diff options
author | David Howells <dhowells@redhat.com> | 2012-09-26 05:09:50 -0400 |
---|---|---|
committer | Rusty Russell <rusty@rustcorp.com.au> | 2012-10-10 05:31:19 -0400 |
commit | 1d0059f3a468825b5fc5405c636a2f6e02707ffa (patch) | |
tree | 0eef1243a093410f39564051d8904c8041e1e717 /kernel | |
parent | 106a4ee258d14818467829bf0e12aeae14c16cd7 (diff) |
MODSIGN: Add FIPS policy
If we're in FIPS mode, we should panic if we fail to verify the signature on a
module or we're asked to load an unsigned module in signature enforcing mode.
Possibly FIPS mode should automatically enable enforcing mode.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/module.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/kernel/module.c b/kernel/module.c index 68c564edb2c1..0e2da8695f8e 100644 --- a/kernel/module.c +++ b/kernel/module.c | |||
@@ -58,6 +58,7 @@ | |||
58 | #include <linux/jump_label.h> | 58 | #include <linux/jump_label.h> |
59 | #include <linux/pfn.h> | 59 | #include <linux/pfn.h> |
60 | #include <linux/bsearch.h> | 60 | #include <linux/bsearch.h> |
61 | #include <linux/fips.h> | ||
61 | #include "module-internal.h" | 62 | #include "module-internal.h" |
62 | 63 | ||
63 | #define CREATE_TRACE_POINTS | 64 | #define CREATE_TRACE_POINTS |
@@ -2447,6 +2448,9 @@ static int module_sig_check(struct load_info *info, | |||
2447 | } | 2448 | } |
2448 | 2449 | ||
2449 | /* Not having a signature is only an error if we're strict. */ | 2450 | /* Not having a signature is only an error if we're strict. */ |
2451 | if (err < 0 && fips_enabled) | ||
2452 | panic("Module verification failed with error %d in FIPS mode\n", | ||
2453 | err); | ||
2450 | if (err == -ENOKEY && !sig_enforce) | 2454 | if (err == -ENOKEY && !sig_enforce) |
2451 | err = 0; | 2455 | err = 0; |
2452 | 2456 | ||