+52

Documentation/security/keys.txt

reviewed

··· 823 823 A process must have search permission on the key for this function to be 824 824 successful. 825 825 826 826 + (*) Compute a Diffie-Hellman shared secret or public key 827 827 + 828 828 + long keyctl(KEYCTL_DH_COMPUTE, struct keyctl_dh_params *params, 829 829 + char *buffer, size_t buflen); 830 830 + 831 831 + The params struct contains serial numbers for three keys: 832 832 + 833 833 + - The prime, p, known to both parties 834 834 + - The local private key 835 835 + - The base integer, which is either a shared generator or the 836 836 + remote public key 837 837 + 838 838 + The value computed is: 839 839 + 840 840 + result = base ^ private (mod prime) 841 841 + 842 842 + If the base is the shared generator, the result is the local 843 843 + public key. If the base is the remote public key, the result is 844 844 + the shared secret. 845 845 + 846 846 + The buffer length must be at least the length of the prime, or zero. 847 847 + 848 848 + If the buffer length is nonzero, the length of the result is 849 849 + returned when it is successfully calculated and copied in to the 850 850 + buffer. When the buffer length is zero, the minimum required 851 851 + buffer length is returned. 852 852 + 853 853 + This function will return error EOPNOTSUPP if the key type is not 854 854 + supported, error ENOKEY if the key could not be found, or error 855 855 + EACCES if the key is not readable by the caller. 826 856 827 857 =============== 828 858 KERNEL SERVICES ··· 1029 999 struct key *keyring_alloc(const char *description, uid_t uid, gid_t gid, 1030 1000 const struct cred *cred, 1031 1001 key_perm_t perm, 1002 1002 + int (*restrict_link)(struct key *, 1003 1003 + const struct key_type *, 1004 1004 + unsigned long, 1005 1005 + const union key_payload *), 1032 1006 unsigned long flags, 1033 1007 struct key *dest); 1034 1008 ··· 1043 1009 Error EDQUOT can be returned if the keyring would overload the quota (pass 1044 1010 KEY_ALLOC_NOT_IN_QUOTA in flags if the keyring shouldn't be accounted 1045 1011 towards the user's quota). Error ENOMEM can also be returned. 1012 1012 + 1013 1013 + If restrict_link not NULL, it should point to a function that will be 1014 1014 + called each time an attempt is made to link a key into the new keyring. 1015 1015 + This function is called to check whether a key may be added into the keying 1016 1016 + or not. Callers of key_create_or_update() within the kernel can pass 1017 1017 + KEY_ALLOC_BYPASS_RESTRICTION to suppress the check. An example of using 1018 1018 + this is to manage rings of cryptographic keys that are set up when the 1019 1019 + kernel boots where userspace is also permitted to add keys - provided they 1020 1020 + can be verified by a key the kernel already has. 1021 1021 + 1022 1022 + When called, the restriction function will be passed the keyring being 1023 1023 + added to, the key flags value and the type and payload of the key being 1024 1024 + added. Note that when a new key is being created, this is called between 1025 1025 + payload preparsing and actual key creation. The function should return 0 1026 1026 + to allow the link or an error to reject it. 1027 1027 + 1028 1028 + A convenience function, restrict_link_reject, exists to always return 1029 1029 + -EPERM to in this case. 1046 1030 1047 1031 1048 1032 (*) To check the validity of a key, this function can be called:

+4 -14

arch/x86/kernel/kexec-bzimage64.c

reviewed

··· 19 19 #include <linux/kernel.h> 20 20 #include <linux/mm.h> 21 21 #include <linux/efi.h> 22 22 - #include <linux/verify_pefile.h> 23 23 - #include <keys/system_keyring.h> 22 22 + #include <linux/verification.h> 24 23 25 24 #include <asm/bootparam.h> 26 25 #include <asm/setup.h> ··· 528 529 #ifdef CONFIG_KEXEC_BZIMAGE_VERIFY_SIG 529 530 static int bzImage64_verify_sig(const char *kernel, unsigned long kernel_len) 530 531 { 531 531 - bool trusted; 532 532 - int ret; 533 533 - 534 534 - ret = verify_pefile_signature(kernel, kernel_len, 535 535 - system_trusted_keyring, 536 536 - VERIFYING_KEXEC_PE_SIGNATURE, 537 537 - &trusted); 538 538 - if (ret < 0) 539 539 - return ret; 540 540 - if (!trusted) 541 541 - return -EKEYREJECTED; 542 542 - return 0; 532 532 + return verify_pefile_signature(kernel, kernel_len, 533 533 + NULL, 534 534 + VERIFYING_KEXEC_PE_SIGNATURE); 543 535 } 544 536 #endif 545 537

+9

certs/Kconfig

reviewed

··· 17 17 config SYSTEM_TRUSTED_KEYRING 18 18 bool "Provide system-wide ring of trusted keys" 19 19 depends on KEYS 20 20 + depends on ASYMMETRIC_KEY_TYPE 20 21 help 21 22 Provide a system keyring to which trusted keys can be added. Keys in 22 23 the keyring are considered to be trusted. Keys may be added at will ··· 55 54 help 56 55 This is the number of bytes reserved in the kernel image for a 57 56 certificate to be inserted. 57 57 + 58 58 + config SECONDARY_TRUSTED_KEYRING 59 59 + bool "Provide a keyring to which extra trustable keys may be added" 60 60 + depends on SYSTEM_TRUSTED_KEYRING 61 61 + help 62 62 + If set, provide a keyring to which extra keys may be added, provided 63 63 + those keys are not blacklisted and are vouched for by a key built 64 64 + into the kernel or already in the secondary trusted keyring. 58 65 59 66 endmenu

+113 -26

certs/system_keyring.c

reviewed

··· 18 18 #include <keys/system_keyring.h> 19 19 #include <crypto/pkcs7.h> 20 20 21 21 - struct key *system_trusted_keyring; 22 22 - EXPORT_SYMBOL_GPL(system_trusted_keyring); 21 21 + static struct key *builtin_trusted_keys; 22 22 + #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING 23 23 + static struct key *secondary_trusted_keys; 24 24 + #endif 23 25 24 26 extern __initconst const u8 system_certificate_list[]; 25 27 extern __initconst const unsigned long system_certificate_list_size; 26 28 29 29 + /** 30 30 + * restrict_link_to_builtin_trusted - Restrict keyring addition by built in CA 31 31 + * 32 32 + * Restrict the addition of keys into a keyring based on the key-to-be-added 33 33 + * being vouched for by a key in the built in system keyring. 34 34 + */ 35 35 + int restrict_link_by_builtin_trusted(struct key *keyring, 36 36 + const struct key_type *type, 37 37 + const union key_payload *payload) 38 38 + { 39 39 + return restrict_link_by_signature(builtin_trusted_keys, type, payload); 40 40 + } 41 41 + 42 42 + #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING 43 43 + /** 44 44 + * restrict_link_by_builtin_and_secondary_trusted - Restrict keyring 45 45 + * addition by both builtin and secondary keyrings 46 46 + * 47 47 + * Restrict the addition of keys into a keyring based on the key-to-be-added 48 48 + * being vouched for by a key in either the built-in or the secondary system 49 49 + * keyrings. 50 50 + */ 51 51 + int restrict_link_by_builtin_and_secondary_trusted( 52 52 + struct key *keyring, 53 53 + const struct key_type *type, 54 54 + const union key_payload *payload) 55 55 + { 56 56 + /* If we have a secondary trusted keyring, then that contains a link 57 57 + * through to the builtin keyring and the search will follow that link. 58 58 + */ 59 59 + if (type == &key_type_keyring && 60 60 + keyring == secondary_trusted_keys && 61 61 + payload == &builtin_trusted_keys->payload) 62 62 + /* Allow the builtin keyring to be added to the secondary */ 63 63 + return 0; 64 64 + 65 65 + return restrict_link_by_signature(secondary_trusted_keys, type, payload); 66 66 + } 67 67 + #endif 68 68 + 27 69 /* 28 28 - * Load the compiled-in keys 70 70 + * Create the trusted keyrings 29 71 */ 30 72 static __init int system_trusted_keyring_init(void) 31 73 { 32 32 - pr_notice("Initialise system trusted keyring\n"); 74 74 + pr_notice("Initialise system trusted keyrings\n"); 33 75 34 34 - system_trusted_keyring = 35 35 - keyring_alloc(".system_keyring", 76 76 + builtin_trusted_keys = 77 77 + keyring_alloc(".builtin_trusted_keys", 36 78 KUIDT_INIT(0), KGIDT_INIT(0), current_cred(), 37 79 ((KEY_POS_ALL & ~KEY_POS_SETATTR) | 38 80 KEY_USR_VIEW | KEY_USR_READ | KEY_USR_SEARCH), 39 39 - KEY_ALLOC_NOT_IN_QUOTA, NULL); 40 40 - if (IS_ERR(system_trusted_keyring)) 41 41 - panic("Can't allocate system trusted keyring\n"); 81 81 + KEY_ALLOC_NOT_IN_QUOTA, 82 82 + NULL, NULL); 83 83 + if (IS_ERR(builtin_trusted_keys)) 84 84 + panic("Can't allocate builtin trusted keyring\n"); 42 85 43 43 - set_bit(KEY_FLAG_TRUSTED_ONLY, &system_trusted_keyring->flags); 86 86 + #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING 87 87 + secondary_trusted_keys = 88 88 + keyring_alloc(".secondary_trusted_keys", 89 89 + KUIDT_INIT(0), KGIDT_INIT(0), current_cred(), 90 90 + ((KEY_POS_ALL & ~KEY_POS_SETATTR) | 91 91 + KEY_USR_VIEW | KEY_USR_READ | KEY_USR_SEARCH | 92 92 + KEY_USR_WRITE), 93 93 + KEY_ALLOC_NOT_IN_QUOTA, 94 94 + restrict_link_by_builtin_and_secondary_trusted, 95 95 + NULL); 96 96 + if (IS_ERR(secondary_trusted_keys)) 97 97 + panic("Can't allocate secondary trusted keyring\n"); 98 98 + 99 99 + if (key_link(secondary_trusted_keys, builtin_trusted_keys) < 0) 100 100 + panic("Can't link trusted keyrings\n"); 101 101 + #endif 102 102 + 44 103 return 0; 45 104 } 46 105 ··· 135 76 if (plen > end - p) 136 77 goto dodgy_cert; 137 78 138 138 - key = key_create_or_update(make_key_ref(system_trusted_keyring, 1), 79 79 + key = key_create_or_update(make_key_ref(builtin_trusted_keys, 1), 139 80 "asymmetric", 140 81 NULL, 141 82 p, ··· 143 84 ((KEY_POS_ALL & ~KEY_POS_SETATTR) | 144 85 KEY_USR_VIEW | KEY_USR_READ), 145 86 KEY_ALLOC_NOT_IN_QUOTA | 146 146 - KEY_ALLOC_TRUSTED | 147 147 - KEY_ALLOC_BUILT_IN); 87 87 + KEY_ALLOC_BUILT_IN | 88 88 + KEY_ALLOC_BYPASS_RESTRICTION); 148 89 if (IS_ERR(key)) { 149 90 pr_err("Problem loading in-kernel X.509 certificate (%ld)\n", 150 91 PTR_ERR(key)); ··· 167 108 #ifdef CONFIG_SYSTEM_DATA_VERIFICATION 168 109 169 110 /** 170 170 - * Verify a PKCS#7-based signature on system data. 171 171 - * @data: The data to be verified. 111 111 + * verify_pkcs7_signature - Verify a PKCS#7-based signature on system data. 112 112 + * @data: The data to be verified (NULL if expecting internal data). 172 113 * @len: Size of @data. 173 114 * @raw_pkcs7: The PKCS#7 message that is the signature. 174 115 * @pkcs7_len: The size of @raw_pkcs7. 116 116 + * @trusted_keys: Trusted keys to use (NULL for builtin trusted keys only, 117 117 + * (void *)1UL for all trusted keys). 175 118 * @usage: The use to which the key is being put. 119 119 + * @view_content: Callback to gain access to content. 120 120 + * @ctx: Context for callback. 176 121 */ 177 177 - int system_verify_data(const void *data, unsigned long len, 178 178 - const void *raw_pkcs7, size_t pkcs7_len, 179 179 - enum key_being_used_for usage) 122 122 + int verify_pkcs7_signature(const void *data, size_t len, 123 123 + const void *raw_pkcs7, size_t pkcs7_len, 124 124 + struct key *trusted_keys, 125 125 + enum key_being_used_for usage, 126 126 + int (*view_content)(void *ctx, 127 127 + const void *data, size_t len, 128 128 + size_t asn1hdrlen), 129 129 + void *ctx) 180 130 { 181 131 struct pkcs7_message *pkcs7; 182 182 - bool trusted; 183 132 int ret; 184 133 185 134 pkcs7 = pkcs7_parse_message(raw_pkcs7, pkcs7_len); ··· 195 128 return PTR_ERR(pkcs7); 196 129 197 130 /* The data should be detached - so we need to supply it. */ 198 198 - if (pkcs7_supply_detached_data(pkcs7, data, len) < 0) { 131 131 + if (data && pkcs7_supply_detached_data(pkcs7, data, len) < 0) { 199 132 pr_err("PKCS#7 signature with non-detached data\n"); 200 133 ret = -EBADMSG; 201 134 goto error; ··· 205 138 if (ret < 0) 206 139 goto error; 207 140 208 208 - ret = pkcs7_validate_trust(pkcs7, system_trusted_keyring, &trusted); 209 209 - if (ret < 0) 141 141 + if (!trusted_keys) { 142 142 + trusted_keys = builtin_trusted_keys; 143 143 + } else if (trusted_keys == (void *)1UL) { 144 144 + #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING 145 145 + trusted_keys = secondary_trusted_keys; 146 146 + #else 147 147 + trusted_keys = builtin_trusted_keys; 148 148 + #endif 149 149 + } 150 150 + ret = pkcs7_validate_trust(pkcs7, trusted_keys); 151 151 + if (ret < 0) { 152 152 + if (ret == -ENOKEY) 153 153 + pr_err("PKCS#7 signature not signed with a trusted key\n"); 210 154 goto error; 155 155 + } 211 156 212 212 - if (!trusted) { 213 213 - pr_err("PKCS#7 signature not signed with a trusted key\n"); 214 214 - ret = -ENOKEY; 157 157 + if (view_content) { 158 158 + size_t asn1hdrlen; 159 159 + 160 160 + ret = pkcs7_get_content_data(pkcs7, &data, &len, &asn1hdrlen); 161 161 + if (ret < 0) { 162 162 + if (ret == -ENODATA) 163 163 + pr_devel("PKCS#7 message does not contain data\n"); 164 164 + goto error; 165 165 + } 166 166 + 167 167 + ret = view_content(ctx, data, len, asn1hdrlen); 215 168 } 216 169 217 170 error: ··· 239 152 pr_devel("<==%s() = %d\n", __func__, ret); 240 153 return ret; 241 154 } 242 242 - EXPORT_SYMBOL_GPL(system_verify_data); 155 155 + EXPORT_SYMBOL_GPL(verify_pkcs7_signature); 243 156 244 157 #endif /* CONFIG_SYSTEM_DATA_VERIFICATION */

+3 -3

crypto/asymmetric_keys/Kconfig

reviewed

··· 1 1 menuconfig ASYMMETRIC_KEY_TYPE 2 2 - tristate "Asymmetric (public-key cryptographic) key type" 2 2 + bool "Asymmetric (public-key cryptographic) key type" 3 3 depends on KEYS 4 4 help 5 5 This option provides support for a key type that holds the data for ··· 40 40 41 41 config PKCS7_TEST_KEY 42 42 tristate "PKCS#7 testing key type" 43 43 - depends on PKCS7_MESSAGE_PARSER 44 44 - select SYSTEM_TRUSTED_KEYRING 43 43 + depends on SYSTEM_DATA_VERIFICATION 45 44 help 46 45 This option provides a type of key that can be loaded up from a 47 46 PKCS#7 message - provided the message is signed by a trusted key. If ··· 53 54 config SIGNED_PE_FILE_VERIFICATION 54 55 bool "Support for PE file signature verification" 55 56 depends on PKCS7_MESSAGE_PARSER=y 57 57 + depends on SYSTEM_DATA_VERIFICATION 56 58 select ASN1 57 59 select OID_REGISTRY 58 60 help

+4 -1

crypto/asymmetric_keys/Makefile

reviewed

··· 4 4 5 5 obj-$(CONFIG_ASYMMETRIC_KEY_TYPE) += asymmetric_keys.o 6 6 7 7 - asymmetric_keys-y := asymmetric_type.o signature.o 7 7 + asymmetric_keys-y := \ 8 8 + asymmetric_type.o \ 9 9 + restrict.o \ 10 10 + signature.o 8 11 9 12 obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o 10 13

+2

crypto/asymmetric_keys/asymmetric_keys.h

reviewed

··· 9 9 * 2 of the Licence, or (at your option) any later version. 10 10 */ 11 11 12 12 + #include <keys/asymmetric-type.h> 13 13 + 12 14 extern struct asymmetric_key_id *asymmetric_key_hex_to_key_id(const char *id); 13 15 14 16 extern int __asymmetric_key_hex_to_key_id(const char *id,

