Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/kernel/module_signing.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /* Module signature checker 2 * 3 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public Licence 8 * as published by the Free Software Foundation; either version 9 * 2 of the Licence, or (at your option) any later version. 10 */ 11 12 #include <linux/kernel.h> 13 #include <linux/err.h> 14 #include <crypto/public_key.h> 15 #include <crypto/hash.h> 16 #include <keys/asymmetric-type.h> 17 #include "module-internal.h" 18 19 /* 20 * Module signature information block. 21 * 22 * The constituents of the signature section are, in order: 23 * 24 * - Signer's name 25 * - Key identifier 26 * - Signature data 27 * - Information block 28 */ 29 struct module_signature { 30 u8 algo; /* Public-key crypto algorithm [enum pkey_algo] */ 31 u8 hash; /* Digest algorithm [enum pkey_hash_algo] */ 32 u8 id_type; /* Key identifier type [enum pkey_id_type] */ 33 u8 signer_len; /* Length of signer's name */ 34 u8 key_id_len; /* Length of key identifier */ 35 u8 __pad[3]; 36 __be32 sig_len; /* Length of signature data */ 37 }; 38 39 /* 40 * Digest the module contents. 41 */ 42 static struct public_key_signature *mod_make_digest(enum pkey_hash_algo hash, 43 const void *mod, 44 unsigned long modlen) 45 { 46 struct public_key_signature *pks; 47 struct crypto_shash *tfm; 48 struct shash_desc *desc; 49 size_t digest_size, desc_size; 50 int ret; 51 52 pr_devel("==>%s()\n", __func__); 53 54 /* Allocate the hashing algorithm we're going to need and find out how 55 * big the hash operational data will be. 56 */ 57 tfm = crypto_alloc_shash(pkey_hash_algo[hash], 0, 0); 58 if (IS_ERR(tfm)) 59 return (PTR_ERR(tfm) == -ENOENT) ? ERR_PTR(-ENOPKG) : ERR_CAST(tfm); 60 61 desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); 62 digest_size = crypto_shash_digestsize(tfm); 63 64 /* We allocate the hash operational data storage on the end of our 65 * context data and the digest output buffer on the end of that. 66 */ 67 ret = -ENOMEM; 68 pks = kzalloc(digest_size + sizeof(*pks) + desc_size, GFP_KERNEL); 69 if (!pks) 70 goto error_no_pks; 71 72 pks->pkey_hash_algo = hash; 73 pks->digest = (u8 *)pks + sizeof(*pks) + desc_size; 74 pks->digest_size = digest_size; 75 76 desc = (void *)pks + sizeof(*pks); 77 desc->tfm = tfm; 78 desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; 79 80 ret = crypto_shash_init(desc); 81 if (ret < 0) 82 goto error; 83 84 ret = crypto_shash_finup(desc, mod, modlen, pks->digest); 85 if (ret < 0) 86 goto error; 87 88 crypto_free_shash(tfm); 89 pr_devel("<==%s() = ok\n", __func__); 90 return pks; 91 92 error: 93 kfree(pks); 94 error_no_pks: 95 crypto_free_shash(tfm); 96 pr_devel("<==%s() = %d\n", __func__, ret); 97 return ERR_PTR(ret); 98 } 99 100 /* 101 * Extract an MPI array from the signature data. This represents the actual 102 * signature. Each raw MPI is prefaced by a BE 2-byte value indicating the 103 * size of the MPI in bytes. 