1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2013 Intel Corporation 4 * 5 * Author: 6 * Dmitry Kasatkin <dmitry.kasatkin@intel.com> 7 */ 8 9 #include <linux/err.h> 10 #include <linux/ratelimit.h> 11 #include <linux/key-type.h> 12 #include <crypto/public_key.h> 13 #include <crypto/hash_info.h> 14 #include <keys/asymmetric-type.h> 15 #include <keys/system_keyring.h> 16 17 #include "integrity.h" 18 19 /* 20 * Request an asymmetric key. 21 */ 22 static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid) 23 { 24 struct key *key; 25 char name[12]; 26 27 sprintf(name, "id:%08x", keyid); 28 29 pr_debug("key search: \"%s\"\n", name); 30 31 key = get_ima_blacklist_keyring(); 32 if (key) { 33 key_ref_t kref; 34 35 kref = keyring_search(make_key_ref(key, 1), 36 &key_type_asymmetric, name, true); 37 if (!IS_ERR(kref)) { 38 pr_err("Key '%s' is in ima_blacklist_keyring\n", name); 39 return ERR_PTR(-EKEYREJECTED); 40 } 41 } 42 43 if (keyring) { 44 /* search in specific keyring */ 45 key_ref_t kref; 46 47 kref = keyring_search(make_key_ref(keyring, 1), 48 &key_type_asymmetric, name, true); 49 if (IS_ERR(kref)) 50 key = ERR_CAST(kref); 51 else 52 key = key_ref_to_ptr(kref); 53 } else { 54 key = request_key(&key_type_asymmetric, name, NULL); 55 } 56 57 if (IS_ERR(key)) { 58 pr_err_ratelimited("Request for unknown key '%s' err %ld\n", 59 name, PTR_ERR(key)); 60 switch (PTR_ERR(key)) { 61 /* Hide some search errors */ 62 case -EACCES: 63 case -ENOTDIR: 64 case -EAGAIN: 65 return ERR_PTR(-ENOKEY); 66 default: 67 return key; 68 } 69 } 70 71 pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key)); 72 73 return key; 74 } 75 76 int asymmetric_verify(struct key *keyring, const char *sig, 77 int siglen, const char *data, int datalen) 78 { 79 struct public_key_signature pks; 80 struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig; 81 struct key *key; 82 int ret = -ENOMEM; 83 84 if (siglen <= sizeof(*hdr)) 85 return -EBADMSG; 86 87 siglen -= sizeof(*hdr); 88 89 if (siglen != be16_to_cpu(hdr->sig_size)) 90 return -EBADMSG; 91 92 if (hdr->hash_algo >= HASH_ALGO__LAST) 93 return -ENOPKG; 94 95 key = request_asymmetric_key(keyring, be32_to_cpu(hdr->keyid)); 96 if (IS_ERR(key)) 97 return PTR_ERR(key); 98 99 memset(&pks, 0, sizeof(pks)); 100 101 pks.hash_algo = hash_algo_name[hdr->hash_algo]; 102 if (hdr->hash_algo == HASH_ALGO_STREEBOG_256 || 103 hdr->hash_algo == HASH_ALGO_STREEBOG_512) { 104 /* EC-RDSA and Streebog should go together. */ 105 pks.pkey_algo = "ecrdsa"; 106 pks.encoding = "raw"; 107 } else { 108 pks.pkey_algo = "rsa"; 109 pks.encoding = "pkcs1"; 110 } 111 pks.digest = (u8 *)data; 112 pks.digest_size = datalen; 113 pks.s = hdr->sig; 114 pks.s_size = siglen; 115 ret = verify_signature(key, &pks); 116 key_put(key); 117 pr_debug("%s() = %d\n", __func__, ret); 118 return ret; 119 } 120 121 /** 122 * integrity_kernel_module_request - prevent crypto-pkcs1pad(rsa,*) requests 123 * @kmod_name: kernel module name 124 * 125 * We have situation, when public_key_verify_signature() in case of RSA 126 * algorithm use alg_name to store internal information in order to 127 * construct an algorithm on the fly, but crypto_larval_lookup() will try 128 * to use alg_name in order to load kernel module with same name. 129 * Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules, 130 * we are safe to fail such module request from crypto_larval_lookup(). 131 * 132 * In this way we prevent modprobe execution during digsig verification 133 * and avoid possible deadlock if modprobe and/or it's dependencies 134 * also signed with digsig. 135 */ 136 int integrity_kernel_module_request(char *kmod_name) 137 { 138 if (strncmp(kmod_name, "crypto-pkcs1pad(rsa,", 20) == 0) 139 return -EINVAL; 140 141 return 0; 142 } 143