+94 -2

crypto/asymmetric_keys/asymmetric_type.c

reviewed

··· 35 35 static DECLARE_RWSEM(asymmetric_key_parsers_sem); 36 36 37 37 /** 38 38 + * find_asymmetric_key - Find a key by ID. 39 39 + * @keyring: The keys to search. 40 40 + * @id_0: The first ID to look for or NULL. 41 41 + * @id_1: The second ID to look for or NULL. 42 42 + * @partial: Use partial match if true, exact if false. 43 43 + * 44 44 + * Find a key in the given keyring by identifier. The preferred identifier is 45 45 + * the id_0 and the fallback identifier is the id_1. If both are given, the 46 46 + * lookup is by the former, but the latter must also match. 47 47 + */ 48 48 + struct key *find_asymmetric_key(struct key *keyring, 49 49 + const struct asymmetric_key_id *id_0, 50 50 + const struct asymmetric_key_id *id_1, 51 51 + bool partial) 52 52 + { 53 53 + struct key *key; 54 54 + key_ref_t ref; 55 55 + const char *lookup; 56 56 + char *req, *p; 57 57 + int len; 58 58 + 59 59 + if (id_0) { 60 60 + lookup = id_0->data; 61 61 + len = id_0->len; 62 62 + } else { 63 63 + lookup = id_1->data; 64 64 + len = id_1->len; 65 65 + } 66 66 + 67 67 + /* Construct an identifier "id:<keyid>". */ 68 68 + p = req = kmalloc(2 + 1 + len * 2 + 1, GFP_KERNEL); 69 69 + if (!req) 70 70 + return ERR_PTR(-ENOMEM); 71 71 + 72 72 + if (partial) { 73 73 + *p++ = 'i'; 74 74 + *p++ = 'd'; 75 75 + } else { 76 76 + *p++ = 'e'; 77 77 + *p++ = 'x'; 78 78 + } 79 79 + *p++ = ':'; 80 80 + p = bin2hex(p, lookup, len); 81 81 + *p = 0; 82 82 + 83 83 + pr_debug("Look up: \"%s\"\n", req); 84 84 + 85 85 + ref = keyring_search(make_key_ref(keyring, 1), 86 86 + &key_type_asymmetric, req); 87 87 + if (IS_ERR(ref)) 88 88 + pr_debug("Request for key '%s' err %ld\n", req, PTR_ERR(ref)); 89 89 + kfree(req); 90 90 + 91 91 + if (IS_ERR(ref)) { 92 92 + switch (PTR_ERR(ref)) { 93 93 + /* Hide some search errors */ 94 94 + case -EACCES: 95 95 + case -ENOTDIR: 96 96 + case -EAGAIN: 97 97 + return ERR_PTR(-ENOKEY); 98 98 + default: 99 99 + return ERR_CAST(ref); 100 100 + } 101 101 + } 102 102 + 103 103 + key = key_ref_to_ptr(ref); 104 104 + if (id_0 && id_1) { 105 105 + const struct asymmetric_key_ids *kids = asymmetric_key_ids(key); 106 106 + 107 107 + if (!kids->id[0]) { 108 108 + pr_debug("First ID matches, but second is missing\n"); 109 109 + goto reject; 110 110 + } 111 111 + if (!asymmetric_key_id_same(id_1, kids->id[1])) { 112 112 + pr_debug("First ID matches, but second does not\n"); 113 113 + goto reject; 114 114 + } 115 115 + } 116 116 + 117 117 + pr_devel("<==%s() = 0 [%x]\n", __func__, key_serial(key)); 118 118 + return key; 119 119 + 120 120 + reject: 121 121 + key_put(key); 122 122 + return ERR_PTR(-EKEYREJECTED); 123 123 + } 124 124 + EXPORT_SYMBOL_GPL(find_asymmetric_key); 125 125 + 126 126 + /** 38 127 * asymmetric_key_generate_id: Construct an asymmetric key ID 39 128 * @val_1: First binary blob 40 129 * @len_1: Length of first binary blob ··· 420 331 pr_devel("==>%s()\n", __func__); 421 332 422 333 if (subtype) { 423 423 - subtype->destroy(prep->payload.data[asym_crypto]); 334 334 + subtype->destroy(prep->payload.data[asym_crypto], 335 335 + prep->payload.data[asym_auth]); 424 336 module_put(subtype->owner); 425 337 } 426 338 asymmetric_key_free_kids(kids); ··· 436 346 struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key); 437 347 struct asymmetric_key_ids *kids = key->payload.data[asym_key_ids]; 438 348 void *data = key->payload.data[asym_crypto]; 349 349 + void *auth = key->payload.data[asym_auth]; 439 350 440 351 key->payload.data[asym_crypto] = NULL; 441 352 key->payload.data[asym_subtype] = NULL; 442 353 key->payload.data[asym_key_ids] = NULL; 354 354 + key->payload.data[asym_auth] = NULL; 443 355 444 356 if (subtype) { 445 445 - subtype->destroy(data); 357 357 + subtype->destroy(data, auth); 446 358 module_put(subtype->owner); 447 359 } 448 360

+7 -14

crypto/asymmetric_keys/mscode_parser.c

reviewed

··· 21 21 /* 22 22 * Parse a Microsoft Individual Code Signing blob 23 23 */ 24 24 - int mscode_parse(struct pefile_context *ctx) 24 24 + int mscode_parse(void *_ctx, const void *content_data, size_t data_len, 25 25 + size_t asn1hdrlen) 25 26 { 26 26 - const void *content_data; 27 27 - size_t data_len; 28 28 - int ret; 27 27 + struct pefile_context *ctx = _ctx; 29 28 30 30 - ret = pkcs7_get_content_data(ctx->pkcs7, &content_data, &data_len, 1); 31 31 - 32 32 - if (ret) { 33 33 - pr_debug("PKCS#7 message does not contain data\n"); 34 34 - return ret; 35 35 - } 36 36 - 29 29 + content_data -= asn1hdrlen; 30 30 + data_len += asn1hdrlen; 37 31 pr_devel("Data: %zu [%*ph]\n", data_len, (unsigned)(data_len), 38 32 content_data); 39 33 ··· 123 129 { 124 130 struct pefile_context *ctx = context; 125 131 126 126 - ctx->digest = value; 127 127 - ctx->digest_len = vlen; 128 128 - return 0; 132 132 + ctx->digest = kmemdup(value, vlen, GFP_KERNEL); 133 133 + return ctx->digest ? 0 : -ENOMEM; 129 134 }

+28 -44

crypto/asymmetric_keys/pkcs7_key_type.c

reviewed

··· 13 13 #include <linux/key.h> 14 14 #include <linux/err.h> 15 15 #include <linux/module.h> 16 16 + #include <linux/verification.h> 16 17 #include <linux/key-type.h> 17 17 - #include <keys/asymmetric-type.h> 18 18 - #include <crypto/pkcs7.h> 19 18 #include <keys/user-type.h> 20 20 - #include <keys/system_keyring.h> 21 21 - #include "pkcs7_parser.h" 22 19 23 20 MODULE_LICENSE("GPL"); 24 21 MODULE_DESCRIPTION("PKCS#7 testing key type"); ··· 26 29 "Usage to specify when verifying the PKCS#7 message"); 27 30 28 31 /* 32 32 + * Retrieve the PKCS#7 message content. 33 33 + */ 34 34 + static int pkcs7_view_content(void *ctx, const void *data, size_t len, 35 35 + size_t asn1hdrlen) 36 36 + { 37 37 + struct key_preparsed_payload *prep = ctx; 38 38 + const void *saved_prep_data; 39 39 + size_t saved_prep_datalen; 40 40 + int ret; 41 41 + 42 42 + saved_prep_data = prep->data; 43 43 + saved_prep_datalen = prep->datalen; 44 44 + prep->data = data; 45 45 + prep->datalen = len; 46 46 + 47 47 + ret = user_preparse(prep); 48 48 + 49 49 + prep->data = saved_prep_data; 50 50 + prep->datalen = saved_prep_datalen; 51 51 + return ret; 52 52 + } 53 53 + 54 54 + /* 29 55 * Preparse a PKCS#7 wrapped and validated data blob. 30 56 */ 31 57 static int pkcs7_preparse(struct key_preparsed_payload *prep) 32 58 { 33 59 enum key_being_used_for usage = pkcs7_usage; 34 34 - struct pkcs7_message *pkcs7; 35 35 - const void *data, *saved_prep_data; 36 36 - size_t datalen, saved_prep_datalen; 37 37 - bool trusted; 38 38 - int ret; 39 39 - 40 40 - kenter(""); 41 60 42 61 if (usage >= NR__KEY_BEING_USED_FOR) { 43 62 pr_err("Invalid usage type %d\n", usage); 44 63 return -EINVAL; 45 64 } 46 65 47 47 - saved_prep_data = prep->data; 48 48 - saved_prep_datalen = prep->datalen; 49 49 - pkcs7 = pkcs7_parse_message(saved_prep_data, saved_prep_datalen); 50 50 - if (IS_ERR(pkcs7)) { 51 51 - ret = PTR_ERR(pkcs7); 52 52 - goto error; 53 53 - } 54 54 - 55 55 - ret = pkcs7_verify(pkcs7, usage); 56 56 - if (ret < 0) 57 57 - goto error_free; 58 58 - 59 59 - ret = pkcs7_validate_trust(pkcs7, system_trusted_keyring, &trusted); 60 60 - if (ret < 0) 61 61 - goto error_free; 62 62 - if (!trusted) 63 63 - pr_warn("PKCS#7 message doesn't chain back to a trusted key\n"); 64 64 - 65 65 - ret = pkcs7_get_content_data(pkcs7, &data, &datalen, false); 66 66 - if (ret < 0) 67 67 - goto error_free; 68 68 - 69 69 - prep->data = data; 70 70 - prep->datalen = datalen; 71 71 - ret = user_preparse(prep); 72 72 - prep->data = saved_prep_data; 73 73 - prep->datalen = saved_prep_datalen; 74 74 - 75 75 - error_free: 76 76 - pkcs7_free_message(pkcs7); 77 77 - error: 78 78 - kleave(" = %d", ret); 79 79 - return ret; 66 66 + return verify_pkcs7_signature(NULL, 0, 67 67 + prep->data, prep->datalen, 68 68 + NULL, usage, 69 69 + pkcs7_view_content, prep); 80 70 } 81 71 82 72 /*

+34 -25

crypto/asymmetric_keys/pkcs7_parser.c

reviewed

··· 44 44 static void pkcs7_free_signed_info(struct pkcs7_signed_info *sinfo) 45 45 { 46 46 if (sinfo) { 47 47 - kfree(sinfo->sig.s); 48 48 - kfree(sinfo->sig.digest); 49 49 - kfree(sinfo->signing_cert_id); 47 47 + public_key_signature_free(sinfo->sig); 50 48 kfree(sinfo); 51 49 } 52 50 } ··· 123 125 ctx->sinfo = kzalloc(sizeof(struct pkcs7_signed_info), GFP_KERNEL); 124 126 if (!ctx->sinfo) 125 127 goto out_no_sinfo; 128 128 + ctx->sinfo->sig = kzalloc(sizeof(struct public_key_signature), 129 129 + GFP_KERNEL); 130 130 + if (!ctx->sinfo->sig) 131 131 + goto out_no_sig; 126 132 127 133 ctx->data = (unsigned long)data; 128 134 ctx->ppcerts = &ctx->certs; ··· 152 150 ctx->certs = cert->next; 153 151 x509_free_certificate(cert); 154 152 } 153 153 + out_no_sig: 155 154 pkcs7_free_signed_info(ctx->sinfo); 156 155 out_no_sinfo: 157 156 pkcs7_free_message(ctx->msg); ··· 168 165 * @pkcs7: The preparsed PKCS#7 message to access 169 166 * @_data: Place to return a pointer to the data 170 167 * @_data_len: Place to return the data length 171 171 - * @want_wrapper: True if the ASN.1 object header should be included in the data 168 168 + * @_headerlen: Size of ASN.1 header not included in _data 172 169 * 173 173 - * Get access to the data content of the PKCS#7 message, including, optionally, 174 174 - * the header of the ASN.1 object that contains it. Returns -ENODATA if the 175 175 - * data object was missing from the message. 170 170 + * Get access to the data content of the PKCS#7 message. The size of the 171 171 + * header of the ASN.1 object that contains it is also provided and can be used 172 172 + * to adjust *_data and *_data_len to get the entire object. 173 173 + * 174 174 + * Returns -ENODATA if the data object was missing from the message. 176 175 */ 177 176 int pkcs7_get_content_data(const struct pkcs7_message *pkcs7, 178 177 const void **_data, size_t *_data_len, 179 179 - bool want_wrapper) 178 178 + size_t *_headerlen) 180 179 { 181 181 - size_t wrapper; 182 182 - 183 180 if (!pkcs7->data) 184 181 return -ENODATA; 185 182 186 186 - wrapper = want_wrapper ? pkcs7->data_hdrlen : 0; 187 187 - *_data = pkcs7->data - wrapper; 188 188 - *_data_len = pkcs7->data_len + wrapper; 183 183 + *_data = pkcs7->data; 184 184 + *_data_len = pkcs7->data_len; 185 185 + if (_headerlen) 186 186 + *_headerlen = pkcs7->data_hdrlen; 189 187 return 0; 190 188 } 191 189 EXPORT_SYMBOL_GPL(pkcs7_get_content_data); ··· 222 218 223 219 switch (ctx->last_oid) { 224 220 case OID_md4: 225 225 - ctx->sinfo->sig.hash_algo = "md4"; 221 221 + ctx->sinfo->sig->hash_algo = "md4"; 226 222 break; 227 223 case OID_md5: 228 228 - ctx->sinfo->sig.hash_algo = "md5"; 224 224 + ctx->sinfo->sig->hash_algo = "md5"; 229 225 break; 230 226 case OID_sha1: 231 231 - ctx->sinfo->sig.hash_algo = "sha1"; 227 227 + ctx->sinfo->sig->hash_algo = "sha1"; 232 228 break; 233 229 case OID_sha256: 234 234 - ctx->sinfo->sig.hash_algo = "sha256"; 230 230 + ctx->sinfo->sig->hash_algo = "sha256"; 235 231 break; 236 232 case OID_sha384: 237 237 - ctx->sinfo->sig.hash_algo = "sha384"; 233 233 + ctx->sinfo->sig->hash_algo = "sha384"; 238 234 break; 239 235 case OID_sha512: 240 240 - ctx->sinfo->sig.hash_algo = "sha512"; 236 236 + ctx->sinfo->sig->hash_algo = "sha512"; 241 237 break; 242 238 case OID_sha224: 243 243 - ctx->sinfo->sig.hash_algo = "sha224"; 239 239 + ctx->sinfo->sig->hash_algo = "sha224"; 240 240 + break; 244 241 default: 245 242 printk("Unsupported digest algo: %u\n", ctx->last_oid); 246 243 return -ENOPKG; ··· 260 255 261 256 switch (ctx->last_oid) { 262 257 case OID_rsaEncryption: 263 263 - ctx->sinfo->sig.pkey_algo = "rsa"; 258 258 + ctx->sinfo->sig->pkey_algo = "rsa"; 264 259 break; 265 260 default: 266 261 printk("Unsupported pkey algo: %u\n", ctx->last_oid); ··· 620 615 { 621 616 struct pkcs7_parse_context *ctx = context; 622 617 623 623 - ctx->sinfo->sig.s = kmemdup(value, vlen, GFP_KERNEL); 624 624 - if (!ctx->sinfo->sig.s) 618 618 + ctx->sinfo->sig->s = kmemdup(value, vlen, GFP_KERNEL); 619 619 + if (!ctx->sinfo->sig->s) 625 620 return -ENOMEM; 626 621 627 627 - ctx->sinfo->sig.s_size = vlen; 622 622 + ctx->sinfo->sig->s_size = vlen; 628 623 return 0; 629 624 } 630 625 ··· 660 655 661 656 pr_devel("SINFO KID: %u [%*phN]\n", kid->len, kid->len, kid->data); 662 657 663 663 - sinfo->signing_cert_id = kid; 658 658 + sinfo->sig->auth_ids[0] = kid; 664 659 sinfo->index = ++ctx->sinfo_index; 665 660 *ctx->ppsinfo = sinfo; 666 661 ctx->ppsinfo = &sinfo->next; 667 662 ctx->sinfo = kzalloc(sizeof(struct pkcs7_signed_info), GFP_KERNEL); 668 663 if (!ctx->sinfo) 664 664 + return -ENOMEM; 665 665 + ctx->sinfo->sig = kzalloc(sizeof(struct public_key_signature), 666 666 + GFP_KERNEL); 667 667 + if (!ctx->sinfo->sig) 669 668 return -ENOMEM; 670 669 return 0; 671 670 }

+4 -7

crypto/asymmetric_keys/pkcs7_parser.h

reviewed

··· 22 22 struct pkcs7_signed_info *next; 23 23 struct x509_certificate *signer; /* Signing certificate (in msg->certs) */ 24 24 unsigned index; 25 25 - bool trusted; 26 25 bool unsupported_crypto; /* T if not usable due to missing crypto */ 27 26 28 27 /* Message digest - the digest of the Content Data (or NULL) */ ··· 40 41 #define sinfo_has_ms_statement_type 5 41 42 time64_t signing_time; 42 43 43 43 - /* Issuing cert serial number and issuer's name [PKCS#7 or CMS ver 1] 44 44 - * or issuing cert's SKID [CMS ver 3]. 45 45 - */ 46 46 - struct asymmetric_key_id *signing_cert_id; 47 47 - 48 44 /* Message signature. 49 45 * 50 46 * This contains the generated digest of _either_ the Content Data or 51 47 * the Authenticated Attributes [RFC2315 9.3]. If the latter, one of 52 48 * the attributes contains the digest of the the Content Data within 53 49 * it. 50 50 + * 51 51 + * THis also contains the issuing cert serial number and issuer's name 52 52 + * [PKCS#7 or CMS ver 1] or issuing cert's SKID [CMS ver 3]. 54 53 */ 55 55 - struct public_key_signature sig; 54 54 + struct public_key_signature *sig; 56 55 }; 57 56 58 57 struct pkcs7_message {

