
| 61 | PTR_ERR(key)); | |
| 62 | else | |
| 63 | pr_err_ratelimited("Request for unknown key '%s' err %ld\n", | |
| 64 | name, PTR_ERR(key)); | |
| 65 | ||
| e0751257 DK |
66 | switch (PTR_ERR(key)) { |
| 67 | /* Hide some search errors */ | |
| 68 | case -EACCES: | |
| 69 | case -ENOTDIR: | |
| 70 | case -EAGAIN: | |
| 71 | return ERR_PTR(-ENOKEY); | |
| 72 | default: | |
| 73 | return key; | |
| 74 | } | |
| 75 | } | |
| 76 | ||
| 77 | pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key)); | |
| 78 | ||
| 79 | return key; | |
| 80 | } | |
| 81 | ||
| 82 | int asymmetric_verify(struct key *keyring, const char *sig, | |
| 83 | int siglen, const char *data, int datalen) | |
| 84 | { | |
| 85 | struct public_key_signature pks; | |
| 86 | struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig; | |
| 87 | struct key *key; | |
| 3db0d0c2 | 88 | int ret; |
| e0751257 DK |
89 | |
| 90 | if (siglen <= sizeof(*hdr)) | |
| 91 | return -EBADMSG; | |
| 92 | ||
| 93 | siglen -= sizeof(*hdr); | |
| 94 | ||
| bb543e39 | 95 | if (siglen != be16_to_cpu(hdr->sig_size)) |
| e0751257 DK |
96 | return -EBADMSG; |
| 97 | ||
| 4e8ae72a | 98 | if (hdr->hash_algo >= HASH_ALGO__LAST) |
| e0751257 DK |
99 | return -ENOPKG; |
| 100 | ||
| bb543e39 | 101 | key = request_asymmetric_key(keyring, be32_to_cpu(hdr->keyid)); |
| e0751257 DK |
102 | if (IS_ERR(key)) |
| 103 | return PTR_ERR(key); | |
| 104 | ||
| 105 | memset(&pks, 0, sizeof(pks)); | |
| 106 | ||
| 4e8ae72a | 107 | pks.hash_algo = hash_algo_name[hdr->hash_algo]; |
| 0b7e44d3 TZ |
108 | switch (hdr->hash_algo) { |
| 109 | case HASH_ALGO_STREEBOG_256: | |
| 110 | case HASH_ALGO_STREEBOG_512: | |
| be08f0c6 VC |
111 | /* EC-RDSA and Streebog should go together. */ |
| 112 | pks.pkey_algo = "ecrdsa"; | |
| 113 | pks.encoding = "raw"; | |
| 0b7e44d3 TZ |
114 | break; |
| 115 | case HASH_ALGO_SM3_256: | |
| 116 | /* SM2 and SM3 should go together. */ | |
| 117 | pks.pkey_algo = "sm2"; | |
| 118 | pks.encoding = "raw"; | |
| 119 | break; | |
| 120 | default: | |
| be08f0c6 VC |
121 | pks.pkey_algo = "rsa"; |
| 122 | pks.encoding = "pkcs1"; | |
| 0b7e44d3 | 123 | break; |
| be08f0c6 | 124 | } |
| e0751257 DK |
125 | pks.digest = (u8 *)data; |
| 126 | pks.digest_size = datalen; | |
| eb5798f2 TS |
127 | pks.s = hdr->sig; |
| 128 | pks.s_size = siglen; | |
| 129 | ret = verify_signature(key, &pks); | |
| e0751257 DK |
130 | key_put(key); |
| 131 | pr_debug("%s() = %d\n", __func__, ret); | |
| 132 | return ret; | |
| 133 | } | |
| 6eb864c1 MK |
134 | |
| 135 | /** | |
| 136 | * integrity_kernel_module_request - prevent crypto-pkcs1pad(rsa,*) requests | |
| 137 | * @kmod_name: kernel module name | |
| 138 | * | |
| 139 | * We have situation, when public_key_verify_signature() in case of RSA | |
| 140 | * algorithm use alg_name to store internal information in order to | |
| 141 | * construct an algorithm on the fly, but crypto_larval_lookup() will try | |
| 142 | * to use alg_name in order to load kernel module with same name. | |
| 143 | * Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules, | |
| 144 | * we are safe to fail such module request from crypto_larval_lookup(). | |
| 145 | * | |
| 146 | * In this way we prevent modprobe execution during digsig verification | |
| 147 | * and avoid possible deadlock if modprobe and/or it's dependencies | |
| 148 | * also signed with digsig. | |
| 149 | */ | |
| 150 | int integrity_kernel_module_request(char *kmod_name) | |
| 151 | { | |
| 152 | if (strncmp(kmod_name, "crypto-pkcs1pad(rsa,", 20) == 0) | |
| 153 | return -EINVAL; | |
| 154 | ||
| 155 | return 0; | |
| 156 | } |