Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/security/integrity/digsig_asymmetric.c 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) // SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * Copyright (C) 2013 Intel Corporation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5)  * Author:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6)  * Dmitry Kasatkin <dmitry.kasatkin@intel.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9) #include <linux/err.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10) #include <linux/ratelimit.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) #include <linux/key-type.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) #include <crypto/public_key.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) #include <crypto/hash_info.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) #include <keys/asymmetric-type.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) #include <keys/system_keyring.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) #include "integrity.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20)  * Request an asymmetric key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) 	struct key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) 	char name[12];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) 	sprintf(name, "id:%08x", keyid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) 	pr_debug("key search: \"%s\"\n", name);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) 	key = get_ima_blacklist_keyring();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) 	if (key) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) 		key_ref_t kref;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) 		kref = keyring_search(make_key_ref(key, 1),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) 				      &key_type_asymmetric, name, true);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) 		if (!IS_ERR(kref)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) 			pr_err("Key '%s' is in ima_blacklist_keyring\n", name);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) 			return ERR_PTR(-EKEYREJECTED);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) 		}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) 	if (keyring) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) 		/* search in specific keyring */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) 		key_ref_t kref;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) 		kref = keyring_search(make_key_ref(keyring, 1),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) 				      &key_type_asymmetric, name, true);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) 		if (IS_ERR(kref))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) 			key = ERR_CAST(kref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 		else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) 			key = key_ref_to_ptr(kref);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 	} else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) 		key = request_key(&key_type_asymmetric, name, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) 	if (IS_ERR(key)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) 		if (keyring)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 			pr_err_ratelimited("Request for unknown key '%s' in '%s' keyring. err %ld\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) 					   name, keyring->description,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 					   PTR_ERR(key));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) 		else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) 			pr_err_ratelimited("Request for unknown key '%s' err %ld\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) 					   name, PTR_ERR(key));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) 		switch (PTR_ERR(key)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 			/* Hide some search errors */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) 		case -EACCES:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 		case -ENOTDIR:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 		case -EAGAIN:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) 			return ERR_PTR(-ENOKEY);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 		default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 			return key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 		}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) 	pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) 	return key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) int asymmetric_verify(struct key *keyring, const char *sig,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 		      int siglen, const char *data, int datalen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 	struct public_key_signature pks;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 	struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) 	struct key *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 	int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) 	if (siglen <= sizeof(*hdr))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) 		return -EBADMSG;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 	siglen -= sizeof(*hdr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 	if (siglen != be16_to_cpu(hdr->sig_size))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) 		return -EBADMSG;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 	if (hdr->hash_algo >= HASH_ALGO__LAST)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) 		return -ENOPKG;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) 	key = request_asymmetric_key(keyring, be32_to_cpu(hdr->keyid));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) 	if (IS_ERR(key))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) 		return PTR_ERR(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) 	memset(&pks, 0, sizeof(pks));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) 	pks.hash_algo = hash_algo_name[hdr->hash_algo];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) 	switch (hdr->hash_algo) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) 	case HASH_ALGO_STREEBOG_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) 	case HASH_ALGO_STREEBOG_512:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) 		/* EC-RDSA and Streebog should go together. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) 		pks.pkey_algo = "ecrdsa";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) 		pks.encoding = "raw";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) 	case HASH_ALGO_SM3_256:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) 		/* SM2 and SM3 should go together. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) 		pks.pkey_algo = "sm2";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) 		pks.encoding = "raw";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) 	default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) 		pks.pkey_algo = "rsa";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) 		pks.encoding = "pkcs1";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) 		break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) 	pks.digest = (u8 *)data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) 	pks.digest_size = datalen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) 	pks.s = hdr->sig;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) 	pks.s_size = siglen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) 	ret = verify_signature(key, &pks);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) 	key_put(key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) 	pr_debug("%s() = %d\n", __func__, ret);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) 	return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136)  * integrity_kernel_module_request - prevent crypto-pkcs1pad(rsa,*) requests
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137)  * @kmod_name: kernel module name
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139)  * We have situation, when public_key_verify_signature() in case of RSA
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140)  * algorithm use alg_name to store internal information in order to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141)  * construct an algorithm on the fly, but crypto_larval_lookup() will try
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142)  * to use alg_name in order to load kernel module with same name.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143)  * Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144)  * we are safe to fail such module request from crypto_larval_lookup().
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146)  * In this way we prevent modprobe execution during digsig verification
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147)  * and avoid possible deadlock if modprobe and/or it's dependencies
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148)  * also signed with digsig.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) int integrity_kernel_module_request(char *kmod_name)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) 	if (strncmp(kmod_name, "crypto-pkcs1pad(rsa,", 20) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) }
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.