+14 -29

crypto/asymmetric_keys/pkcs7_trust.c

reviewed

··· 27 27 struct pkcs7_signed_info *sinfo, 28 28 struct key *trust_keyring) 29 29 { 30 30 - struct public_key_signature *sig = &sinfo->sig; 30 30 + struct public_key_signature *sig = sinfo->sig; 31 31 struct x509_certificate *x509, *last = NULL, *p; 32 32 struct key *key; 33 33 - bool trusted; 34 33 int ret; 35 34 36 35 kenter(",%u,", sinfo->index); ··· 41 42 42 43 for (x509 = sinfo->signer; x509; x509 = x509->signer) { 43 44 if (x509->seen) { 44 44 - if (x509->verified) { 45 45 - trusted = x509->trusted; 45 45 + if (x509->verified) 46 46 goto verified; 47 47 - } 48 47 kleave(" = -ENOKEY [cached]"); 49 48 return -ENOKEY; 50 49 } ··· 51 54 /* Look to see if this certificate is present in the trusted 52 55 * keys. 53 56 */ 54 54 - key = x509_request_asymmetric_key(trust_keyring, 55 55 - x509->id, x509->skid, 56 56 - false); 57 57 + key = find_asymmetric_key(trust_keyring, 58 58 + x509->id, x509->skid, false); 57 59 if (!IS_ERR(key)) { 58 60 /* One of the X.509 certificates in the PKCS#7 message 59 61 * is apparently the same as one we already trust. ··· 76 80 77 81 might_sleep(); 78 82 last = x509; 79 79 - sig = &last->sig; 83 83 + sig = last->sig; 80 84 } 81 85 82 86 /* No match - see if the root certificate has a signer amongst the 83 87 * trusted keys. 84 88 */ 85 85 - if (last && (last->akid_id || last->akid_skid)) { 86 86 - key = x509_request_asymmetric_key(trust_keyring, 87 87 - last->akid_id, 88 88 - last->akid_skid, 89 89 - false); 89 89 + if (last && (last->sig->auth_ids[0] || last->sig->auth_ids[1])) { 90 90 + key = find_asymmetric_key(trust_keyring, 91 91 + last->sig->auth_ids[0], 92 92 + last->sig->auth_ids[1], 93 93 + false); 90 94 if (!IS_ERR(key)) { 91 95 x509 = last; 92 96 pr_devel("sinfo %u: Root cert %u signer is key %x\n", ··· 100 104 /* As a last resort, see if we have a trusted public key that matches 101 105 * the signed info directly. 102 106 */ 103 103 - key = x509_request_asymmetric_key(trust_keyring, 104 104 - sinfo->signing_cert_id, 105 105 - NULL, 106 106 - false); 107 107 + key = find_asymmetric_key(trust_keyring, 108 108 + sinfo->sig->auth_ids[0], NULL, false); 107 109 if (!IS_ERR(key)) { 108 110 pr_devel("sinfo %u: Direct signer is key %x\n", 109 111 sinfo->index, key_serial(key)); ··· 116 122 117 123 matched: 118 124 ret = verify_signature(key, sig); 119 119 - trusted = test_bit(KEY_FLAG_TRUSTED, &key->flags); 120 125 key_put(key); 121 126 if (ret < 0) { 122 127 if (ret == -ENOMEM) ··· 127 134 verified: 128 135 if (x509) { 129 136 x509->verified = true; 130 130 - for (p = sinfo->signer; p != x509; p = p->signer) { 137 137 + for (p = sinfo->signer; p != x509; p = p->signer) 131 138 p->verified = true; 132 132 - p->trusted = trusted; 133 133 - } 134 139 } 135 135 - sinfo->trusted = trusted; 136 140 kleave(" = 0"); 137 141 return 0; 138 142 } ··· 138 148 * pkcs7_validate_trust - Validate PKCS#7 trust chain 139 149 * @pkcs7: The PKCS#7 certificate to validate 140 150 * @trust_keyring: Signing certificates to use as starting points 141 141 - * @_trusted: Set to true if trustworth, false otherwise 142 151 * 143 152 * Validate that the certificate chain inside the PKCS#7 message intersects 144 153 * keys we already know and trust. ··· 159 170 * May also return -ENOMEM. 160 171 */ 161 172 int pkcs7_validate_trust(struct pkcs7_message *pkcs7, 162 162 - struct key *trust_keyring, 163 163 - bool *_trusted) 173 173 + struct key *trust_keyring) 164 174 { 165 175 struct pkcs7_signed_info *sinfo; 166 176 struct x509_certificate *p; 167 177 int cached_ret = -ENOKEY; 168 178 int ret; 169 169 - 170 170 - *_trusted = false; 171 179 172 180 for (p = pkcs7->certs; p; p = p->next) 173 181 p->seen = false; ··· 179 193 cached_ret = -ENOPKG; 180 194 continue; 181 195 case 0: 182 182 - *_trusted |= sinfo->trusted; 183 196 cached_ret = 0; 184 197 continue; 185 198 default:

+46 -61

crypto/asymmetric_keys/pkcs7_verify.c

reviewed

··· 25 25 static int pkcs7_digest(struct pkcs7_message *pkcs7, 26 26 struct pkcs7_signed_info *sinfo) 27 27 { 28 28 + struct public_key_signature *sig = sinfo->sig; 28 29 struct crypto_shash *tfm; 29 30 struct shash_desc *desc; 30 30 - size_t digest_size, desc_size; 31 31 - void *digest; 31 31 + size_t desc_size; 32 32 int ret; 33 33 34 34 - kenter(",%u,%s", sinfo->index, sinfo->sig.hash_algo); 34 34 + kenter(",%u,%s", sinfo->index, sinfo->sig->hash_algo); 35 35 36 36 - if (!sinfo->sig.hash_algo) 36 36 + if (!sinfo->sig->hash_algo) 37 37 return -ENOPKG; 38 38 39 39 /* Allocate the hashing algorithm we're going to need and find out how 40 40 * big the hash operational data will be. 41 41 */ 42 42 - tfm = crypto_alloc_shash(sinfo->sig.hash_algo, 0, 0); 42 42 + tfm = crypto_alloc_shash(sinfo->sig->hash_algo, 0, 0); 43 43 if (IS_ERR(tfm)) 44 44 return (PTR_ERR(tfm) == -ENOENT) ? -ENOPKG : PTR_ERR(tfm); 45 45 46 46 desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); 47 47 - sinfo->sig.digest_size = digest_size = crypto_shash_digestsize(tfm); 47 47 + sig->digest_size = crypto_shash_digestsize(tfm); 48 48 49 49 ret = -ENOMEM; 50 50 - digest = kzalloc(ALIGN(digest_size, __alignof__(*desc)) + desc_size, 51 51 - GFP_KERNEL); 52 52 - if (!digest) 50 50 + sig->digest = kmalloc(sig->digest_size, GFP_KERNEL); 51 51 + if (!sig->digest) 53 52 goto error_no_desc; 54 53 55 55 - desc = PTR_ALIGN(digest + digest_size, __alignof__(*desc)); 54 54 + desc = kzalloc(desc_size, GFP_KERNEL); 55 55 + if (!desc) 56 56 + goto error_no_desc; 57 57 + 56 58 desc->tfm = tfm; 57 59 desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; 58 60 ··· 62 60 ret = crypto_shash_init(desc); 63 61 if (ret < 0) 64 62 goto error; 65 65 - ret = crypto_shash_finup(desc, pkcs7->data, pkcs7->data_len, digest); 63 63 + ret = crypto_shash_finup(desc, pkcs7->data, pkcs7->data_len, 64 64 + sig->digest); 66 65 if (ret < 0) 67 66 goto error; 68 68 - pr_devel("MsgDigest = [%*ph]\n", 8, digest); 67 67 + pr_devel("MsgDigest = [%*ph]\n", 8, sig->digest); 69 68 70 69 /* However, if there are authenticated attributes, there must be a 71 70 * message digest attribute amongst them which corresponds to the ··· 81 78 goto error; 82 79 } 83 80 84 84 - if (sinfo->msgdigest_len != sinfo->sig.digest_size) { 81 81 + if (sinfo->msgdigest_len != sig->digest_size) { 85 82 pr_debug("Sig %u: Invalid digest size (%u)\n", 86 83 sinfo->index, sinfo->msgdigest_len); 87 84 ret = -EBADMSG; 88 85 goto error; 89 86 } 90 87 91 91 - if (memcmp(digest, sinfo->msgdigest, sinfo->msgdigest_len) != 0) { 88 88 + if (memcmp(sig->digest, sinfo->msgdigest, 89 89 + sinfo->msgdigest_len) != 0) { 92 90 pr_debug("Sig %u: Message digest doesn't match\n", 93 91 sinfo->index); 94 92 ret = -EKEYREJECTED; ··· 101 97 * convert the attributes from a CONT.0 into a SET before we 102 98 * hash it. 103 99 */ 104 104 - memset(digest, 0, sinfo->sig.digest_size); 100 100 + memset(sig->digest, 0, sig->digest_size); 105 101 106 102 ret = crypto_shash_init(desc); 107 103 if (ret < 0) ··· 111 107 if (ret < 0) 112 108 goto error; 113 109 ret = crypto_shash_finup(desc, sinfo->authattrs, 114 114 - sinfo->authattrs_len, digest); 110 110 + sinfo->authattrs_len, sig->digest); 115 111 if (ret < 0) 116 112 goto error; 117 117 - pr_devel("AADigest = [%*ph]\n", 8, digest); 113 113 + pr_devel("AADigest = [%*ph]\n", 8, sig->digest); 118 114 } 119 115 120 120 - sinfo->sig.digest = digest; 121 121 - digest = NULL; 122 122 - 123 116 error: 124 124 - kfree(digest); 117 117 + kfree(desc); 125 118 error_no_desc: 126 119 crypto_free_shash(tfm); 127 120 kleave(" = %d", ret); ··· 145 144 * PKCS#7 message - but I can't be 100% sure of that. It's 146 145 * possible this will need element-by-element comparison. 147 146 */ 148 148 - if (!asymmetric_key_id_same(x509->id, sinfo->signing_cert_id)) 147 147 + if (!asymmetric_key_id_same(x509->id, sinfo->sig->auth_ids[0])) 149 148 continue; 150 149 pr_devel("Sig %u: Found cert serial match X.509[%u]\n", 151 150 sinfo->index, certix); 152 151 153 153 - if (x509->pub->pkey_algo != sinfo->sig.pkey_algo) { 152 152 + if (x509->pub->pkey_algo != sinfo->sig->pkey_algo) { 154 153 pr_warn("Sig %u: X.509 algo and PKCS#7 sig algo don't match\n", 155 154 sinfo->index); 156 155 continue; ··· 165 164 */ 166 165 pr_debug("Sig %u: Issuing X.509 cert not found (#%*phN)\n", 167 166 sinfo->index, 168 168 - sinfo->signing_cert_id->len, sinfo->signing_cert_id->data); 167 167 + sinfo->sig->auth_ids[0]->len, sinfo->sig->auth_ids[0]->data); 169 168 return 0; 170 169 } 171 170 ··· 175 174 static int pkcs7_verify_sig_chain(struct pkcs7_message *pkcs7, 176 175 struct pkcs7_signed_info *sinfo) 177 176 { 177 177 + struct public_key_signature *sig; 178 178 struct x509_certificate *x509 = sinfo->signer, *p; 179 179 struct asymmetric_key_id *auth; 180 180 int ret; ··· 190 188 x509->subject, 191 189 x509->raw_serial_size, x509->raw_serial); 192 190 x509->seen = true; 193 193 - ret = x509_get_sig_params(x509); 194 194 - if (ret < 0) 195 195 - goto maybe_missing_crypto_in_x509; 191 191 + if (x509->unsupported_key) 192 192 + goto unsupported_crypto_in_x509; 196 193 197 194 pr_debug("- issuer %s\n", x509->issuer); 198 198 - if (x509->akid_id) 195 195 + sig = x509->sig; 196 196 + if (sig->auth_ids[0]) 199 197 pr_debug("- authkeyid.id %*phN\n", 200 200 - x509->akid_id->len, x509->akid_id->data); 201 201 - if (x509->akid_skid) 198 198 + sig->auth_ids[0]->len, sig->auth_ids[0]->data); 199 199 + if (sig->auth_ids[1]) 202 200 pr_debug("- authkeyid.skid %*phN\n", 203 203 - x509->akid_skid->len, x509->akid_skid->data); 201 201 + sig->auth_ids[1]->len, sig->auth_ids[1]->data); 204 202 205 205 - if ((!x509->akid_id && !x509->akid_skid) || 206 206 - strcmp(x509->subject, x509->issuer) == 0) { 203 203 + if (x509->self_signed) { 207 204 /* If there's no authority certificate specified, then 208 205 * the certificate must be self-signed and is the root 209 206 * of the chain. Likewise if the cert is its own 210 207 * authority. 211 208 */ 212 212 - pr_debug("- no auth?\n"); 213 213 - if (x509->raw_subject_size != x509->raw_issuer_size || 214 214 - memcmp(x509->raw_subject, x509->raw_issuer, 215 215 - x509->raw_issuer_size) != 0) 216 216 - return 0; 217 217 - 218 218 - ret = x509_check_signature(x509->pub, x509); 219 219 - if (ret < 0) 220 220 - goto maybe_missing_crypto_in_x509; 209 209 + if (x509->unsupported_sig) 210 210 + goto unsupported_crypto_in_x509; 221 211 x509->signer = x509; 222 212 pr_debug("- self-signed\n"); 223 213 return 0; ··· 218 224 /* Look through the X.509 certificates in the PKCS#7 message's 219 225 * list to see if the next one is there. 220 226 */ 221 221 - auth = x509->akid_id; 227 227 + auth = sig->auth_ids[0]; 222 228 if (auth) { 223 229 pr_debug("- want %*phN\n", auth->len, auth->data); 224 230 for (p = pkcs7->certs; p; p = p->next) { ··· 228 234 goto found_issuer_check_skid; 229 235 } 230 236 } else { 231 231 - auth = x509->akid_skid; 237 237 + auth = sig->auth_ids[1]; 232 238 pr_debug("- want %*phN\n", auth->len, auth->data); 233 239 for (p = pkcs7->certs; p; p = p->next) { 234 240 if (!p->skid) ··· 248 254 /* We matched issuer + serialNumber, but if there's an 249 255 * authKeyId.keyId, that must match the CA subjKeyId also. 250 256 */ 251 251 - if (x509->akid_skid && 252 252 - !asymmetric_key_id_same(p->skid, x509->akid_skid)) { 257 257 + if (sig->auth_ids[1] && 258 258 + !asymmetric_key_id_same(p->skid, sig->auth_ids[1])) { 253 259 pr_warn("Sig %u: X.509 chain contains auth-skid nonmatch (%u->%u)\n", 254 260 sinfo->index, x509->index, p->index); 255 261 return -EKEYREJECTED; ··· 261 267 sinfo->index); 262 268 return 0; 263 269 } 264 264 - ret = x509_check_signature(p->pub, x509); 270 270 + ret = public_key_verify_signature(p->pub, p->sig); 265 271 if (ret < 0) 266 272 return ret; 267 273 x509->signer = p; ··· 273 279 might_sleep(); 274 280 } 275 281 276 276 - maybe_missing_crypto_in_x509: 282 282 + unsupported_crypto_in_x509: 277 283 /* Just prune the certificate chain at this point if we lack some 278 284 * crypto module to go further. Note, however, we don't want to set 279 279 - * sinfo->missing_crypto as the signed info block may still be 285 285 + * sinfo->unsupported_crypto as the signed info block may still be 280 286 * validatable against an X.509 cert lower in the chain that we have a 281 287 * trusted copy of. 282 288 */ 283 283 - if (ret == -ENOPKG) 284 284 - return 0; 285 285 - return ret; 289 289 + return 0; 286 290 } 287 291 288 292 /* ··· 324 332 } 325 333 326 334 /* Verify the PKCS#7 binary against the key */ 327 327 - ret = public_key_verify_signature(sinfo->signer->pub, &sinfo->sig); 335 335 + ret = public_key_verify_signature(sinfo->signer->pub, sinfo->sig); 328 336 if (ret < 0) 329 337 return ret; 330 338 ··· 367 375 enum key_being_used_for usage) 368 376 { 369 377 struct pkcs7_signed_info *sinfo; 370 370 - struct x509_certificate *x509; 371 378 int enopkg = -ENOPKG; 372 372 - int ret, n; 379 379 + int ret; 373 380 374 381 kenter(""); 375 382 ··· 408 417 break; 409 418 default: 410 419 return -EINVAL; 411 411 - } 412 412 - 413 413 - for (n = 0, x509 = pkcs7->certs; x509; x509 = x509->next, n++) { 414 414 - ret = x509_get_sig_params(x509); 415 415 - if (ret < 0) 416 416 - return ret; 417 420 } 418 421 419 422 for (sinfo = pkcs7->signed_infos; sinfo; sinfo = sinfo->next) {

+14 -6

crypto/asymmetric_keys/public_key.c

reviewed

··· 39 39 /* 40 40 * Destroy a public key algorithm key. 41 41 */ 42 42 - void public_key_destroy(void *payload) 42 42 + void public_key_free(struct public_key *key) 43 43 { 44 44 - struct public_key *key = payload; 45 45 - 46 46 - if (key) 44 44 + if (key) { 47 45 kfree(key->key); 48 48 - kfree(key); 46 46 + kfree(key); 47 47 + } 49 48 } 50 50 - EXPORT_SYMBOL_GPL(public_key_destroy); 49 49 + EXPORT_SYMBOL_GPL(public_key_free); 50 50 + 51 51 + /* 52 52 + * Destroy a public key algorithm key. 53 53 + */ 54 54 + static void public_key_destroy(void *payload0, void *payload3) 55 55 + { 56 56 + public_key_free(payload0); 57 57 + public_key_signature_free(payload3); 58 58 + } 51 59 52 60 struct public_key_completion { 53 61 struct completion completion;

+108

crypto/asymmetric_keys/restrict.c

reviewed

··· 1 1 + /* Instantiate a public key crypto key from an X.509 Certificate 2 2 + * 3 3 + * Copyright (C) 2012, 2016 Red Hat, Inc. All Rights Reserved. 4 4 + * Written by David Howells (dhowells@redhat.com) 5 5 + * 6 6 + * This program is free software; you can redistribute it and/or 7 7 + * modify it under the terms of the GNU General Public Licence 8 8 + * as published by the Free Software Foundation; either version 9 9 + * 2 of the Licence, or (at your option) any later version. 10 10 + */ 11 11 + 12 12 + #define pr_fmt(fmt) "ASYM: "fmt 13 13 + #include <linux/module.h> 14 14 + #include <linux/kernel.h> 15 15 + #include <linux/err.h> 16 16 + #include <crypto/public_key.h> 17 17 + #include "asymmetric_keys.h" 18 18 + 19 19 + static bool use_builtin_keys; 20 20 + static struct asymmetric_key_id *ca_keyid; 21 21 + 22 22 + #ifndef MODULE 23 23 + static struct { 24 24 + struct asymmetric_key_id id; 25 25 + unsigned char data[10]; 26 26 + } cakey; 27 27 + 28 28 + static int __init ca_keys_setup(char *str) 29 29 + { 30 30 + if (!str) /* default system keyring */ 31 31 + return 1; 32 32 + 33 33 + if (strncmp(str, "id:", 3) == 0) { 34 34 + struct asymmetric_key_id *p = &cakey.id; 35 35 + size_t hexlen = (strlen(str) - 3) / 2; 36 36 + int ret; 37 37 + 38 38 + if (hexlen == 0 || hexlen > sizeof(cakey.data)) { 39 39 + pr_err("Missing or invalid ca_keys id\n"); 40 40 + return 1; 41 41 + } 42 42 + 43 43 + ret = __asymmetric_key_hex_to_key_id(str + 3, p, hexlen); 44 44 + if (ret < 0) 45 45 + pr_err("Unparsable ca_keys id hex string\n"); 46 46 + else 47 47 + ca_keyid = p; /* owner key 'id:xxxxxx' */ 48 48 + } else if (strcmp(str, "builtin") == 0) { 49 49 + use_builtin_keys = true; 50 50 + } 51 51 + 52 52 + return 1; 53 53 + } 54 54 + __setup("ca_keys=", ca_keys_setup); 55 55 + #endif 56 56 + 57 57 + /** 58 58 + * restrict_link_by_signature - Restrict additions to a ring of public keys 59 59 + * @trust_keyring: A ring of keys that can be used to vouch for the new cert. 60 60 + * @type: The type of key being added. 61 61 + * @payload: The payload of the new key. 62 62 + * 63 63 + * Check the new certificate against the ones in the trust keyring. If one of 64 64 + * those is the signing key and validates the new certificate, then mark the 65 65 + * new certificate as being trusted. 66 66 + * 67 67 + * Returns 0 if the new certificate was accepted, -ENOKEY if we couldn't find a 68 68 + * matching parent certificate in the trusted list, -EKEYREJECTED if the 69 69 + * signature check fails or the key is blacklisted and some other error if 70 70 + * there is a matching certificate but the signature check cannot be performed. 71 71 + */ 72 72 + int restrict_link_by_signature(struct key *trust_keyring, 73 73 + const struct key_type *type, 74 74 + const union key_payload *payload) 75 75 + { 76 76 + const struct public_key_signature *sig; 77 77 + struct key *key; 78 78 + int ret; 79 79 + 80 80 + pr_devel("==>%s()\n", __func__); 81 81 + 82 82 + if (!trust_keyring) 83 83 + return -ENOKEY; 84 84 + 85 85 + if (type != &key_type_asymmetric) 86 86 + return -EOPNOTSUPP; 87 87 + 88 88 + sig = payload->data[asym_auth]; 89 89 + if (!sig->auth_ids[0] && !sig->auth_ids[1]) 90 90 + return 0; 91 91 + 92 92 + if (ca_keyid && !asymmetric_key_id_partial(sig->auth_ids[1], ca_keyid)) 93 93 + return -EPERM; 94 94 + 95 95 + /* See if we have a key that signed this one. */ 96 96 + key = find_asymmetric_key(trust_keyring, 97 97 + sig->auth_ids[0], sig->auth_ids[1], 98 98 + false); 99 99 + if (IS_ERR(key)) 100 100 + return -ENOKEY; 101 101 + 102 102 + if (use_builtin_keys && !test_bit(KEY_FLAG_BUILTIN, &key->flags)) 103 103 + ret = -ENOKEY; 104 104 + else 105 105 + ret = verify_signature(key, sig); 106 106 + key_put(key); 107 107 + return ret; 108 108 + }

