diff options
| author | Thiago Jung Bauermann <bauerman@linux.ibm.com> | 2019-07-04 14:57:34 -0400 |
|---|---|---|
| committer | Mimi Zohar <zohar@linux.ibm.com> | 2019-08-05 18:39:56 -0400 |
| commit | c8424e776b093280d3fdd104d850706b3b229ac8 (patch) | |
| tree | 3f14381fe576439fa1fa94736b67d1015c40752d /kernel/module_signature.c | |
| parent | b36f281f4a314de4be0a51d6511b794691f8a244 (diff) | |
MODSIGN: Export module signature definitions
IMA will use the module_signature format for append signatures, so export
the relevant definitions and factor out the code which verifies that the
appended signature trailer is valid.
Also, create a CONFIG_MODULE_SIG_FORMAT option so that IMA can select it
and be able to use mod_check_sig() without having to depend on either
CONFIG_MODULE_SIG or CONFIG_MODULES.
s390 duplicated the definition of struct module_signature so now they can
use the new <linux/module_signature.h> header instead.
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Acked-by: Jessica Yu <jeyu@kernel.org>
Reviewed-by: Philipp Rudo <prudo@linux.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'kernel/module_signature.c')
| -rw-r--r-- | kernel/module_signature.c | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/kernel/module_signature.c b/kernel/module_signature.c new file mode 100644 index 000000000000..4224a1086b7d --- /dev/null +++ b/kernel/module_signature.c | |||
| @@ -0,0 +1,46 @@ | |||
| 1 | // SPDX-License-Identifier: GPL-2.0+ | ||
| 2 | /* | ||
| 3 | * Module signature checker | ||
| 4 | * | ||
| 5 | * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. | ||
| 6 | * Written by David Howells (dhowells@redhat.com) | ||
| 7 | */ | ||
| 8 | |||
| 9 | #include <linux/errno.h> | ||
| 10 | #include <linux/printk.h> | ||
| 11 | #include <linux/module_signature.h> | ||
| 12 | #include <asm/byteorder.h> | ||
| 13 | |||
| 14 | /** | ||
| 15 | * mod_check_sig - check that the given signature is sane | ||
| 16 | * | ||
| 17 | * @ms: Signature to check. | ||
| 18 | * @file_len: Size of the file to which @ms is appended. | ||
| 19 | * @name: What is being checked. Used for error messages. | ||
| 20 | */ | ||
| 21 | int mod_check_sig(const struct module_signature *ms, size_t file_len, | ||
| 22 | const char *name) | ||
| 23 | { | ||
| 24 | if (be32_to_cpu(ms->sig_len) >= file_len - sizeof(*ms)) | ||
| 25 | return -EBADMSG; | ||
| 26 | |||
| 27 | if (ms->id_type != PKEY_ID_PKCS7) { | ||
| 28 | pr_err("%s: Module is not signed with expected PKCS#7 message\n", | ||
| 29 | name); | ||
| 30 | return -ENOPKG; | ||
| 31 | } | ||
| 32 | |||
| 33 | if (ms->algo != 0 || | ||
| 34 | ms->hash != 0 || | ||
| 35 | ms->signer_len != 0 || | ||
| 36 | ms->key_id_len != 0 || | ||
| 37 | ms->__pad[0] != 0 || | ||
| 38 | ms->__pad[1] != 0 || | ||
| 39 | ms->__pad[2] != 0) { | ||
| 40 | pr_err("%s: PKCS#7 signature info has unexpected non-zero params\n", | ||
| 41 | name); | ||
| 42 | return -EBADMSG; | ||
| 43 | } | ||
| 44 | |||
| 45 | return 0; | ||
| 46 | } | ||