ALSA: pcm: Fix missing check of the new non-cached buffer type

[linux-2.6-block.git] / kernel / module_signing.c

diff --git a/kernel/module_signing.c b/kernel/module_signing.c
index 6b9a926fd86b60f3bb13c939a7a345511d9692dd..9d9fc678c91d6668103faced46bc2a5f47baab49 100644 (file)
--- a/kernel/module_signing.c
+++ b/kernel/module_signing.c
@@ -1,47 +1,19 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
 /* Module signature checker
  *
  * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
  * Written by David Howells (dhowells@redhat.com)
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public Licence
- * as published by the Free Software Foundation; either version
- * 2 of the Licence, or (at your option) any later version.
  */
 
 #include <linux/kernel.h>
 #include <linux/errno.h>
+#include <linux/module.h>
+#include <linux/module_signature.h>
 #include <linux/string.h>
 #include <linux/verification.h>
 #include <crypto/public_key.h>
 #include "module-internal.h"
 
-enum pkey_id_type {
-       PKEY_ID_PGP,            /* OpenPGP generated key ID */
-       PKEY_ID_X509,           /* X.509 arbitrary subjectKeyIdentifier */
-       PKEY_ID_PKCS7,          /* Signature in PKCS#7 message */
-};
-
-/*
- * Module signature information block.
- *
- * The constituents of the signature section are, in order:
- *
- *     - Signer's name
- *     - Key identifier
- *     - Signature data
- *     - Information block
- */
-struct module_signature {
-       u8      algo;           /* Public-key crypto algorithm [0] */
-       u8      hash;           /* Digest algorithm [0] */
-       u8      id_type;        /* Key identifier type [PKEY_ID_PKCS7] */
-       u8      signer_len;     /* Length of signer's name [0] */
-       u8      key_id_len;     /* Length of key identifier [0] */
-       u8      __pad[3];
-       __be32  sig_len;        /* Length of signature data */
-};
-
 /*
  * Verify the signature on a module.
  */
@@ -49,6 +21,7 @@ int mod_verify_sig(const void *mod, struct load_info *info)
 {
        struct module_signature ms;
        size_t sig_len, modlen = info->len;
+       int ret;
 
        pr_devel("==>%s(,%zu)\n", __func__, modlen);
 
@@ -56,32 +29,15 @@ int mod_verify_sig(const void *mod, struct load_info *info)
                return -EBADMSG;
 
        memcpy(&ms, mod + (modlen - sizeof(ms)), sizeof(ms));
-       modlen -= sizeof(ms);
+
+       ret = mod_check_sig(&ms, modlen, info->name);
+       if (ret)
+               return ret;
 
        sig_len = be32_to_cpu(ms.sig_len);
-       if (sig_len >= modlen)
-               return -EBADMSG;
-       modlen -= sig_len;
+       modlen -= sig_len + sizeof(ms);
        info->len = modlen;
 
-       if (ms.id_type != PKEY_ID_PKCS7) {
-               pr_err("%s: Module is not signed with expected PKCS#7 message\n",
-                      info->name);
-               return -ENOPKG;
-       }
-
-       if (ms.algo != 0 ||
-           ms.hash != 0 ||
-           ms.signer_len != 0 ||
-           ms.key_id_len != 0 ||
-           ms.__pad[0] != 0 ||
-           ms.__pad[1] != 0 ||
-           ms.__pad[2] != 0) {
-               pr_err("%s: PKCS#7 signature info has unexpected non-zero params\n",
-                      info->name);
-               return -EBADMSG;
-       }
-
        return verify_pkcs7_signature(mod, modlen, mod + modlen, sig_len,
                                      VERIFY_USE_SECONDARY_KEYRING,
                                      VERIFYING_MODULE_SIGNATURE,