+18

crypto/asymmetric_keys/signature.c

reviewed

··· 15 15 #include <keys/asymmetric-subtype.h> 16 16 #include <linux/export.h> 17 17 #include <linux/err.h> 18 18 + #include <linux/slab.h> 18 19 #include <crypto/public_key.h> 19 20 #include "asymmetric_keys.h" 21 21 + 22 22 + /* 23 23 + * Destroy a public key signature. 24 24 + */ 25 25 + void public_key_signature_free(struct public_key_signature *sig) 26 26 + { 27 27 + int i; 28 28 + 29 29 + if (sig) { 30 30 + for (i = 0; i < ARRAY_SIZE(sig->auth_ids); i++) 31 31 + kfree(sig->auth_ids[i]); 32 32 + kfree(sig->s); 33 33 + kfree(sig->digest); 34 34 + kfree(sig); 35 35 + } 36 36 + } 37 37 + EXPORT_SYMBOL_GPL(public_key_signature_free); 20 38 21 39 /** 22 40 * verify_signature - Initiate the use of an asymmetric key to verify a signature

+9 -31

crypto/asymmetric_keys/verify_pefile.c

reviewed

··· 16 16 #include <linux/err.h> 17 17 #include <linux/pe.h> 18 18 #include <linux/asn1.h> 19 19 - #include <crypto/pkcs7.h> 19 19 + #include <linux/verification.h> 20 20 #include <crypto/hash.h> 21 21 #include "verify_pefile.h" 22 22 ··· 392 392 * verify_pefile_signature - Verify the signature on a PE binary image 393 393 * @pebuf: Buffer containing the PE binary image 394 394 * @pelen: Length of the binary image 395 395 - * @trust_keyring: Signing certificates to use as starting points 395 395 + * @trust_keys: Signing certificate(s) to use as starting points 396 396 * @usage: The use to which the key is being put. 397 397 - * @_trusted: Set to true if trustworth, false otherwise 398 397 * 399 398 * Validate that the certificate chain inside the PKCS#7 message inside the PE 400 399 * binary image intersects keys we already know and trust. ··· 417 418 * May also return -ENOMEM. 418 419 */ 419 420 int verify_pefile_signature(const void *pebuf, unsigned pelen, 420 420 - struct key *trusted_keyring, 421 421 - enum key_being_used_for usage, 422 422 - bool *_trusted) 421 421 + struct key *trusted_keys, 422 422 + enum key_being_used_for usage) 423 423 { 424 424 - struct pkcs7_message *pkcs7; 425 424 struct pefile_context ctx; 426 426 - const void *data; 427 427 - size_t datalen; 428 425 int ret; 429 426 430 427 kenter(""); ··· 434 439 if (ret < 0) 435 440 return ret; 436 441 437 437 - pkcs7 = pkcs7_parse_message(pebuf + ctx.sig_offset, ctx.sig_len); 438 438 - if (IS_ERR(pkcs7)) 439 439 - return PTR_ERR(pkcs7); 440 440 - ctx.pkcs7 = pkcs7; 441 441 - 442 442 - ret = pkcs7_get_content_data(ctx.pkcs7, &data, &datalen, false); 443 443 - if (ret < 0 || datalen == 0) { 444 444 - pr_devel("PKCS#7 message does not contain data\n"); 445 445 - ret = -EBADMSG; 446 446 - goto error; 447 447 - } 448 448 - 449 449 - ret = mscode_parse(&ctx); 442 442 + ret = verify_pkcs7_signature(NULL, 0, 443 443 + pebuf + ctx.sig_offset, ctx.sig_len, 444 444 + trusted_keys, usage, 445 445 + mscode_parse, &ctx); 450 446 if (ret < 0) 451 447 goto error; 452 448 ··· 448 462 * contents. 449 463 */ 450 464 ret = pefile_digest_pe(pebuf, pelen, &ctx); 451 451 - if (ret < 0) 452 452 - goto error; 453 453 - 454 454 - ret = pkcs7_verify(pkcs7, usage); 455 455 - if (ret < 0) 456 456 - goto error; 457 457 - 458 458 - ret = pkcs7_validate_trust(pkcs7, trusted_keyring, _trusted); 459 465 460 466 error: 461 461 - pkcs7_free_message(ctx.pkcs7); 467 467 + kfree(ctx.digest); 462 468 return ret; 463 469 }

+2 -3

crypto/asymmetric_keys/verify_pefile.h

reviewed

··· 9 9 * 2 of the Licence, or (at your option) any later version. 10 10 */ 11 11 12 12 - #include <linux/verify_pefile.h> 13 12 #include <crypto/pkcs7.h> 14 13 #include <crypto/hash_info.h> 15 14 ··· 22 23 unsigned sig_offset; 23 24 unsigned sig_len; 24 25 const struct section_header *secs; 25 25 - struct pkcs7_message *pkcs7; 26 26 27 27 /* PKCS#7 MS Individual Code Signing content */ 28 28 const void *digest; /* Digest */ ··· 37 39 /* 38 40 * mscode_parser.c 39 41 */ 40 40 - extern int mscode_parse(struct pefile_context *ctx); 42 42 + extern int mscode_parse(void *_ctx, const void *content_data, size_t data_len, 43 43 + size_t asn1hdrlen);

+31 -21

crypto/asymmetric_keys/x509_cert_parser.c

reviewed

··· 47 47 void x509_free_certificate(struct x509_certificate *cert) 48 48 { 49 49 if (cert) { 50 50 - public_key_destroy(cert->pub); 50 50 + public_key_free(cert->pub); 51 51 + public_key_signature_free(cert->sig); 51 52 kfree(cert->issuer); 52 53 kfree(cert->subject); 53 54 kfree(cert->id); 54 55 kfree(cert->skid); 55 55 - kfree(cert->akid_id); 56 56 - kfree(cert->akid_skid); 57 57 - kfree(cert->sig.digest); 58 58 - kfree(cert->sig.s); 59 56 kfree(cert); 60 57 } 61 58 } ··· 74 77 goto error_no_cert; 75 78 cert->pub = kzalloc(sizeof(struct public_key), GFP_KERNEL); 76 79 if (!cert->pub) 80 80 + goto error_no_ctx; 81 81 + cert->sig = kzalloc(sizeof(struct public_key_signature), GFP_KERNEL); 82 82 + if (!cert->sig) 77 83 goto error_no_ctx; 78 84 ctx = kzalloc(sizeof(struct x509_parse_context), GFP_KERNEL); 79 85 if (!ctx) ··· 108 108 109 109 cert->pub->keylen = ctx->key_size; 110 110 111 111 + /* Grab the signature bits */ 112 112 + ret = x509_get_sig_params(cert); 113 113 + if (ret < 0) 114 114 + goto error_decode; 115 115 + 111 116 /* Generate cert issuer + serial number key ID */ 112 117 kid = asymmetric_key_generate_id(cert->raw_serial, 113 118 cert->raw_serial_size, ··· 123 118 goto error_decode; 124 119 } 125 120 cert->id = kid; 121 121 + 122 122 + /* Detect self-signed certificates */ 123 123 + ret = x509_check_for_self_signed(cert); 124 124 + if (ret < 0) 125 125 + goto error_decode; 126 126 127 127 kfree(ctx); 128 128 return cert; ··· 198 188 return -ENOPKG; /* Unsupported combination */ 199 189 200 190 case OID_md4WithRSAEncryption: 201 201 - ctx->cert->sig.hash_algo = "md4"; 202 202 - ctx->cert->sig.pkey_algo = "rsa"; 191 191 + ctx->cert->sig->hash_algo = "md4"; 192 192 + ctx->cert->sig->pkey_algo = "rsa"; 203 193 break; 204 194 205 195 case OID_sha1WithRSAEncryption: 206 206 - ctx->cert->sig.hash_algo = "sha1"; 207 207 - ctx->cert->sig.pkey_algo = "rsa"; 196 196 + ctx->cert->sig->hash_algo = "sha1"; 197 197 + ctx->cert->sig->pkey_algo = "rsa"; 208 198 break; 209 199 210 200 case OID_sha256WithRSAEncryption: 211 211 - ctx->cert->sig.hash_algo = "sha256"; 212 212 - ctx->cert->sig.pkey_algo = "rsa"; 201 201 + ctx->cert->sig->hash_algo = "sha256"; 202 202 + ctx->cert->sig->pkey_algo = "rsa"; 213 203 break; 214 204 215 205 case OID_sha384WithRSAEncryption: 216 216 - ctx->cert->sig.hash_algo = "sha384"; 217 217 - ctx->cert->sig.pkey_algo = "rsa"; 206 206 + ctx->cert->sig->hash_algo = "sha384"; 207 207 + ctx->cert->sig->pkey_algo = "rsa"; 218 208 break; 219 209 220 210 case OID_sha512WithRSAEncryption: 221 221 - ctx->cert->sig.hash_algo = "sha512"; 222 222 - ctx->cert->sig.pkey_algo = "rsa"; 211 211 + ctx->cert->sig->hash_algo = "sha512"; 212 212 + ctx->cert->sig->pkey_algo = "rsa"; 223 213 break; 224 214 225 215 case OID_sha224WithRSAEncryption: 226 226 - ctx->cert->sig.hash_algo = "sha224"; 227 227 - ctx->cert->sig.pkey_algo = "rsa"; 216 216 + ctx->cert->sig->hash_algo = "sha224"; 217 217 + ctx->cert->sig->pkey_algo = "rsa"; 228 218 break; 229 219 } 230 220 ··· 582 572 583 573 pr_debug("AKID: keyid: %*phN\n", (int)vlen, value); 584 574 585 585 - if (ctx->cert->akid_skid) 575 575 + if (ctx->cert->sig->auth_ids[1]) 586 576 return 0; 587 577 588 578 kid = asymmetric_key_generate_id(value, vlen, "", 0); 589 579 if (IS_ERR(kid)) 590 580 return PTR_ERR(kid); 591 581 pr_debug("authkeyid %*phN\n", kid->len, kid->data); 592 592 - ctx->cert->akid_skid = kid; 582 582 + ctx->cert->sig->auth_ids[1] = kid; 593 583 return 0; 594 584 } 595 585 ··· 621 611 622 612 pr_debug("AKID: serial: %*phN\n", (int)vlen, value); 623 613 624 624 - if (!ctx->akid_raw_issuer || ctx->cert->akid_id) 614 614 + if (!ctx->akid_raw_issuer || ctx->cert->sig->auth_ids[0]) 625 615 return 0; 626 616 627 617 kid = asymmetric_key_generate_id(value, ··· 632 622 return PTR_ERR(kid); 633 623 634 624 pr_debug("authkeyid %*phN\n", kid->len, kid->data); 635 635 - ctx->cert->akid_id = kid; 625 625 + ctx->cert->sig->auth_ids[0] = kid; 636 626 return 0; 637 627 }

+5 -7

crypto/asymmetric_keys/x509_parser.h

reviewed

··· 17 17 struct x509_certificate *next; 18 18 struct x509_certificate *signer; /* Certificate that signed this one */ 19 19 struct public_key *pub; /* Public key details */ 20 20 - struct public_key_signature sig; /* Signature parameters */ 20 20 + struct public_key_signature *sig; /* Signature parameters */ 21 21 char *issuer; /* Name of certificate issuer */ 22 22 char *subject; /* Name of certificate subject */ 23 23 struct asymmetric_key_id *id; /* Issuer + Serial number */ 24 24 struct asymmetric_key_id *skid; /* Subject + subjectKeyId (optional) */ 25 25 - struct asymmetric_key_id *akid_id; /* CA AuthKeyId matching ->id (optional) */ 26 26 - struct asymmetric_key_id *akid_skid; /* CA AuthKeyId matching ->skid (optional) */ 27 25 time64_t valid_from; 28 26 time64_t valid_to; 29 27 const void *tbs; /* Signed data */ ··· 39 41 unsigned index; 40 42 bool seen; /* Infinite recursion prevention */ 41 43 bool verified; 42 42 - bool trusted; 43 43 - bool unsupported_crypto; /* T if can't be verified due to missing crypto */ 44 44 + bool self_signed; /* T if self-signed (check unsupported_sig too) */ 45 45 + bool unsupported_key; /* T if key uses unsupported crypto */ 46 46 + bool unsupported_sig; /* T if signature uses unsupported crypto */ 44 47 }; 45 48 46 49 /* ··· 57 58 * x509_public_key.c 58 59 */ 59 60 extern int x509_get_sig_params(struct x509_certificate *cert); 60 60 - extern int x509_check_signature(const struct public_key *pub, 61 61 - struct x509_certificate *cert); 61 61 + extern int x509_check_for_self_signed(struct x509_certificate *cert);

