• Mikhail Kurinnoi's avatar
    integrity: prevent deadlock during digsig verification. · 6eb864c1
    Mikhail Kurinnoi authored
    This patch aimed to prevent deadlock during digsig verification.The point
    of issue - user space utility modprobe and/or it's dependencies (ld-*.so,
    libz.so.*, libc-*.so and /lib/modules/ files) that could be used for
    kernel modules load during digsig verification and could be signed by
    digsig in the same time.
    First at all, look at crypto_alloc_tfm() work algorithm:
    crypto_alloc_tfm() will first attempt to locate an already loaded
    algorithm. If that fails and the kernel supports dynamically loadable
    modules, it will then attempt to load a module of the same name or alias.
    If that fails it will send a query to any loaded crypto manager to
    construct an algorithm on the fly.
    We have situation, when public_key_verify_signature() in case of RSA
    algorithm use alg_name to store internal information in order to construct
    an algorithm on the fly, but crypto_larval_lookup() will try to use
    alg_name in order to load kernel module with same name.
    1) we can't do anything with crypto module work, since it designed to work
    exactly in this way;
    2) we can't globally filter module requests for modprobe, since it
    designed to work with any requests.
    In this patch, I propose add an exception for "crypto-pkcs1pad(rsa,*)"
    module requests only in case of enabled integrity asymmetric keys support.
    Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules for
    sure, we are safe to fail such module request from crypto_larval_lookup().
    In this way we prevent modprobe execution during digsig verification and
    avoid possible deadlock if modprobe and/or it's dependencies also signed
    with digsig.
    Requested "crypto-pkcs1pad(rsa,*)" kernel module name formed by:
    1) "pkcs1pad(rsa,%s)" in public_key_verify_signature();
    2) "crypto-%s" / "crypto-%s-all" in crypto_larval_lookup().
    "crypto-pkcs1pad(rsa," part of request is a constant and unique and could
    be used as filter.
    Signed-off-by: Mikhail Kurinnoi's avatarMikhail Kurinnoi <viewizard@viewizard.com>
    Signed-off-by: default avatarMimi Zohar <zohar@linux.vnet.ibm.com>
     include/linux/integrity.h              | 13 +++++++++++++
     security/integrity/digsig_asymmetric.c | 23 +++++++++++++++++++++++
     security/security.c                    |  7 ++++++-
     3 files changed, 42 insertions(+), 1 deletion(-)
integrity.h 1.28 KB