1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * Copyright (C) 2013 Intel Corporation 4 * 5 * Author: 6 * Dmitry Kasatkin <dmitry.kasatkin@intel.com> 7 */ 8 9#include <linux/err.h> 10#include <linux/ratelimit.h> 11#include <linux/key-type.h> 12#include <crypto/public_key.h> 13#include <crypto/hash_info.h> 14#include <keys/asymmetric-type.h> 15#include <keys/system_keyring.h> 16 17#include "integrity.h" 18 19/* 20 * Request an asymmetric key. 21 */ 22static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid) 23{ 24 struct key *key; 25 char name[12]; 26 27 sprintf(name, "id:%08x", keyid); 28 29 pr_debug("key search: \"%s\"\n", name); 30 31 key = get_ima_blacklist_keyring(); 32 if (key) { 33 key_ref_t kref; 34 35 kref = keyring_search(make_key_ref(key, 1), 36 &key_type_asymmetric, name, true); 37 if (!IS_ERR(kref)) { 38 pr_err("Key '%s' is in ima_blacklist_keyring\n", name); 39 return ERR_PTR(-EKEYREJECTED); 40 } 41 } 42 43 if (keyring) { 44 /* search in specific keyring */ 45 key_ref_t kref; 46 47 kref = keyring_search(make_key_ref(keyring, 1), 48 &key_type_asymmetric, name, true); 49 if (IS_ERR(kref)) 50 key = ERR_CAST(kref); 51 else 52 key = key_ref_to_ptr(kref); 53 } else { 54 key = request_key(&key_type_asymmetric, name, NULL); 55 } 56 57 if (IS_ERR(key)) { 58 if (keyring) 59 pr_err_ratelimited("Request for unknown key '%s' in '%s' keyring. err %ld\n", 60 name, keyring->description, 61 PTR_ERR(key)); 62 else 63 pr_err_ratelimited("Request for unknown key '%s' err %ld\n", 64 name, PTR_ERR(key)); 65 66 switch (PTR_ERR(key)) { 67 /* Hide some search errors */ 68 case -EACCES: 69 case -ENOTDIR: 70 case -EAGAIN: 71 return ERR_PTR(-ENOKEY); 72 default: 73 return key; 74 } 75 } 76 77 pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key)); 78 79 return key; 80} 81 82int asymmetric_verify(struct key *keyring, const char *sig, 83 int siglen, const char *data, int datalen) 84{ 85 struct public_key_signature pks; 86 struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig; 87 struct key *key; 88 int ret; 89 90 if (siglen <= sizeof(*hdr)) 91 return -EBADMSG; 92 93 siglen -= sizeof(*hdr); 94 95 if (siglen != be16_to_cpu(hdr->sig_size)) 96 return -EBADMSG; 97 98 if (hdr->hash_algo >= HASH_ALGO__LAST) 99 return -ENOPKG; 100 101 key = request_asymmetric_key(keyring, be32_to_cpu(hdr->keyid)); 102 if (IS_ERR(key)) 103 return PTR_ERR(key); 104 105 memset(&pks, 0, sizeof(pks)); 106 107 pks.hash_algo = hash_algo_name[hdr->hash_algo]; 108 switch (hdr->hash_algo) { 109 case HASH_ALGO_STREEBOG_256: 110 case HASH_ALGO_STREEBOG_512: 111 /* EC-RDSA and Streebog should go together. */ 112 pks.pkey_algo = "ecrdsa"; 113 pks.encoding = "raw"; 114 break; 115 case HASH_ALGO_SM3_256: 116 /* SM2 and SM3 should go together. */ 117 pks.pkey_algo = "sm2"; 118 pks.encoding = "raw"; 119 break; 120 default: 121 pks.pkey_algo = "rsa"; 122 pks.encoding = "pkcs1"; 123 break; 124 } 125 pks.digest = (u8 *)data; 126 pks.digest_size = datalen; 127 pks.s = hdr->sig; 128 pks.s_size = siglen; 129 ret = verify_signature(key, &pks); 130 key_put(key); 131 pr_debug("%s() = %d\n", __func__, ret); 132 return ret; 133} 134 135/** 136 * integrity_kernel_module_request - prevent crypto-pkcs1pad(rsa,*) requests 137 * @kmod_name: kernel module name 138 * 139 * We have situation, when public_key_verify_signature() in case of RSA 140 * algorithm use alg_name to store internal information in order to 141 * construct an algorithm on the fly, but crypto_larval_lookup() will try 142 * to use alg_name in order to load kernel module with same name. 143 * Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules, 144 * we are safe to fail such module request from crypto_larval_lookup(). 145 * 146 * In this way we prevent modprobe execution during digsig verification 147 * and avoid possible deadlock if modprobe and/or it's dependencies 148 * also signed with digsig. 149 */ 150int integrity_kernel_module_request(char *kmod_name) 151{ 152 if (strncmp(kmod_name, "crypto-pkcs1pad(rsa,", 20) == 0) 153 return -EINVAL; 154 155 return 0; 156} 157