+82 -215

crypto/asymmetric_keys/x509_public_key.c

reviewed

··· 20 20 #include "asymmetric_keys.h" 21 21 #include "x509_parser.h" 22 22 23 23 - static bool use_builtin_keys; 24 24 - static struct asymmetric_key_id *ca_keyid; 25 25 - 26 26 - #ifndef MODULE 27 27 - static struct { 28 28 - struct asymmetric_key_id id; 29 29 - unsigned char data[10]; 30 30 - } cakey; 31 31 - 32 32 - static int __init ca_keys_setup(char *str) 33 33 - { 34 34 - if (!str) /* default system keyring */ 35 35 - return 1; 36 36 - 37 37 - if (strncmp(str, "id:", 3) == 0) { 38 38 - struct asymmetric_key_id *p = &cakey.id; 39 39 - size_t hexlen = (strlen(str) - 3) / 2; 40 40 - int ret; 41 41 - 42 42 - if (hexlen == 0 || hexlen > sizeof(cakey.data)) { 43 43 - pr_err("Missing or invalid ca_keys id\n"); 44 44 - return 1; 45 45 - } 46 46 - 47 47 - ret = __asymmetric_key_hex_to_key_id(str + 3, p, hexlen); 48 48 - if (ret < 0) 49 49 - pr_err("Unparsable ca_keys id hex string\n"); 50 50 - else 51 51 - ca_keyid = p; /* owner key 'id:xxxxxx' */ 52 52 - } else if (strcmp(str, "builtin") == 0) { 53 53 - use_builtin_keys = true; 54 54 - } 55 55 - 56 56 - return 1; 57 57 - } 58 58 - __setup("ca_keys=", ca_keys_setup); 59 59 - #endif 60 60 - 61 61 - /** 62 62 - * x509_request_asymmetric_key - Request a key by X.509 certificate params. 63 63 - * @keyring: The keys to search. 64 64 - * @id: The issuer & serialNumber to look for or NULL. 65 65 - * @skid: The subjectKeyIdentifier to look for or NULL. 66 66 - * @partial: Use partial match if true, exact if false. 67 67 - * 68 68 - * Find a key in the given keyring by identifier. The preferred identifier is 69 69 - * the issuer + serialNumber and the fallback identifier is the 70 70 - * subjectKeyIdentifier. If both are given, the lookup is by the former, but 71 71 - * the latter must also match. 72 72 - */ 73 73 - struct key *x509_request_asymmetric_key(struct key *keyring, 74 74 - const struct asymmetric_key_id *id, 75 75 - const struct asymmetric_key_id *skid, 76 76 - bool partial) 77 77 - { 78 78 - struct key *key; 79 79 - key_ref_t ref; 80 80 - const char *lookup; 81 81 - char *req, *p; 82 82 - int len; 83 83 - 84 84 - if (id) { 85 85 - lookup = id->data; 86 86 - len = id->len; 87 87 - } else { 88 88 - lookup = skid->data; 89 89 - len = skid->len; 90 90 - } 91 91 - 92 92 - /* Construct an identifier "id:<keyid>". */ 93 93 - p = req = kmalloc(2 + 1 + len * 2 + 1, GFP_KERNEL); 94 94 - if (!req) 95 95 - return ERR_PTR(-ENOMEM); 96 96 - 97 97 - if (partial) { 98 98 - *p++ = 'i'; 99 99 - *p++ = 'd'; 100 100 - } else { 101 101 - *p++ = 'e'; 102 102 - *p++ = 'x'; 103 103 - } 104 104 - *p++ = ':'; 105 105 - p = bin2hex(p, lookup, len); 106 106 - *p = 0; 107 107 - 108 108 - pr_debug("Look up: \"%s\"\n", req); 109 109 - 110 110 - ref = keyring_search(make_key_ref(keyring, 1), 111 111 - &key_type_asymmetric, req); 112 112 - if (IS_ERR(ref)) 113 113 - pr_debug("Request for key '%s' err %ld\n", req, PTR_ERR(ref)); 114 114 - kfree(req); 115 115 - 116 116 - if (IS_ERR(ref)) { 117 117 - switch (PTR_ERR(ref)) { 118 118 - /* Hide some search errors */ 119 119 - case -EACCES: 120 120 - case -ENOTDIR: 121 121 - case -EAGAIN: 122 122 - return ERR_PTR(-ENOKEY); 123 123 - default: 124 124 - return ERR_CAST(ref); 125 125 - } 126 126 - } 127 127 - 128 128 - key = key_ref_to_ptr(ref); 129 129 - if (id && skid) { 130 130 - const struct asymmetric_key_ids *kids = asymmetric_key_ids(key); 131 131 - if (!kids->id[1]) { 132 132 - pr_debug("issuer+serial match, but expected SKID missing\n"); 133 133 - goto reject; 134 134 - } 135 135 - if (!asymmetric_key_id_same(skid, kids->id[1])) { 136 136 - pr_debug("issuer+serial match, but SKID does not\n"); 137 137 - goto reject; 138 138 - } 139 139 - } 140 140 - 141 141 - pr_devel("<==%s() = 0 [%x]\n", __func__, key_serial(key)); 142 142 - return key; 143 143 - 144 144 - reject: 145 145 - key_put(key); 146 146 - return ERR_PTR(-EKEYREJECTED); 147 147 - } 148 148 - EXPORT_SYMBOL_GPL(x509_request_asymmetric_key); 149 149 - 150 23 /* 151 24 * Set up the signature parameters in an X.509 certificate. This involves 152 25 * digesting the signed data and extracting the signature. 153 26 */ 154 27 int x509_get_sig_params(struct x509_certificate *cert) 155 28 { 29 29 + struct public_key_signature *sig = cert->sig; 156 30 struct crypto_shash *tfm; 157 31 struct shash_desc *desc; 158 158 - size_t digest_size, desc_size; 159 159 - void *digest; 32 32 + size_t desc_size; 160 33 int ret; 161 34 162 35 pr_devel("==>%s()\n", __func__); 163 36 164 164 - if (cert->unsupported_crypto) 165 165 - return -ENOPKG; 166 166 - if (cert->sig.s) 167 167 - return 0; 37 37 + if (!cert->pub->pkey_algo) 38 38 + cert->unsupported_key = true; 168 39 169 169 - cert->sig.s = kmemdup(cert->raw_sig, cert->raw_sig_size, 170 170 - GFP_KERNEL); 171 171 - if (!cert->sig.s) 40 40 + if (!sig->pkey_algo) 41 41 + cert->unsupported_sig = true; 42 42 + 43 43 + /* We check the hash if we can - even if we can't then verify it */ 44 44 + if (!sig->hash_algo) { 45 45 + cert->unsupported_sig = true; 46 46 + return 0; 47 47 + } 48 48 + 49 49 + sig->s = kmemdup(cert->raw_sig, cert->raw_sig_size, GFP_KERNEL); 50 50 + if (!sig->s) 172 51 return -ENOMEM; 173 52 174 174 - cert->sig.s_size = cert->raw_sig_size; 53 53 + sig->s_size = cert->raw_sig_size; 175 54 176 55 /* Allocate the hashing algorithm we're going to need and find out how 177 56 * big the hash operational data will be. 178 57 */ 179 179 - tfm = crypto_alloc_shash(cert->sig.hash_algo, 0, 0); 58 58 + tfm = crypto_alloc_shash(sig->hash_algo, 0, 0); 180 59 if (IS_ERR(tfm)) { 181 60 if (PTR_ERR(tfm) == -ENOENT) { 182 182 - cert->unsupported_crypto = true; 183 183 - return -ENOPKG; 61 61 + cert->unsupported_sig = true; 62 62 + return 0; 184 63 } 185 64 return PTR_ERR(tfm); 186 65 } 187 66 188 67 desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); 189 189 - digest_size = crypto_shash_digestsize(tfm); 68 68 + sig->digest_size = crypto_shash_digestsize(tfm); 190 69 191 191 - /* We allocate the hash operational data storage on the end of the 192 192 - * digest storage space. 193 193 - */ 194 70 ret = -ENOMEM; 195 195 - digest = kzalloc(ALIGN(digest_size, __alignof__(*desc)) + desc_size, 196 196 - GFP_KERNEL); 197 197 - if (!digest) 71 71 + sig->digest = kmalloc(sig->digest_size, GFP_KERNEL); 72 72 + if (!sig->digest) 198 73 goto error; 199 74 200 200 - cert->sig.digest = digest; 201 201 - cert->sig.digest_size = digest_size; 75 75 + desc = kzalloc(desc_size, GFP_KERNEL); 76 76 + if (!desc) 77 77 + goto error; 202 78 203 203 - desc = PTR_ALIGN(digest + digest_size, __alignof__(*desc)); 204 79 desc->tfm = tfm; 205 80 desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; 206 81 207 82 ret = crypto_shash_init(desc); 208 83 if (ret < 0) 209 209 - goto error; 84 84 + goto error_2; 210 85 might_sleep(); 211 211 - ret = crypto_shash_finup(desc, cert->tbs, cert->tbs_size, digest); 86 86 + ret = crypto_shash_finup(desc, cert->tbs, cert->tbs_size, sig->digest); 87 87 + 88 88 + error_2: 89 89 + kfree(desc); 212 90 error: 213 91 crypto_free_shash(tfm); 214 92 pr_devel("<==%s() = %d\n", __func__, ret); 215 93 return ret; 216 94 } 217 217 - EXPORT_SYMBOL_GPL(x509_get_sig_params); 218 95 219 96 /* 220 220 - * Check the signature on a certificate using the provided public key 97 97 + * Check for self-signedness in an X.509 cert and if found, check the signature 98 98 + * immediately if we can. 221 99 */ 222 222 - int x509_check_signature(const struct public_key *pub, 223 223 - struct x509_certificate *cert) 100 100 + int x509_check_for_self_signed(struct x509_certificate *cert) 224 101 { 225 225 - int ret; 102 102 + int ret = 0; 226 103 227 104 pr_devel("==>%s()\n", __func__); 228 105 229 229 - ret = x509_get_sig_params(cert); 230 230 - if (ret < 0) 231 231 - return ret; 106 106 + if (cert->raw_subject_size != cert->raw_issuer_size || 107 107 + memcmp(cert->raw_subject, cert->raw_issuer, 108 108 + cert->raw_issuer_size) != 0) 109 109 + goto not_self_signed; 232 110 233 233 - ret = public_key_verify_signature(pub, &cert->sig); 234 234 - if (ret == -ENOPKG) 235 235 - cert->unsupported_crypto = true; 236 236 - pr_debug("Cert Verification: %d\n", ret); 237 237 - return ret; 238 238 - } 239 239 - EXPORT_SYMBOL_GPL(x509_check_signature); 111 111 + if (cert->sig->auth_ids[0] || cert->sig->auth_ids[1]) { 112 112 + /* If the AKID is present it may have one or two parts. If 113 113 + * both are supplied, both must match. 114 114 + */ 115 115 + bool a = asymmetric_key_id_same(cert->skid, cert->sig->auth_ids[1]); 116 116 + bool b = asymmetric_key_id_same(cert->id, cert->sig->auth_ids[0]); 240 117 241 241 - /* 242 242 - * Check the new certificate against the ones in the trust keyring. If one of 243 243 - * those is the signing key and validates the new certificate, then mark the 244 244 - * new certificate as being trusted. 245 245 - * 246 246 - * Return 0 if the new certificate was successfully validated, 1 if we couldn't 247 247 - * find a matching parent certificate in the trusted list and an error if there 248 248 - * is a matching certificate but the signature check fails. 249 249 - */ 250 250 - static int x509_validate_trust(struct x509_certificate *cert, 251 251 - struct key *trust_keyring) 252 252 - { 253 253 - struct key *key; 254 254 - int ret = 1; 118 118 + if (!a && !b) 119 119 + goto not_self_signed; 255 120 256 256 - if (!trust_keyring) 257 257 - return -EOPNOTSUPP; 258 258 - 259 259 - if (ca_keyid && !asymmetric_key_id_partial(cert->akid_skid, ca_keyid)) 260 260 - return -EPERM; 261 261 - 262 262 - key = x509_request_asymmetric_key(trust_keyring, 263 263 - cert->akid_id, cert->akid_skid, 264 264 - false); 265 265 - if (!IS_ERR(key)) { 266 266 - if (!use_builtin_keys 267 267 - || test_bit(KEY_FLAG_BUILTIN, &key->flags)) 268 268 - ret = x509_check_signature(key->payload.data[asym_crypto], 269 269 - cert); 270 270 - key_put(key); 121 121 + ret = -EKEYREJECTED; 122 122 + if (((a && !b) || (b && !a)) && 123 123 + cert->sig->auth_ids[0] && cert->sig->auth_ids[1]) 124 124 + goto out; 271 125 } 126 126 + 127 127 + ret = -EKEYREJECTED; 128 128 + if (cert->pub->pkey_algo != cert->sig->pkey_algo) 129 129 + goto out; 130 130 + 131 131 + ret = public_key_verify_signature(cert->pub, cert->sig); 132 132 + if (ret < 0) { 133 133 + if (ret == -ENOPKG) { 134 134 + cert->unsupported_sig = true; 135 135 + ret = 0; 136 136 + } 137 137 + goto out; 138 138 + } 139 139 + 140 140 + pr_devel("Cert Self-signature verified"); 141 141 + cert->self_signed = true; 142 142 + 143 143 + out: 144 144 + pr_devel("<==%s() = %d\n", __func__, ret); 272 145 return ret; 146 146 + 147 147 + not_self_signed: 148 148 + pr_devel("<==%s() = 0 [not]\n", __func__); 149 149 + return 0; 273 150 } 274 151 275 152 /* ··· 168 291 pr_devel("Cert Issuer: %s\n", cert->issuer); 169 292 pr_devel("Cert Subject: %s\n", cert->subject); 170 293 171 171 - if (!cert->pub->pkey_algo || 172 172 - !cert->sig.pkey_algo || 173 173 - !cert->sig.hash_algo) { 294 294 + if (cert->unsupported_key) { 174 295 ret = -ENOPKG; 175 296 goto error_free_cert; 176 297 } 177 298 178 299 pr_devel("Cert Key Algo: %s\n", cert->pub->pkey_algo); 179 300 pr_devel("Cert Valid period: %lld-%lld\n", cert->valid_from, cert->valid_to); 180 180 - pr_devel("Cert Signature: %s + %s\n", 181 181 - cert->sig.pkey_algo, 182 182 - cert->sig.hash_algo); 183 301 184 302 cert->pub->id_type = "X509"; 185 303 186 186 - /* Check the signature on the key if it appears to be self-signed */ 187 187 - if ((!cert->akid_skid && !cert->akid_id) || 188 188 - asymmetric_key_id_same(cert->skid, cert->akid_skid) || 189 189 - asymmetric_key_id_same(cert->id, cert->akid_id)) { 190 190 - ret = x509_check_signature(cert->pub, cert); /* self-signed */ 191 191 - if (ret < 0) 192 192 - goto error_free_cert; 193 193 - } else if (!prep->trusted) { 194 194 - ret = x509_validate_trust(cert, get_system_trusted_keyring()); 195 195 - if (ret) 196 196 - ret = x509_validate_trust(cert, get_ima_mok_keyring()); 197 197 - if (!ret) 198 198 - prep->trusted = 1; 304 304 + if (cert->unsupported_sig) { 305 305 + public_key_signature_free(cert->sig); 306 306 + cert->sig = NULL; 307 307 + } else { 308 308 + pr_devel("Cert Signature: %s + %s\n", 309 309 + cert->sig->pkey_algo, cert->sig->hash_algo); 199 310 } 200 311 201 312 /* Propose a description */ ··· 218 353 prep->payload.data[asym_subtype] = &public_key_subtype; 219 354 prep->payload.data[asym_key_ids] = kids; 220 355 prep->payload.data[asym_crypto] = cert->pub; 356 356 + prep->payload.data[asym_auth] = cert->sig; 221 357 prep->description = desc; 222 358 prep->quotalen = 100; 223 359 ··· 226 360 cert->pub = NULL; 227 361 cert->id = NULL; 228 362 cert->skid = NULL; 363 363 + cert->sig = NULL; 229 364 desc = NULL; 230 365 ret = 0; 231 366

+1 -1

fs/cifs/cifsacl.c

reviewed

··· 360 360 GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, 361 361 (KEY_POS_ALL & ~KEY_POS_SETATTR) | 362 362 KEY_USR_VIEW | KEY_USR_READ, 363 363 - KEY_ALLOC_NOT_IN_QUOTA, NULL); 363 363 + KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL); 364 364 if (IS_ERR(keyring)) { 365 365 ret = PTR_ERR(keyring); 366 366 goto failed_put_cred;

+1 -1

fs/nfs/nfs4idmap.c

reviewed

··· 201 201 GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, 202 202 (KEY_POS_ALL & ~KEY_POS_SETATTR) | 203 203 KEY_USR_VIEW | KEY_USR_READ, 204 204 - KEY_ALLOC_NOT_IN_QUOTA, NULL); 204 204 + KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL); 205 205 if (IS_ERR(keyring)) { 206 206 ret = PTR_ERR(keyring); 207 207 goto failed_put_cred;

+3 -3

include/crypto/pkcs7.h

reviewed

··· 12 12 #ifndef _CRYPTO_PKCS7_H 13 13 #define _CRYPTO_PKCS7_H 14 14 15 15 + #include <linux/verification.h> 15 16 #include <crypto/public_key.h> 16 17 17 18 struct key; ··· 27 26 28 27 extern int pkcs7_get_content_data(const struct pkcs7_message *pkcs7, 29 28 const void **_data, size_t *_datalen, 30 30 - bool want_wrapper); 29 29 + size_t *_headerlen); 31 30 32 31 /* 33 32 * pkcs7_trust.c 34 33 */ 35 34 extern int pkcs7_validate_trust(struct pkcs7_message *pkcs7, 36 36 - struct key *trust_keyring, 37 37 - bool *_trusted); 35 35 + struct key *trust_keyring); 38 36 39 37 /* 40 38 * pkcs7_verify.c

+12 -21

include/crypto/public_key.h

reviewed

··· 15 15 #define _LINUX_PUBLIC_KEY_H 16 16 17 17 /* 18 18 - * The use to which an asymmetric key is being put. 19 19 - */ 20 20 - enum key_being_used_for { 21 21 - VERIFYING_MODULE_SIGNATURE, 22 22 - VERIFYING_FIRMWARE_SIGNATURE, 23 23 - VERIFYING_KEXEC_PE_SIGNATURE, 24 24 - VERIFYING_KEY_SIGNATURE, 25 25 - VERIFYING_KEY_SELF_SIGNATURE, 26 26 - VERIFYING_UNSPECIFIED_SIGNATURE, 27 27 - NR__KEY_BEING_USED_FOR 28 28 - }; 29 29 - extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR]; 30 30 - 31 31 - /* 32 18 * Cryptographic data for the public-key subtype of the asymmetric key type. 33 19 * 34 20 * Note that this may include private part of the key as well as the public ··· 27 41 const char *pkey_algo; 28 42 }; 29 43 30 30 - extern void public_key_destroy(void *payload); 44 44 + extern void public_key_free(struct public_key *key); 31 45 32 46 /* 33 47 * Public key cryptography signature data 34 48 */ 35 49 struct public_key_signature { 50 50 + struct asymmetric_key_id *auth_ids[2]; 36 51 u8 *s; /* Signature */ 37 52 u32 s_size; /* Number of bytes in signature */ 38 53 u8 *digest; ··· 42 55 const char *hash_algo; 43 56 }; 44 57 58 58 + extern void public_key_signature_free(struct public_key_signature *sig); 59 59 + 45 60 extern struct asymmetric_key_subtype public_key_subtype; 61 61 + 46 62 struct key; 63 63 + struct key_type; 64 64 + union key_payload; 65 65 + 66 66 + extern int restrict_link_by_signature(struct key *trust_keyring, 67 67 + const struct key_type *type, 68 68 + const union key_payload *payload); 69 69 + 47 70 extern int verify_signature(const struct key *key, 48 71 const struct public_key_signature *sig); 49 49 - 50 50 - struct asymmetric_key_id; 51 51 - extern struct key *x509_request_asymmetric_key(struct key *keyring, 52 52 - const struct asymmetric_key_id *id, 53 53 - const struct asymmetric_key_id *skid, 54 54 - bool partial); 55 72 56 73 int public_key_verify_signature(const struct public_key *pkey, 57 74 const struct public_key_signature *sig);

+1 -1

include/keys/asymmetric-subtype.h

reviewed

··· 32 32 void (*describe)(const struct key *key, struct seq_file *m); 33 33 34 34 /* Destroy a key of this subtype */ 35 35 - void (*destroy)(void *payload); 35 35 + void (*destroy)(void *payload_crypto, void *payload_auth); 36 36 37 37 /* Verify the signature on a key of this subtype (optional) */ 38 38 int (*verify_signature)(const struct key *key,

+10 -3

include/keys/asymmetric-type.h

reviewed

··· 15 15 #define _KEYS_ASYMMETRIC_TYPE_H 16 16 17 17 #include <linux/key-type.h> 18 18 + #include <linux/verification.h> 18 19 19 20 extern struct key_type key_type_asymmetric; 20 21 ··· 24 23 * follows: 25 24 */ 26 25 enum asymmetric_payload_bits { 27 27 - asym_crypto, 28 28 - asym_subtype, 29 29 - asym_key_ids, 26 26 + asym_crypto, /* The data representing the key */ 27 27 + asym_subtype, /* Pointer to an asymmetric_key_subtype struct */ 28 28 + asym_key_ids, /* Pointer to an asymmetric_key_ids struct */ 29 29 + asym_auth /* The key's authorisation (signature, parent key ID) */ 30 30 }; 31 31 32 32 /* ··· 75 73 { 76 74 return key->payload.data[asym_key_ids]; 77 75 } 76 76 + 77 77 + extern struct key *find_asymmetric_key(struct key *keyring, 78 78 + const struct asymmetric_key_id *id_0, 79 79 + const struct asymmetric_key_id *id_1, 80 80 + bool partial); 78 81 79 82 /* 80 83 * The payload is at the discretion of the subtype.

