security/integrity/digsig_asymmetric.c

0001 // SPDX-License-Identifier: GPL-2.0-only
0002 /*
0003  * Copyright (C) 2013 Intel Corporation
0004  *
0005  * Author:
0006  * Dmitry Kasatkin <dmitry.kasatkin@intel.com>
0007  */
0008
0009 #include <linux/err.h>
0010 #include <linux/ratelimit.h>
0011 #include <linux/key-type.h>
0012 #include <crypto/public_key.h>
0013 #include <crypto/hash_info.h>
0014 #include <keys/asymmetric-type.h>
0015 #include <keys/system_keyring.h>
0016
0017 #include "integrity.h"
0018
0019 /*
0020  * Request an asymmetric key.
0021  */
0022 static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid)
0023 {
0024     struct key *key;
0025     char name[12];
0026
0027     sprintf(name, "id:%08x", keyid);
0028
0029     pr_debug("key search: \"%s\"\n", name);
0030
0031     key = get_ima_blacklist_keyring();
0032     if (key) {
0033         key_ref_t kref;
0034
0035         kref = keyring_search(make_key_ref(key, 1),
0036                       &key_type_asymmetric, name, true);
0037         if (!IS_ERR(kref)) {
0038             pr_err("Key '%s' is in ima_blacklist_keyring\n", name);
0039             return ERR_PTR(-EKEYREJECTED);
0040         }
0041     }
0042
0043     if (keyring) {
0044         /* search in specific keyring */
0045         key_ref_t kref;
0046
0047         kref = keyring_search(make_key_ref(keyring, 1),
0048                       &key_type_asymmetric, name, true);
0049         if (IS_ERR(kref))
0050             key = ERR_CAST(kref);
0051         else
0052             key = key_ref_to_ptr(kref);
0053     } else {
0054         key = request_key(&key_type_asymmetric, name, NULL);
0055     }
0056
0057     if (IS_ERR(key)) {
0058         if (keyring)
0059             pr_err_ratelimited("Request for unknown key '%s' in '%s' keyring. err %ld\n",
0060                        name, keyring->description,
0061                        PTR_ERR(key));
0062         else
0063             pr_err_ratelimited("Request for unknown key '%s' err %ld\n",
0064                        name, PTR_ERR(key));
0065
0066         switch (PTR_ERR(key)) {
0067             /* Hide some search errors */
0068         case -EACCES:
0069         case -ENOTDIR:
0070         case -EAGAIN:
0071             return ERR_PTR(-ENOKEY);
0072         default:
0073             return key;
0074         }
0075     }
0076
0077     pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key));
0078
0079     return key;
0080 }
0081
0082 int asymmetric_verify(struct key *keyring, const char *sig,
0083               int siglen, const char *data, int datalen)
0084 {
0085     struct public_key_signature pks;
0086     struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig;
0087     const struct public_key *pk;
0088     struct key *key;
0089     int ret;
0090
0091     if (siglen <= sizeof(*hdr))
0092         return -EBADMSG;
0093
0094     siglen -= sizeof(*hdr);
0095
0096     if (siglen != be16_to_cpu(hdr->sig_size))
0097         return -EBADMSG;
0098
0099     if (hdr->hash_algo >= HASH_ALGO__LAST)
0100         return -ENOPKG;
0101
0102     key = request_asymmetric_key(keyring, be32_to_cpu(hdr->keyid));
0103     if (IS_ERR(key))
0104         return PTR_ERR(key);
0105
0106     memset(&pks, 0, sizeof(pks));
0107
0108     pks.hash_algo = hash_algo_name[hdr->hash_algo];
0109
0110     pk = asymmetric_key_public_key(key);
0111     pks.pkey_algo = pk->pkey_algo;
0112     if (!strcmp(pk->pkey_algo, "rsa")) {
0113         pks.encoding = "pkcs1";
0114     } else if (!strncmp(pk->pkey_algo, "ecdsa-", 6)) {
0115         /* edcsa-nist-p192 etc. */
0116         pks.encoding = "x962";
0117     } else if (!strcmp(pk->pkey_algo, "ecrdsa") ||
0118            !strcmp(pk->pkey_algo, "sm2")) {
0119         pks.encoding = "raw";
0120     } else {
0121         ret = -ENOPKG;
0122         goto out;
0123     }
0124
0125     pks.digest = (u8 *)data;
0126     pks.digest_size = datalen;
0127     pks.s = hdr->sig;
0128     pks.s_size = siglen;
0129     ret = verify_signature(key, &pks);
0130 out:
0131     key_put(key);
0132     pr_debug("%s() = %d\n", __func__, ret);
0133     return ret;
0134 }
0135
0136 /**
0137  * integrity_kernel_module_request - prevent crypto-pkcs1pad(rsa,*) requests
0138  * @kmod_name: kernel module name
0139  *
0140  * We have situation, when public_key_verify_signature() in case of RSA
0141  * algorithm use alg_name to store internal information in order to
0142  * construct an algorithm on the fly, but crypto_larval_lookup() will try
0143  * to use alg_name in order to load kernel module with same name.
0144  * Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules,
0145  * we are safe to fail such module request from crypto_larval_lookup().
0146  *
0147  * In this way we prevent modprobe execution during digsig verification
0148  * and avoid possible deadlock if modprobe and/or it's dependencies
0149  * also signed with digsig.
0150  */
0151 int integrity_kernel_module_request(char *kmod_name)
0152 {
0153     if (strncmp(kmod_name, "crypto-pkcs1pad(rsa,", 20) == 0)
0154         return -EINVAL;
0155
0156     return 0;
0157 }