104 * 105 * RSA signatures only have one MPI, so currently we only read one. 106 */ 107 static int mod_extract_mpi_array(struct public_key_signature *pks, 108 const void *data, size_t len) 109 { 110 size_t nbytes; 111 MPI mpi; 112 113 if (len < 3) 114 return -EBADMSG; 115 nbytes = ((const u8 *)data)[0] << 8 | ((const u8 *)data)[1]; 116 data += 2; 117 len -= 2; 118 if (len != nbytes) 119 return -EBADMSG; 120 121 mpi = mpi_read_raw_data(data, nbytes); 122 if (!mpi) 123 return -ENOMEM; 124 pks->mpi[0] = mpi; 125 pks->nr_mpi = 1; 126 return 0; 127 } 128 129 /* 130 * Request an asymmetric key. 131 */ 132 static struct key *request_asymmetric_key(const char *signer, size_t signer_len, 133 const u8 *key_id, size_t key_id_len) 134 { 135 key_ref_t key; 136 size_t i; 137 char *id, *q; 138 139 pr_devel("==>%s(,%zu,,%zu)\n", __func__, signer_len, key_id_len); 140 141 /* Construct an identifier. */ 142 id = kmalloc(signer_len + 2 + key_id_len * 2 + 1, GFP_KERNEL); 143 if (!id) 144 return ERR_PTR(-ENOKEY); 145 146 memcpy(id, signer, signer_len); 147 148 q = id + signer_len; 149 *q++ = ':'; 150 *q++ = ' '; 151 for (i = 0; i < key_id_len; i++) { 152 *q++ = hex_asc[*key_id >> 4]; 153 *q++ = hex_asc[*key_id++ & 0x0f]; 154 } 155 156 *q = 0; 157 158 pr_debug("Look up: \"%s\"\n", id); 159 160 key = keyring_search(make_key_ref(modsign_keyring, 1), 161 &key_type_asymmetric, id); 162 if (IS_ERR(key)) 163 pr_warn("Request for unknown module key '%s' err %ld\n", 164 id, PTR_ERR(key)); 165 kfree(id); 166 167 if (IS_ERR(key)) { 168 switch (PTR_ERR(key)) { 169 /* Hide some search errors */ 170 case -EACCES: 171 case -ENOTDIR: 172 case -EAGAIN: 173 return ERR_PTR(-ENOKEY); 174 default: 175 return ERR_CAST(key); 176 } 177 } 178 179 pr_devel("<==%s() = 0 [%x]\n", __func__, key_serial(key_ref_to_ptr(key))); 180 return key_ref_to_ptr(key); 181 } 182 183 /* 184 * Verify the signature on a module. 185 */ 186 int mod_verify_sig(const void *mod, unsigned long *_modlen) 187 { 188 struct public_key_signature *pks; 189 struct module_signature ms; 190 struct key *key; 191 const void *sig; 192 size_t modlen = *_modlen, sig_len; 193 int ret; 194 195 pr_devel("==>%s(,%zu)\n", __func__, modlen); 196 197 if (modlen <= sizeof(ms)) 198 return -EBADMSG; 199 200 memcpy(&ms, mod + (modlen - sizeof(ms)), sizeof(ms)); 201 modlen -= sizeof(ms); 202 203 sig_len = be32_to_cpu(ms.sig_len); 204 if (sig_len >= modlen) 205 return -EBADMSG; 206 modlen -= sig_len; 207 if ((size_t)ms.signer_len + ms.key_id_len >= modlen) 208 return -EBADMSG; 209 modlen -= (size_t)ms.signer_len + ms.key_id_len; 210 211 *_modlen = modlen; 212 sig = mod + modlen; 213 214 /* For the moment, only support RSA and X.509 identifiers */ 215 if (ms.algo != PKEY_ALGO_RSA || 216 ms.id_type != PKEY_ID_X509) 217 return -ENOPKG; 218 219 if (ms.hash >= PKEY_HASH__LAST || 220 !pkey_hash_algo[ms.hash]) 221 return -ENOPKG; 222 223 key = request_asymmetric_key(sig, ms.signer_len, 224 sig + ms.signer_len, ms.key_id_len); 225 if (IS_ERR(key)) 226 return PTR_ERR(key); 227 228 pks = mod_make_digest(ms.hash, mod, modlen); 229 if (IS_ERR(pks)) { 230 ret = PTR_ERR(pks); 231 goto error_put_key; 232 } 233 234 ret = mod_extract_mpi_array(pks, sig + ms.signer_len + ms.key_id_len, 235 sig_len); 236 if (ret < 0) 237 goto error_free_pks; 238 239 ret = verify_signature(key, pks); 240 pr_devel("verify_signature() = %d\n", ret); 241 242 error_free_pks: 243 mpi_free(pks->rsa.s); 244 kfree(pks); 245 error_put_key: 246 key_put(key); 247 pr_devel("<==%s() = %d\n", __func__, ret); 248 return ret; 249 }
Cache object: a87f66ab5f2b10ad96ccc98be18199b2
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]