+15 -26

include/keys/system_keyring.h

reviewed

··· 12 12 #ifndef _KEYS_SYSTEM_KEYRING_H 13 13 #define _KEYS_SYSTEM_KEYRING_H 14 14 15 15 + #include <linux/key.h> 16 16 + 15 17 #ifdef CONFIG_SYSTEM_TRUSTED_KEYRING 16 18 17 17 - #include <linux/key.h> 18 18 - #include <crypto/public_key.h> 19 19 + extern int restrict_link_by_builtin_trusted(struct key *keyring, 20 20 + const struct key_type *type, 21 21 + const union key_payload *payload); 19 22 20 20 - extern struct key *system_trusted_keyring; 21 21 - static inline struct key *get_system_trusted_keyring(void) 22 22 - { 23 23 - return system_trusted_keyring; 24 24 - } 25 23 #else 26 26 - static inline struct key *get_system_trusted_keyring(void) 27 27 - { 28 28 - return NULL; 29 29 - } 24 24 + #define restrict_link_by_builtin_trusted restrict_link_reject 30 25 #endif 31 26 32 32 - #ifdef CONFIG_SYSTEM_DATA_VERIFICATION 33 33 - extern int system_verify_data(const void *data, unsigned long len, 34 34 - const void *raw_pkcs7, size_t pkcs7_len, 35 35 - enum key_being_used_for usage); 27 27 + #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING 28 28 + extern int restrict_link_by_builtin_and_secondary_trusted( 29 29 + struct key *keyring, 30 30 + const struct key_type *type, 31 31 + const union key_payload *payload); 32 32 + #else 33 33 + #define restrict_link_by_builtin_and_secondary_trusted restrict_link_by_builtin_trusted 36 34 #endif 37 35 38 38 - #ifdef CONFIG_IMA_MOK_KEYRING 39 39 - extern struct key *ima_mok_keyring; 36 36 + #ifdef CONFIG_IMA_BLACKLIST_KEYRING 40 37 extern struct key *ima_blacklist_keyring; 41 38 42 42 - static inline struct key *get_ima_mok_keyring(void) 43 43 - { 44 44 - return ima_mok_keyring; 45 45 - } 46 39 static inline struct key *get_ima_blacklist_keyring(void) 47 40 { 48 41 return ima_blacklist_keyring; 49 42 } 50 43 #else 51 51 - static inline struct key *get_ima_mok_keyring(void) 52 52 - { 53 53 - return NULL; 54 54 - } 55 44 static inline struct key *get_ima_blacklist_keyring(void) 56 45 { 57 46 return NULL; 58 47 } 59 59 - #endif /* CONFIG_IMA_MOK_KEYRING */ 48 48 + #endif /* CONFIG_IMA_BLACKLIST_KEYRING */ 60 49 61 50 62 51 #endif /* _KEYS_SYSTEM_KEYRING_H */

-1

include/linux/key-type.h

reviewed

··· 45 45 size_t datalen; /* Raw datalen */ 46 46 size_t quotalen; /* Quota length for proposed payload */ 47 47 time_t expiry; /* Expiry time of key */ 48 48 - bool trusted; /* True if key is trusted */ 49 48 }; 50 49 51 50 typedef int (*request_key_actor_t)(struct key_construction *key,

+33 -11

include/linux/key.h

reviewed

··· 173 173 #define KEY_FLAG_NEGATIVE 5 /* set if key is negative */ 174 174 #define KEY_FLAG_ROOT_CAN_CLEAR 6 /* set if key can be cleared by root without permission */ 175 175 #define KEY_FLAG_INVALIDATED 7 /* set if key has been invalidated */ 176 176 - #define KEY_FLAG_TRUSTED 8 /* set if key is trusted */ 177 177 - #define KEY_FLAG_TRUSTED_ONLY 9 /* set if keyring only accepts links to trusted keys */ 178 178 - #define KEY_FLAG_BUILTIN 10 /* set if key is builtin */ 179 179 - #define KEY_FLAG_ROOT_CAN_INVAL 11 /* set if key can be invalidated by root without permission */ 180 180 - #define KEY_FLAG_KEEP 12 /* set if key should not be removed */ 176 176 + #define KEY_FLAG_BUILTIN 8 /* set if key is built in to the kernel */ 177 177 + #define KEY_FLAG_ROOT_CAN_INVAL 9 /* set if key can be invalidated by root without permission */ 178 178 + #define KEY_FLAG_KEEP 10 /* set if key should not be removed */ 181 179 182 180 /* the key type and key description string 183 181 * - the desc is used to match a key against search criteria ··· 203 205 }; 204 206 int reject_error; 205 207 }; 208 208 + 209 209 + /* This is set on a keyring to restrict the addition of a link to a key 210 210 + * to it. If this method isn't provided then it is assumed that the 211 211 + * keyring is open to any addition. It is ignored for non-keyring 212 212 + * keys. 213 213 + * 214 214 + * This is intended for use with rings of trusted keys whereby addition 215 215 + * to the keyring needs to be controlled. KEY_ALLOC_BYPASS_RESTRICTION 216 216 + * overrides this, allowing the kernel to add extra keys without 217 217 + * restriction. 218 218 + */ 219 219 + int (*restrict_link)(struct key *keyring, 220 220 + const struct key_type *type, 221 221 + const union key_payload *payload); 206 222 }; 207 223 208 224 extern struct key *key_alloc(struct key_type *type, ··· 224 212 kuid_t uid, kgid_t gid, 225 213 const struct cred *cred, 226 214 key_perm_t perm, 227 227 - unsigned long flags); 215 215 + unsigned long flags, 216 216 + int (*restrict_link)(struct key *, 217 217 + const struct key_type *, 218 218 + const union key_payload *)); 228 219 229 220 230 230 - #define KEY_ALLOC_IN_QUOTA 0x0000 /* add to quota, reject if would overrun */ 231 231 - #define KEY_ALLOC_QUOTA_OVERRUN 0x0001 /* add to quota, permit even if overrun */ 232 232 - #define KEY_ALLOC_NOT_IN_QUOTA 0x0002 /* not in quota */ 233 233 - #define KEY_ALLOC_TRUSTED 0x0004 /* Key should be flagged as trusted */ 234 234 - #define KEY_ALLOC_BUILT_IN 0x0008 /* Key is built into kernel */ 221 221 + #define KEY_ALLOC_IN_QUOTA 0x0000 /* add to quota, reject if would overrun */ 222 222 + #define KEY_ALLOC_QUOTA_OVERRUN 0x0001 /* add to quota, permit even if overrun */ 223 223 + #define KEY_ALLOC_NOT_IN_QUOTA 0x0002 /* not in quota */ 224 224 + #define KEY_ALLOC_BUILT_IN 0x0004 /* Key is built into kernel */ 225 225 + #define KEY_ALLOC_BYPASS_RESTRICTION 0x0008 /* Override the check on restricted keyrings */ 235 226 236 227 extern void key_revoke(struct key *key); 237 228 extern void key_invalidate(struct key *key); ··· 303 288 const struct cred *cred, 304 289 key_perm_t perm, 305 290 unsigned long flags, 291 291 + int (*restrict_link)(struct key *, 292 292 + const struct key_type *, 293 293 + const union key_payload *), 306 294 struct key *dest); 295 295 + 296 296 + extern int restrict_link_reject(struct key *keyring, 297 297 + const struct key_type *type, 298 298 + const union key_payload *payload); 307 299 308 300 extern int keyring_clear(struct key *keyring); 309 301

+49

include/linux/verification.h

reviewed

··· 1 1 + /* Signature verification 2 2 + * 3 3 + * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved. 4 4 + * Written by David Howells (dhowells@redhat.com) 5 5 + * 6 6 + * This program is free software; you can redistribute it and/or 7 7 + * modify it under the terms of the GNU General Public Licence 8 8 + * as published by the Free Software Foundation; either version 9 9 + * 2 of the Licence, or (at your option) any later version. 10 10 + */ 11 11 + 12 12 + #ifndef _LINUX_VERIFICATION_H 13 13 + #define _LINUX_VERIFICATION_H 14 14 + 15 15 + /* 16 16 + * The use to which an asymmetric key is being put. 17 17 + */ 18 18 + enum key_being_used_for { 19 19 + VERIFYING_MODULE_SIGNATURE, 20 20 + VERIFYING_FIRMWARE_SIGNATURE, 21 21 + VERIFYING_KEXEC_PE_SIGNATURE, 22 22 + VERIFYING_KEY_SIGNATURE, 23 23 + VERIFYING_KEY_SELF_SIGNATURE, 24 24 + VERIFYING_UNSPECIFIED_SIGNATURE, 25 25 + NR__KEY_BEING_USED_FOR 26 26 + }; 27 27 + extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR]; 28 28 + 29 29 + #ifdef CONFIG_SYSTEM_DATA_VERIFICATION 30 30 + 31 31 + struct key; 32 32 + 33 33 + extern int verify_pkcs7_signature(const void *data, size_t len, 34 34 + const void *raw_pkcs7, size_t pkcs7_len, 35 35 + struct key *trusted_keys, 36 36 + enum key_being_used_for usage, 37 37 + int (*view_content)(void *ctx, 38 38 + const void *data, size_t len, 39 39 + size_t asn1hdrlen), 40 40 + void *ctx); 41 41 + 42 42 + #ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION 43 43 + extern int verify_pefile_signature(const void *pebuf, unsigned pelen, 44 44 + struct key *trusted_keys, 45 45 + enum key_being_used_for usage); 46 46 + #endif 47 47 + 48 48 + #endif /* CONFIG_SYSTEM_DATA_VERIFICATION */ 49 49 + #endif /* _LINUX_VERIFY_PEFILE_H */

-22

include/linux/verify_pefile.h

reviewed

··· 1 1 - /* Signed PE file verification 2 2 - * 3 3 - * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved. 4 4 - * Written by David Howells (dhowells@redhat.com) 5 5 - * 6 6 - * This program is free software; you can redistribute it and/or 7 7 - * modify it under the terms of the GNU General Public Licence 8 8 - * as published by the Free Software Foundation; either version 9 9 - * 2 of the Licence, or (at your option) any later version. 10 10 - */ 11 11 - 12 12 - #ifndef _LINUX_VERIFY_PEFILE_H 13 13 - #define _LINUX_VERIFY_PEFILE_H 14 14 - 15 15 - #include <crypto/public_key.h> 16 16 - 17 17 - extern int verify_pefile_signature(const void *pebuf, unsigned pelen, 18 18 - struct key *trusted_keyring, 19 19 - enum key_being_used_for usage, 20 20 - bool *_trusted); 21 21 - 22 22 - #endif /* _LINUX_VERIFY_PEFILE_H */

+10

include/uapi/linux/keyctl.h

reviewed

··· 12 12 #ifndef _LINUX_KEYCTL_H 13 13 #define _LINUX_KEYCTL_H 14 14 15 15 + #include <linux/types.h> 16 16 + 15 17 /* special process keyring shortcut IDs */ 16 18 #define KEY_SPEC_THREAD_KEYRING -1 /* - key ID for thread-specific keyring */ 17 19 #define KEY_SPEC_PROCESS_KEYRING -2 /* - key ID for process-specific keyring */ ··· 59 57 #define KEYCTL_INSTANTIATE_IOV 20 /* instantiate a partially constructed key */ 60 58 #define KEYCTL_INVALIDATE 21 /* invalidate a key */ 61 59 #define KEYCTL_GET_PERSISTENT 22 /* get a user's persistent keyring */ 60 60 + #define KEYCTL_DH_COMPUTE 23 /* Compute Diffie-Hellman values */ 61 61 + 62 62 + /* keyctl structures */ 63 63 + struct keyctl_dh_params { 64 64 + __s32 private; 65 65 + __s32 prime; 66 66 + __s32 base; 67 67 + }; 62 68 63 69 #endif /* _LINUX_KEYCTL_H */

+4 -3

kernel/module_signing.c

reviewed

··· 12 12 #include <linux/kernel.h> 13 13 #include <linux/errno.h> 14 14 #include <linux/string.h> 15 15 - #include <keys/system_keyring.h> 15 15 + #include <linux/verification.h> 16 16 #include <crypto/public_key.h> 17 17 #include "module-internal.h" 18 18 ··· 80 80 return -EBADMSG; 81 81 } 82 82 83 83 - return system_verify_data(mod, modlen, mod + modlen, sig_len, 84 84 - VERIFYING_MODULE_SIGNATURE); 83 83 + return verify_pkcs7_signature(mod, modlen, mod + modlen, sig_len, 84 84 + NULL, VERIFYING_MODULE_SIGNATURE, 85 85 + NULL, NULL); 85 86 }

+1 -1

net/dns_resolver/dns_key.c

reviewed

··· 281 281 GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, 282 282 (KEY_POS_ALL & ~KEY_POS_SETATTR) | 283 283 KEY_USR_VIEW | KEY_USR_READ, 284 284 - KEY_ALLOC_NOT_IN_QUOTA, NULL); 284 284 + KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL); 285 285 if (IS_ERR(keyring)) { 286 286 ret = PTR_ERR(keyring); 287 287 goto failed_put_cred;

+2 -2

net/rxrpc/ar-key.c

reviewed

··· 965 965 966 966 key = key_alloc(&key_type_rxrpc, "x", 967 967 GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, 0, 968 968 - KEY_ALLOC_NOT_IN_QUOTA); 968 968 + KEY_ALLOC_NOT_IN_QUOTA, NULL); 969 969 if (IS_ERR(key)) { 970 970 _leave(" = -ENOMEM [alloc %ld]", PTR_ERR(key)); 971 971 return -ENOMEM; ··· 1012 1012 1013 1013 key = key_alloc(&key_type_rxrpc, keyname, 1014 1014 GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, 1015 1015 - KEY_POS_SEARCH, KEY_ALLOC_NOT_IN_QUOTA); 1015 1015 + KEY_POS_SEARCH, KEY_ALLOC_NOT_IN_QUOTA, NULL); 1016 1016 if (IS_ERR(key)) 1017 1017 return key; 1018 1018

-1

security/integrity/Kconfig

reviewed

··· 35 35 default n 36 36 select ASYMMETRIC_KEY_TYPE 37 37 select ASYMMETRIC_PUBLIC_KEY_SUBTYPE 38 38 - select PUBLIC_KEY_ALGO_RSA 39 38 select CRYPTO_RSA 40 39 select X509_CERTIFICATE_PARSER 41 40 help

+11 -4

security/integrity/digsig.c

reviewed

··· 18 18 #include <linux/cred.h> 19 19 #include <linux/key-type.h> 20 20 #include <linux/digsig.h> 21 21 + #include <crypto/public_key.h> 22 22 + #include <keys/system_keyring.h> 21 23 22 24 #include "integrity.h" 23 25 ··· 40 38 static bool init_keyring __initdata = true; 41 39 #else 42 40 static bool init_keyring __initdata; 41 41 + #endif 42 42 + 43 43 + #ifdef CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY 44 44 + #define restrict_link_to_ima restrict_link_by_builtin_and_secondary_trusted 45 45 + #else 46 46 + #define restrict_link_to_ima restrict_link_by_builtin_trusted 43 47 #endif 44 48 45 49 int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen, ··· 91 83 ((KEY_POS_ALL & ~KEY_POS_SETATTR) | 92 84 KEY_USR_VIEW | KEY_USR_READ | 93 85 KEY_USR_WRITE | KEY_USR_SEARCH), 94 94 - KEY_ALLOC_NOT_IN_QUOTA, NULL); 95 95 - if (!IS_ERR(keyring[id])) 96 96 - set_bit(KEY_FLAG_TRUSTED_ONLY, &keyring[id]->flags); 97 97 - else { 86 86 + KEY_ALLOC_NOT_IN_QUOTA, 87 87 + restrict_link_to_ima, NULL); 88 88 + if (IS_ERR(keyring[id])) { 98 89 err = PTR_ERR(keyring[id]); 99 90 pr_info("Can't allocate %s keyring (%d)\n", 100 91 keyring_name[id], err);

+23 -13

security/integrity/ima/Kconfig

reviewed

··· 155 155 156 156 This option is deprecated in favor of INTEGRITY_TRUSTED_KEYRING 157 157 158 158 - config IMA_MOK_KEYRING 159 159 - bool "Create IMA machine owner keys (MOK) and blacklist keyrings" 158 158 + config IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY 159 159 + bool "Permit keys validly signed by a built-in or secondary CA cert (EXPERIMENTAL)" 160 160 + depends on SYSTEM_TRUSTED_KEYRING 161 161 + depends on SECONDARY_TRUSTED_KEYRING 162 162 + depends on INTEGRITY_ASYMMETRIC_KEYS 163 163 + select INTEGRITY_TRUSTED_KEYRING 164 164 + default n 165 165 + help 166 166 + Keys may be added to the IMA or IMA blacklist keyrings, if the 167 167 + key is validly signed by a CA cert in the system built-in or 168 168 + secondary trusted keyrings. 169 169 + 170 170 + Intermediate keys between those the kernel has compiled in and the 171 171 + IMA keys to be added may be added to the system secondary keyring, 172 172 + provided they are validly signed by a key already resident in the 173 173 + built-in or secondary trusted keyrings. 174 174 + 175 175 + config IMA_BLACKLIST_KEYRING 176 176 + bool "Create IMA machine owner blacklist keyrings (EXPERIMENTAL)" 160 177 depends on SYSTEM_TRUSTED_KEYRING 161 178 depends on IMA_TRUSTED_KEYRING 162 179 default n 163 180 help 164 164 - This option creates IMA MOK and blacklist keyrings. IMA MOK is an 165 165 - intermediate keyring that sits between .system and .ima keyrings, 166 166 - effectively forming a simple CA hierarchy. To successfully import a 167 167 - key into .ima_mok it must be signed by a key which CA is in .system 168 168 - keyring. On turn any key that needs to go in .ima keyring must be 169 169 - signed by CA in either .system or .ima_mok keyrings. IMA MOK is empty 170 170 - at kernel boot. 171 171 - 172 172 - IMA blacklist keyring contains all revoked IMA keys. It is consulted 173 173 - before any other keyring. If the search is successful the requested 174 174 - operation is rejected and error is returned to the caller. 181 181 + This option creates an IMA blacklist keyring, which contains all 182 182 + revoked IMA keys. It is consulted before any other keyring. If 183 183 + the search is successful the requested operation is rejected and 184 184 + an error is returned to the caller. 175 185 176 186 config IMA_LOAD_X509 177 187 bool "Load X509 certificate onto the '.ima' trusted keyring"

+1 -1

security/integrity/ima/Makefile

reviewed

··· 8 8 ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \ 9 9 ima_policy.o ima_template.o ima_template_lib.o 10 10 ima-$(CONFIG_IMA_APPRAISE) += ima_appraise.o 11 11 - obj-$(CONFIG_IMA_MOK_KEYRING) += ima_mok.o 11 11 + obj-$(CONFIG_IMA_BLACKLIST_KEYRING) += ima_mok.o

+7 -16

security/integrity/ima/ima_mok.c

reviewed

··· 17 17 #include <linux/cred.h> 18 18 #include <linux/err.h> 19 19 #include <linux/init.h> 20 20 - #include <keys/asymmetric-type.h> 20 20 + #include <keys/system_keyring.h> 21 21 22 22 23 23 - struct key *ima_mok_keyring; 24 23 struct key *ima_blacklist_keyring; 25 24 26 25 /* 27 27 - * Allocate the IMA MOK and blacklist keyrings 26 26 + * Allocate the IMA blacklist keyring 28 27 */ 29 28 __init int ima_mok_init(void) 30 29 { 31 31 - pr_notice("Allocating IMA MOK and blacklist keyrings.\n"); 32 32 - 33 33 - ima_mok_keyring = keyring_alloc(".ima_mok", 34 34 - KUIDT_INIT(0), KGIDT_INIT(0), current_cred(), 35 35 - (KEY_POS_ALL & ~KEY_POS_SETATTR) | 36 36 - KEY_USR_VIEW | KEY_USR_READ | 37 37 - KEY_USR_WRITE | KEY_USR_SEARCH, 38 38 - KEY_ALLOC_NOT_IN_QUOTA, NULL); 30 30 + pr_notice("Allocating IMA blacklist keyring.\n"); 39 31 40 32 ima_blacklist_keyring = keyring_alloc(".ima_blacklist", 41 33 KUIDT_INIT(0), KGIDT_INIT(0), current_cred(), 42 34 (KEY_POS_ALL & ~KEY_POS_SETATTR) | 43 35 KEY_USR_VIEW | KEY_USR_READ | 44 36 KEY_USR_WRITE | KEY_USR_SEARCH, 45 45 - KEY_ALLOC_NOT_IN_QUOTA, NULL); 37 37 + KEY_ALLOC_NOT_IN_QUOTA, 38 38 + restrict_link_by_builtin_trusted, NULL); 46 39 47 47 - if (IS_ERR(ima_mok_keyring) || IS_ERR(ima_blacklist_keyring)) 48 48 - panic("Can't allocate IMA MOK or blacklist keyrings."); 49 49 - set_bit(KEY_FLAG_TRUSTED_ONLY, &ima_mok_keyring->flags); 40 40 + if (IS_ERR(ima_blacklist_keyring)) 41 41 + panic("Can't allocate IMA blacklist keyring."); 50 42 51 51 - set_bit(KEY_FLAG_TRUSTED_ONLY, &ima_blacklist_keyring->flags); 52 43 set_bit(KEY_FLAG_KEEP, &ima_blacklist_keyring->flags); 53 44 return 0; 54 45 }

+15

security/keys/Kconfig

reviewed

··· 41 41 bool "Large payload keys" 42 42 depends on KEYS 43 43 depends on TMPFS 44 44 + select CRYPTO 45 45 + select CRYPTO_AES 46 46 + select CRYPTO_ECB 47 47 + select CRYPTO_RNG 44 48 help 45 49 This option provides support for holding large keys within the kernel 46 50 (for example Kerberos ticket caches). The data may be stored out to ··· 85 81 Userspace only ever sees/stores encrypted blobs. 86 82 87 83 If you are unsure as to whether this is required, answer N. 84 84 + 85 85 + config KEY_DH_OPERATIONS 86 86 + bool "Diffie-Hellman operations on retained keys" 87 87 + depends on KEYS 88 88 + select MPILIB 89 89 + help 90 90 + This option provides support for calculating Diffie-Hellman 91 91 + public keys and shared secrets using values stored as keys 92 92 + in the kernel. 93 93 + 94 94 + If you are unsure as to whether this is required, answer N.

+1

security/keys/Makefile

reviewed

··· 19 19 obj-$(CONFIG_PROC_FS) += proc.o 20 20 obj-$(CONFIG_SYSCTL) += sysctl.o 21 21 obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o 22 22 + obj-$(CONFIG_KEY_DH_OPERATIONS) += dh.o 22 23 23 24 # 24 25 # Key types

+181 -19

security/keys/big_key.c

reviewed

··· 14 14 #include <linux/file.h> 15 15 #include <linux/shmem_fs.h> 16 16 #include <linux/err.h> 17 17 + #include <linux/scatterlist.h> 17 18 #include <keys/user-type.h> 18 19 #include <keys/big_key-type.h> 20 20 + #include <crypto/rng.h> 19 21 20 22 /* 21 23 * Layout of key payload words. ··· 30 28 }; 31 29 32 30 /* 31 31 + * Crypto operation with big_key data 32 32 + */ 33 33 + enum big_key_op { 34 34 + BIG_KEY_ENC, 35 35 + BIG_KEY_DEC, 36 36 + }; 37 37 + 38 38 + /* 33 39 * If the data is under this limit, there's no point creating a shm file to 34 40 * hold it as the permanently resident metadata for the shmem fs will be at 35 41 * least as large as the data. 36 42 */ 37 43 #define BIG_KEY_FILE_THRESHOLD (sizeof(struct inode) + sizeof(struct dentry)) 44 44 + 45 45 + /* 46 46 + * Key size for big_key data encryption 47 47 + */ 48 48 + #define ENC_KEY_SIZE 16 38 49 39 50 /* 40 51 * big_key defined keys take an arbitrary string as the description and an ··· 65 50 }; 66 51 67 52 /* 53 53 + * Crypto names for big_key data encryption 54 54 + */ 55 55 + static const char big_key_rng_name[] = "stdrng"; 56 56 + static const char big_key_alg_name[] = "ecb(aes)"; 57 57 + 58 58 + /* 59 59 + * Crypto algorithms for big_key data encryption 60 60 + */ 61 61 + static struct crypto_rng *big_key_rng; 62 62 + static struct crypto_blkcipher *big_key_blkcipher; 63 63 + 64 64 + /* 65 65 + * Generate random key to encrypt big_key data 66 66 + */ 67 67 + static inline int big_key_gen_enckey(u8 *key) 68 68 + { 69 69 + return crypto_rng_get_bytes(big_key_rng, key, ENC_KEY_SIZE); 70 70 + } 71 71 + 72 72 + /* 73 73 + * Encrypt/decrypt big_key data 74 74 + */ 75 75 + static int big_key_crypt(enum big_key_op op, u8 *data, size_t datalen, u8 *key) 76 76 + { 77 77 + int ret = -EINVAL; 78 78 + struct scatterlist sgio; 79 79 + struct blkcipher_desc desc; 80 80 + 81 81 + if (crypto_blkcipher_setkey(big_key_blkcipher, key, ENC_KEY_SIZE)) { 82 82 + ret = -EAGAIN; 83 83 + goto error; 84 84 + } 85 85 + 86 86 + desc.flags = 0; 87 87 + desc.tfm = big_key_blkcipher; 88 88 + 89 89 + sg_init_one(&sgio, data, datalen); 90 90 + 91 91 + if (op == BIG_KEY_ENC) 92 92 + ret = crypto_blkcipher_encrypt(&desc, &sgio, &sgio, datalen); 93 93 + else 94 94 + ret = crypto_blkcipher_decrypt(&desc, &sgio, &sgio, datalen); 95 95 + 96 96 + error: 97 97 + return ret; 98 98 + } 99 99 + 100 100 + /* 68 101 * Preparse a big key 69 102 */ 70 103 int big_key_preparse(struct key_preparsed_payload *prep) 71 104 { 72 105 struct path *path = (struct path *)&prep->payload.data[big_key_path]; 73 106 struct file *file; 107 107 + u8 *enckey; 108 108 + u8 *data = NULL; 74 109 ssize_t written; 75 110 size_t datalen = prep->datalen; 76 111 int ret; ··· 138 73 /* Create a shmem file to store the data in. This will permit the data 139 74 * to be swapped out if needed. 140 75 * 141 141 - * TODO: Encrypt the stored data with a temporary key. 76 76 + * File content is stored encrypted with randomly generated key. 142 77 */ 143 143 - file = shmem_kernel_file_setup("", datalen, 0); 144 144 - if (IS_ERR(file)) { 145 145 - ret = PTR_ERR(file); 78 78 + size_t enclen = ALIGN(datalen, crypto_blkcipher_blocksize(big_key_blkcipher)); 79 79 + 80 80 + /* prepare aligned data to encrypt */ 81 81 + data = kmalloc(enclen, GFP_KERNEL); 82 82 + if (!data) 83 83 + return -ENOMEM; 84 84 + 85 85 + memcpy(data, prep->data, datalen); 86 86 + memset(data + datalen, 0x00, enclen - datalen); 87 87 + 88 88 + /* generate random key */ 89 89 + enckey = kmalloc(ENC_KEY_SIZE, GFP_KERNEL); 90 90 + if (!enckey) { 91 91 + ret = -ENOMEM; 146 92 goto error; 147 93 } 148 94 149 149 - written = kernel_write(file, prep->data, prep->datalen, 0); 150 150 - if (written != datalen) { 95 95 + ret = big_key_gen_enckey(enckey); 96 96 + if (ret) 97 97 + goto err_enckey; 98 98 + 99 99 + /* encrypt aligned data */ 100 100 + ret = big_key_crypt(BIG_KEY_ENC, data, enclen, enckey); 101 101 + if (ret) 102 102 + goto err_enckey; 103 103 + 104 104 + /* save aligned data to file */ 105 105 + file = shmem_kernel_file_setup("", enclen, 0); 106 106 + if (IS_ERR(file)) { 107 107 + ret = PTR_ERR(file); 108 108 + goto err_enckey; 109 109 + } 110 110 + 111 111 + written = kernel_write(file, data, enclen, 0); 112 112 + if (written != enclen) { 151 113 ret = written; 152 114 if (written >= 0) 153 115 ret = -ENOMEM; ··· 184 92 /* Pin the mount and dentry to the key so that we can open it again 185 93 * later 186 94 */ 95 95 + prep->payload.data[big_key_data] = enckey; 187 96 *path = file->f_path; 188 97 path_get(path); 189 98 fput(file); 99 99 + kfree(data); 190 100 } else { 191 101 /* Just store the data in a buffer */ 192 102 void *data = kmalloc(datalen, GFP_KERNEL); 103 103 + 193 104 if (!data) 194 105 return -ENOMEM; 195 106 ··· 203 108 204 109 err_fput: 205 110 fput(file); 111 111 + err_enckey: 112 112 + kfree(enckey); 206 113 error: 114 114 + kfree(data); 207 115 return ret; 208 116 } 209 117 ··· 217 119 { 218 120 if (prep->datalen > BIG_KEY_FILE_THRESHOLD) { 219 121 struct path *path = (struct path *)&prep->payload.data[big_key_path]; 122 122 + 220 123 path_put(path); 221 221 - } else { 222 222 - kfree(prep->payload.data[big_key_data]); 223 124 } 125 125 + kfree(prep->payload.data[big_key_data]); 224 126 } 225 127 226 128 /* ··· 245 147 { 246 148 size_t datalen = (size_t)key->payload.data[big_key_len]; 247 149 248 248 - if (datalen) { 150 150 + if (datalen > BIG_KEY_FILE_THRESHOLD) { 249 151 struct path *path = (struct path *)&key->payload.data[big_key_path]; 152 152 + 250 153 path_put(path); 251 154 path->mnt = NULL; 252 155 path->dentry = NULL; 253 253 - } else { 254 254 - kfree(key->payload.data[big_key_data]); 255 255 - key->payload.data[big_key_data] = NULL; 256 156 } 157 157 + kfree(key->payload.data[big_key_data]); 158 158 + key->payload.data[big_key_data] = NULL; 257 159 } 258 160 259 161 /* ··· 286 188 if (datalen > BIG_KEY_FILE_THRESHOLD) { 287 189 struct path *path = (struct path *)&key->payload.data[big_key_path]; 288 190 struct file *file; 289 289 - loff_t pos; 191 191 + u8 *data; 192 192 + u8 *enckey = (u8 *)key->payload.data[big_key_data]; 193 193 + size_t enclen = ALIGN(datalen, crypto_blkcipher_blocksize(big_key_blkcipher)); 194 194 + 195 195 + data = kmalloc(enclen, GFP_KERNEL); 196 196 + if (!data) 197 197 + return -ENOMEM; 290 198 291 199 file = dentry_open(path, O_RDONLY, current_cred()); 292 292 - if (IS_ERR(file)) 293 293 - return PTR_ERR(file); 200 200 + if (IS_ERR(file)) { 201 201 + ret = PTR_ERR(file); 202 202 + goto error; 203 203 + } 294 204 295 295 - pos = 0; 296 296 - ret = vfs_read(file, buffer, datalen, &pos); 297 297 - fput(file); 298 298 - if (ret >= 0 && ret != datalen) 205 205 + /* read file to kernel and decrypt */ 206 206 + ret = kernel_read(file, 0, data, enclen); 207 207 + if (ret >= 0 && ret != enclen) { 299 208 ret = -EIO; 209 209 + goto err_fput; 210 210 + } 211 211 + 212 212 + ret = big_key_crypt(BIG_KEY_DEC, data, enclen, enckey); 213 213 + if (ret) 214 214 + goto err_fput; 215 215 + 216 216 + ret = datalen; 217 217 + 218 218 + /* copy decrypted data to user */ 219 219 + if (copy_to_user(buffer, data, datalen) != 0) 220 220 + ret = -EFAULT; 221 221 + 222 222 + err_fput: 223 223 + fput(file); 224 224 + error: 225 225 + kfree(data); 300 226 } else { 301 227 ret = datalen; 302 228 if (copy_to_user(buffer, key->payload.data[big_key_data], ··· 331 209 return ret; 332 210 } 333 211 212 212 + /* 213 213 + * Register key type 214 214 + */ 334 215 static int __init big_key_init(void) 335 216 { 336 217 return register_key_type(&key_type_big_key); 337 218 } 219 219 + 220 220 + /* 221 221 + * Initialize big_key crypto and RNG algorithms 222 222 + */ 223 223 + static int __init big_key_crypto_init(void) 224 224 + { 225 225 + int ret = -EINVAL; 226 226 + 227 227 + /* init RNG */ 228 228 + big_key_rng = crypto_alloc_rng(big_key_rng_name, 0, 0); 229 229 + if (IS_ERR(big_key_rng)) { 230 230 + big_key_rng = NULL; 231 231 + return -EFAULT; 232 232 + } 233 233 + 234 234 + /* seed RNG */ 235 235 + ret = crypto_rng_reset(big_key_rng, NULL, crypto_rng_seedsize(big_key_rng)); 236 236 + if (ret) 237 237 + goto error; 238 238 + 239 239 + /* init block cipher */ 240 240 + big_key_blkcipher = crypto_alloc_blkcipher(big_key_alg_name, 0, 0); 241 241 + if (IS_ERR(big_key_blkcipher)) { 242 242 + big_key_blkcipher = NULL; 243 243 + ret = -EFAULT; 244 244 + goto error; 245 245 + } 246 246 + 247 247 + return 0; 248 248 + 249 249 + error: 250 250 + crypto_free_rng(big_key_rng); 251 251 + big_key_rng = NULL; 252 252 + return ret; 253 253 + } 254 254 + 338 255 device_initcall(big_key_init); 256 256 + late_initcall(big_key_crypto_init);

+4

security/keys/compat.c

reviewed

··· 132 132 case KEYCTL_GET_PERSISTENT: 133 133 return keyctl_get_persistent(arg2, arg3); 134 134 135 135 + case KEYCTL_DH_COMPUTE: 136 136 + return keyctl_dh_compute(compat_ptr(arg2), compat_ptr(arg3), 137 137 + arg4); 138 138 + 135 139 default: 136 140 return -EOPNOTSUPP; 137 141 }

+160

security/keys/dh.c

reviewed

··· 1 1 + /* Crypto operations using stored keys 2 2 + * 3 3 + * Copyright (c) 2016, Intel Corporation 4 4 + * 5 5 + * This program is free software; you can redistribute it and/or 6 6 + * modify it under the terms of the GNU General Public License 7 7 + * as published by the Free Software Foundation; either version 8 8 + * 2 of the License, or (at your option) any later version. 9 9 + */ 10 10 + 11 11 + #include <linux/mpi.h> 12 12 + #include <linux/slab.h> 13 13 + #include <linux/uaccess.h> 14 14 + #include <keys/user-type.h> 15 15 + #include "internal.h" 16 16 + 17 17 + /* 18 18 + * Public key or shared secret generation function [RFC2631 sec 2.1.1] 19 19 + * 20 20 + * ya = g^xa mod p; 21 21 + * or 22 22 + * ZZ = yb^xa mod p; 23 23 + * 24 24 + * where xa is the local private key, ya is the local public key, g is 25 25 + * the generator, p is the prime, yb is the remote public key, and ZZ 26 26 + * is the shared secret. 27 27 + * 28 28 + * Both are the same calculation, so g or yb are the "base" and ya or 29 29 + * ZZ are the "result". 30 30 + */ 31 31 + static int do_dh(MPI result, MPI base, MPI xa, MPI p) 32 32 + { 33 33 + return mpi_powm(result, base, xa, p); 34 34 + } 35 35 + 36 36 + static ssize_t mpi_from_key(key_serial_t keyid, size_t maxlen, MPI *mpi) 37 37 + { 38 38 + struct key *key; 39 39 + key_ref_t key_ref; 40 40 + long status; 41 41 + ssize_t ret; 42 42 + 43 43 + key_ref = lookup_user_key(keyid, 0, KEY_NEED_READ); 44 44 + if (IS_ERR(key_ref)) { 45 45 + ret = -ENOKEY; 46 46 + goto error; 47 47 + } 48 48 + 49 49 + key = key_ref_to_ptr(key_ref); 50 50 + 51 51 + ret = -EOPNOTSUPP; 52 52 + if (key->type == &key_type_user) { 53 53 + down_read(&key->sem); 54 54 + status = key_validate(key); 55 55 + if (status == 0) { 56 56 + const struct user_key_payload *payload; 57 57 + 58 58 + payload = user_key_payload(key); 59 59 + 60 60 + if (maxlen == 0) { 61 61 + *mpi = NULL; 62 62 + ret = payload->datalen; 63 63 + } else if (payload->datalen <= maxlen) { 64 64 + *mpi = mpi_read_raw_data(payload->data, 65 65 + payload->datalen); 66 66 + if (*mpi) 67 67 + ret = payload->datalen; 68 68 + } else { 69 69 + ret = -EINVAL; 70 70 + } 71 71 + } 72 72 + up_read(&key->sem); 73 73 + } 74 74 + 75 75 + key_put(key); 76 76 + error: 77 77 + return ret; 78 78 + } 79 79 + 80 80 + long keyctl_dh_compute(struct keyctl_dh_params __user *params, 81 81 + char __user *buffer, size_t buflen) 82 82 + { 83 83 + long ret; 84 84 + MPI base, private, prime, result; 85 85 + unsigned nbytes; 86 86 + struct keyctl_dh_params pcopy; 87 87 + uint8_t *kbuf; 88 88 + ssize_t keylen; 89 89 + size_t resultlen; 90 90 + 91 91 + if (!params || (!buffer && buflen)) { 92 92 + ret = -EINVAL; 93 93 + goto out; 94 94 + } 95 95 + if (copy_from_user(&pcopy, params, sizeof(pcopy)) != 0) { 96 96 + ret = -EFAULT; 97 97 + goto out; 98 98 + } 99 99 + 100 100 + keylen = mpi_from_key(pcopy.prime, buflen, &prime); 101 101 + if (keylen < 0 || !prime) { 102 102 + /* buflen == 0 may be used to query the required buffer size, 103 103 + * which is the prime key length. 104 104 + */ 105 105 + ret = keylen; 106 106 + goto out; 107 107 + } 108 108 + 109 109 + /* The result is never longer than the prime */ 110 110 + resultlen = keylen; 111 111 + 112 112 + keylen = mpi_from_key(pcopy.base, SIZE_MAX, &base); 113 113 + if (keylen < 0 || !base) { 114 114 + ret = keylen; 115 115 + goto error1; 116 116 + } 117 117 + 118 118 + keylen = mpi_from_key(pcopy.private, SIZE_MAX, &private); 119 119 + if (keylen < 0 || !private) { 120 120 + ret = keylen; 121 121 + goto error2; 122 122 + } 123 123 + 124 124 + result = mpi_alloc(0); 125 125 + if (!result) { 126 126 + ret = -ENOMEM; 127 127 + goto error3; 128 128 + } 129 129 + 130 130 + kbuf = kmalloc(resultlen, GFP_KERNEL); 131 131 + if (!kbuf) { 132 132 + ret = -ENOMEM; 133 133 + goto error4; 134 134 + } 135 135 + 136 136 + ret = do_dh(result, base, private, prime); 137 137 + if (ret) 138 138 + goto error5; 139 139 + 140 140 + ret = mpi_read_buffer(result, kbuf, resultlen, &nbytes, NULL); 141 141 + if (ret != 0) 142 142 + goto error5; 143 143 + 144 144 + ret = nbytes; 145 145 + if (copy_to_user(buffer, kbuf, nbytes) != 0) 146 146 + ret = -EFAULT; 147 147 + 148 148 + error5: 149 149 + kfree(kbuf); 150 150 + error4: 151 151 + mpi_free(result); 152 152 + error3: 153 153 + mpi_free(private); 154 154 + error2: 155 155 + mpi_free(base); 156 156 + error1: 157 157 + mpi_free(prime); 158 158 + out: 159 159 + return ret; 160 160 + }

+12

security/keys/internal.h

reviewed

··· 15 15 #include <linux/sched.h> 16 16 #include <linux/key-type.h> 17 17 #include <linux/task_work.h> 18 18 + #include <linux/keyctl.h> 18 19 19 20 struct iovec; 20 21 ··· 253 252 extern unsigned persistent_keyring_expiry; 254 253 #else 255 254 static inline long keyctl_get_persistent(uid_t uid, key_serial_t destring) 255 255 + { 256 256 + return -EOPNOTSUPP; 257 257 + } 258 258 + #endif 259 259 + 260 260 + #ifdef CONFIG_KEY_DH_OPERATIONS 261 261 + extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *, 262 262 + size_t); 263 263 + #else 264 264 + static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params, 265 265 + char __user *buffer, size_t buflen) 256 266 { 257 267 return -EOPNOTSUPP; 258 268 }

+32 -10

security/keys/key.c

reviewed

··· 201 201 * @cred: The credentials specifying UID namespace. 202 202 * @perm: The permissions mask of the new key. 203 203 * @flags: Flags specifying quota properties. 204 204 + * @restrict_link: Optional link restriction method for new keyrings. 204 205 * 205 206 * Allocate a key of the specified type with the attributes given. The key is 206 207 * returned in an uninstantiated state and the caller needs to instantiate the ··· 224 223 */ 225 224 struct key *key_alloc(struct key_type *type, const char *desc, 226 225 kuid_t uid, kgid_t gid, const struct cred *cred, 227 227 - key_perm_t perm, unsigned long flags) 226 226 + key_perm_t perm, unsigned long flags, 227 227 + int (*restrict_link)(struct key *, 228 228 + const struct key_type *, 229 229 + const union key_payload *)) 228 230 { 229 231 struct key_user *user = NULL; 230 232 struct key *key; ··· 295 291 key->uid = uid; 296 292 key->gid = gid; 297 293 key->perm = perm; 294 294 + key->restrict_link = restrict_link; 298 295 299 296 if (!(flags & KEY_ALLOC_NOT_IN_QUOTA)) 300 297 key->flags |= 1 << KEY_FLAG_IN_QUOTA; 301 301 - if (flags & KEY_ALLOC_TRUSTED) 302 302 - key->flags |= 1 << KEY_FLAG_TRUSTED; 303 298 if (flags & KEY_ALLOC_BUILT_IN) 304 299 key->flags |= 1 << KEY_FLAG_BUILTIN; 305 300 ··· 499 496 } 500 497 501 498 if (keyring) { 499 499 + if (keyring->restrict_link) { 500 500 + ret = keyring->restrict_link(keyring, key->type, 501 501 + &prep.payload); 502 502 + if (ret < 0) 503 503 + goto error; 504 504 + } 502 505 ret = __key_link_begin(keyring, &key->index_key, &edit); 503 506 if (ret < 0) 504 507 goto error; ··· 560 551 awaken = 0; 561 552 ret = -EBUSY; 562 553 563 563 - if (keyring) 554 554 + if (keyring) { 555 555 + if (keyring->restrict_link) 556 556 + return -EPERM; 557 557 + 564 558 link_ret = __key_link_begin(keyring, &key->index_key, &edit); 559 559 + } 565 560 566 561 mutex_lock(&key_construction_mutex); 567 562 ··· 806 793 struct key *keyring, *key = NULL; 807 794 key_ref_t key_ref; 808 795 int ret; 796 796 + int (*restrict_link)(struct key *, 797 797 + const struct key_type *, 798 798 + const union key_payload *) = NULL; 809 799 810 800 /* look up the key type to see if it's one of the registered kernel 811 801 * types */ ··· 827 811 828 812 key_check(keyring); 829 813 814 814 + key_ref = ERR_PTR(-EPERM); 815 815 + if (!(flags & KEY_ALLOC_BYPASS_RESTRICTION)) 816 816 + restrict_link = keyring->restrict_link; 817 817 + 830 818 key_ref = ERR_PTR(-ENOTDIR); 831 819 if (keyring->type != &key_type_keyring) 832 820 goto error_put_type; ··· 839 819 prep.data = payload; 840 820 prep.datalen = plen; 841 821 prep.quotalen = index_key.type->def_datalen; 842 842 - prep.trusted = flags & KEY_ALLOC_TRUSTED; 843 822 prep.expiry = TIME_T_MAX; 844 823 if (index_key.type->preparse) { 845 824 ret = index_key.type->preparse(&prep); ··· 854 835 } 855 836 index_key.desc_len = strlen(index_key.description); 856 837 857 857 - key_ref = ERR_PTR(-EPERM); 858 858 - if (!prep.trusted && test_bit(KEY_FLAG_TRUSTED_ONLY, &keyring->flags)) 859 859 - goto error_free_prep; 860 860 - flags |= prep.trusted ? KEY_ALLOC_TRUSTED : 0; 838 838 + if (restrict_link) { 839 839 + ret = restrict_link(keyring, index_key.type, &prep.payload); 840 840 + if (ret < 0) { 841 841 + key_ref = ERR_PTR(ret); 842 842 + goto error_free_prep; 843 843 + } 844 844 + } 861 845 862 846 ret = __key_link_begin(keyring, &index_key, &edit); 863 847 if (ret < 0) { ··· 901 879 902 880 /* allocate a new key */ 903 881 key = key_alloc(index_key.type, index_key.description, 904 904 - cred->fsuid, cred->fsgid, cred, perm, flags); 882 882 + cred->fsuid, cred->fsgid, cred, perm, flags, NULL); 905 883 if (IS_ERR(key)) { 906 884 key_ref = ERR_CAST(key); 907 885 goto error_link_end;

+5

security/keys/keyctl.c

reviewed

··· 1686 1686 case KEYCTL_GET_PERSISTENT: 1687 1687 return keyctl_get_persistent((uid_t)arg2, (key_serial_t)arg3); 1688 1688 1689 1689 + case KEYCTL_DH_COMPUTE: 1690 1690 + return keyctl_dh_compute((struct keyctl_dh_params __user *) arg2, 1691 1691 + (char __user *) arg3, 1692 1692 + (size_t) arg4); 1693 1693 + 1689 1694 default: 1690 1695 return -EOPNOTSUPP; 1691 1696 }

+39 -7

security/keys/keyring.c

reviewed

··· 491 491 */ 492 492 struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid, 493 493 const struct cred *cred, key_perm_t perm, 494 494 - unsigned long flags, struct key *dest) 494 494 + unsigned long flags, 495 495 + int (*restrict_link)(struct key *, 496 496 + const struct key_type *, 497 497 + const union key_payload *), 498 498 + struct key *dest) 495 499 { 496 500 struct key *keyring; 497 501 int ret; 498 502 499 503 keyring = key_alloc(&key_type_keyring, description, 500 500 - uid, gid, cred, perm, flags); 504 504 + uid, gid, cred, perm, flags, restrict_link); 501 505 if (!IS_ERR(keyring)) { 502 506 ret = key_instantiate_and_link(keyring, NULL, 0, dest, NULL); 503 507 if (ret < 0) { ··· 513 509 return keyring; 514 510 } 515 511 EXPORT_SYMBOL(keyring_alloc); 512 512 + 513 513 + /** 514 514 + * restrict_link_reject - Give -EPERM to restrict link 515 515 + * @keyring: The keyring being added to. 516 516 + * @type: The type of key being added. 517 517 + * @payload: The payload of the key intended to be added. 518 518 + * 519 519 + * Reject the addition of any links to a keyring. It can be overridden by 520 520 + * passing KEY_ALLOC_BYPASS_RESTRICTION to key_instantiate_and_link() when 521 521 + * adding a key to a keyring. 522 522 + * 523 523 + * This is meant to be passed as the restrict_link parameter to 524 524 + * keyring_alloc(). 525 525 + */ 526 526 + int restrict_link_reject(struct key *keyring, 527 527 + const struct key_type *type, 528 528 + const union key_payload *payload) 529 529 + { 530 530 + return -EPERM; 531 531 + } 516 532 517 533 /* 518 534 * By default, we keys found by getting an exact match on their descriptions. ··· 1215 1191 up_write(&keyring->sem); 1216 1192 } 1217 1193 1194 1194 + /* 1195 1195 + * Check addition of keys to restricted keyrings. 1196 1196 + */ 1197 1197 + static int __key_link_check_restriction(struct key *keyring, struct key *key) 1198 1198 + { 1199 1199 + if (!keyring->restrict_link) 1200 1200 + return 0; 1201 1201 + return keyring->restrict_link(keyring, key->type, &key->payload); 1202 1202 + } 1203 1203 + 1218 1204 /** 1219 1205 * key_link - Link a key to a keyring 1220 1206 * @keyring: The keyring to make the link in. ··· 1255 1221 key_check(keyring); 1256 1222 key_check(key); 1257 1223 1258 1258 - if (test_bit(KEY_FLAG_TRUSTED_ONLY, &keyring->flags) && 1259 1259 - !test_bit(KEY_FLAG_TRUSTED, &key->flags)) 1260 1260 - return -EPERM; 1261 1261 - 1262 1224 ret = __key_link_begin(keyring, &key->index_key, &edit); 1263 1225 if (ret == 0) { 1264 1226 kdebug("begun {%d,%d}", keyring->serial, atomic_read(&keyring->usage)); 1265 1265 - ret = __key_link_check_live_key(keyring, key); 1227 1227 + ret = __key_link_check_restriction(keyring, key); 1228 1228 + if (ret == 0) 1229 1229 + ret = __key_link_check_live_key(keyring, key); 1266 1230 if (ret == 0) 1267 1231 __key_link(key, &edit); 1268 1232 __key_link_end(keyring, &key->index_key, edit);

+2 -2

security/keys/persistent.c

reviewed

··· 26 26 current_cred(), 27 27 ((KEY_POS_ALL & ~KEY_POS_SETATTR) | 28 28 KEY_USR_VIEW | KEY_USR_READ), 29 29 - KEY_ALLOC_NOT_IN_QUOTA, NULL); 29 29 + KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL); 30 30 if (IS_ERR(reg)) 31 31 return PTR_ERR(reg); 32 32 ··· 60 60 uid, INVALID_GID, current_cred(), 61 61 ((KEY_POS_ALL & ~KEY_POS_SETATTR) | 62 62 KEY_USR_VIEW | KEY_USR_READ), 63 63 - KEY_ALLOC_NOT_IN_QUOTA, 63 63 + KEY_ALLOC_NOT_IN_QUOTA, NULL, 64 64 ns->persistent_keyring_register); 65 65 if (IS_ERR(persistent)) 66 66 return ERR_CAST(persistent);

+10 -6

security/keys/process_keys.c

reviewed

··· 76 76 if (IS_ERR(uid_keyring)) { 77 77 uid_keyring = keyring_alloc(buf, user->uid, INVALID_GID, 78 78 cred, user_keyring_perm, 79 79 - KEY_ALLOC_IN_QUOTA, NULL); 79 79 + KEY_ALLOC_IN_QUOTA, 80 80 + NULL, NULL); 80 81 if (IS_ERR(uid_keyring)) { 81 82 ret = PTR_ERR(uid_keyring); 82 83 goto error; ··· 93 92 session_keyring = 94 93 keyring_alloc(buf, user->uid, INVALID_GID, 95 94 cred, user_keyring_perm, 96 96 - KEY_ALLOC_IN_QUOTA, NULL); 95 95 + KEY_ALLOC_IN_QUOTA, 96 96 + NULL, NULL); 97 97 if (IS_ERR(session_keyring)) { 98 98 ret = PTR_ERR(session_keyring); 99 99 goto error_release; ··· 136 134 137 135 keyring = keyring_alloc("_tid", new->uid, new->gid, new, 138 136 KEY_POS_ALL | KEY_USR_VIEW, 139 139 - KEY_ALLOC_QUOTA_OVERRUN, NULL); 137 137 + KEY_ALLOC_QUOTA_OVERRUN, 138 138 + NULL, NULL); 140 139 if (IS_ERR(keyring)) 141 140 return PTR_ERR(keyring); 142 141 ··· 183 180 184 181 keyring = keyring_alloc("_pid", new->uid, new->gid, new, 185 182 KEY_POS_ALL | KEY_USR_VIEW, 186 186 - KEY_ALLOC_QUOTA_OVERRUN, NULL); 183 183 + KEY_ALLOC_QUOTA_OVERRUN, 184 184 + NULL, NULL); 187 185 if (IS_ERR(keyring)) 188 186 return PTR_ERR(keyring); 189 187 ··· 235 231 236 232 keyring = keyring_alloc("_ses", cred->uid, cred->gid, cred, 237 233 KEY_POS_ALL | KEY_USR_VIEW | KEY_USR_READ, 238 238 - flags, NULL); 234 234 + flags, NULL, NULL); 239 235 if (IS_ERR(keyring)) 240 236 return PTR_ERR(keyring); 241 237 } else { ··· 789 785 keyring = keyring_alloc( 790 786 name, old->uid, old->gid, old, 791 787 KEY_POS_ALL | KEY_USR_VIEW | KEY_USR_READ | KEY_USR_LINK, 792 792 - KEY_ALLOC_IN_QUOTA, NULL); 788 788 + KEY_ALLOC_IN_QUOTA, NULL, NULL); 793 789 if (IS_ERR(keyring)) { 794 790 ret = PTR_ERR(keyring); 795 791 goto error2;

+2 -2

security/keys/request_key.c

reviewed

··· 116 116 cred = get_current_cred(); 117 117 keyring = keyring_alloc(desc, cred->fsuid, cred->fsgid, cred, 118 118 KEY_POS_ALL | KEY_USR_VIEW | KEY_USR_READ, 119 119 - KEY_ALLOC_QUOTA_OVERRUN, NULL); 119 119 + KEY_ALLOC_QUOTA_OVERRUN, NULL, NULL); 120 120 put_cred(cred); 121 121 if (IS_ERR(keyring)) { 122 122 ret = PTR_ERR(keyring); ··· 355 355 356 356 key = key_alloc(ctx->index_key.type, ctx->index_key.description, 357 357 ctx->cred->fsuid, ctx->cred->fsgid, ctx->cred, 358 358 - perm, flags); 358 358 + perm, flags, NULL); 359 359 if (IS_ERR(key)) 360 360 goto alloc_failed; 361 361

+1 -1

security/keys/request_key_auth.c

reviewed

··· 202 202 authkey = key_alloc(&key_type_request_key_auth, desc, 203 203 cred->fsuid, cred->fsgid, cred, 204 204 KEY_POS_VIEW | KEY_POS_READ | KEY_POS_SEARCH | 205 205 - KEY_USR_VIEW, KEY_ALLOC_NOT_IN_QUOTA); 205 205 + KEY_USR_VIEW, KEY_ALLOC_NOT_IN_QUOTA, NULL); 206 206 if (IS_ERR(authkey)) { 207 207 ret = PTR_ERR(authkey); 208 208 goto error_alloc;

+10 -30

security/keys/user_defined.c

reviewed

··· 96 96 */ 97 97 int user_update(struct key *key, struct key_preparsed_payload *prep) 98 98 { 99 99 - struct user_key_payload *upayload, *zap; 100 100 - size_t datalen = prep->datalen; 99 99 + struct user_key_payload *zap = NULL; 101 100 int ret; 102 101 103 103 - ret = -EINVAL; 104 104 - if (datalen <= 0 || datalen > 32767 || !prep->data) 105 105 - goto error; 106 106 - 107 107 - /* construct a replacement payload */ 108 108 - ret = -ENOMEM; 109 109 - upayload = kmalloc(sizeof(*upayload) + datalen, GFP_KERNEL); 110 110 - if (!upayload) 111 111 - goto error; 112 112 - 113 113 - upayload->datalen = datalen; 114 114 - memcpy(upayload->data, prep->data, datalen); 115 115 - 116 102 /* check the quota and attach the new data */ 117 117 - zap = upayload; 103 103 + ret = key_payload_reserve(key, prep->datalen); 104 104 + if (ret < 0) 105 105 + return ret; 118 106 119 119 - ret = key_payload_reserve(key, datalen); 120 120 - 121 121 - if (ret == 0) { 122 122 - /* attach the new data, displacing the old */ 123 123 - if (!test_bit(KEY_FLAG_NEGATIVE, &key->flags)) 124 124 - zap = key->payload.data[0]; 125 125 - else 126 126 - zap = NULL; 127 127 - rcu_assign_keypointer(key, upayload); 128 128 - key->expiry = 0; 129 129 - } 107 107 + /* attach the new data, displacing the old */ 108 108 + key->expiry = prep->expiry; 109 109 + if (!test_bit(KEY_FLAG_NEGATIVE, &key->flags)) 110 110 + zap = rcu_dereference_key(key); 111 111 + rcu_assign_keypointer(key, prep->payload.data[0]); 112 112 + prep->payload.data[0] = NULL; 130 113 131 114 if (zap) 132 115 kfree_rcu(zap, rcu); 133 133 - 134 134 - error: 135 116 return ret; 136 117 } 137 137 - 138 118 EXPORT_SYMBOL_GPL(user_update); 139 119 140 120 /*