Re: [PATCH v5 07/13] module: Move extra signature support out of core code

From: Michal Suchánek
Date: Wed Feb 09 2022 - 15:48:19 EST

Next message: Sean Christopherson: "Re: [PATCH v3 5/5] KVM: Do compatibility checks on hotplugged CPUs"
Previous message: Giovanni Cabiddu: "Re: [PATCH v1 1/1] crypto: qat - don't cast parameter in bit operations"
In reply to: Aaron Tomlin: "Re: [PATCH v5 09/13] module: Move kallsyms support into a separate file"
Next in thread: Aaron Tomlin: "Re: [PATCH v5 07/13] module: Move extra signature support out of core code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

On Wed, Feb 09, 2022 at 05:08:08PM +0000, Aaron Tomlin wrote:
> No functional change.

There is functional change.

> @@ -2565,70 +2542,6 @@ static inline void kmemleak_load_module(const struct module *mod,
> }
> #endif
>
> -#ifdef CONFIG_MODULE_SIG
> -static int module_sig_check(struct load_info *info, int flags)
> -{
> - int err = -ENODATA;
> - const unsigned long markerlen = sizeof(MODULE_SIG_STRING) - 1;
> - const char *reason;
> - const void *mod = info->hdr;
> - bool mangled_module = flags & (MODULE_INIT_IGNORE_MODVERSIONS |
> - MODULE_INIT_IGNORE_VERMAGIC);
> - /*
> - * Do not allow mangled modules as a module with version information
> - * removed is no longer the module that was signed.
> - */
> - if (!mangled_module &&
^^^^^^^^^^^^^
> - info->len > markerlen &&
> - memcmp(mod + info->len - markerlen, MODULE_SIG_STRING, markerlen) == 0) {
> - /* We truncate the module to discard the signature */
> - info->len -= markerlen;
> - err = mod_verify_sig(mod, info);
> - if (!err) {
> - info->sig_ok = true;
> - return 0;
> - }
> - }

> diff --git a/kernel/module/signing.c b/kernel/module/signing.c
> index 8aeb6d2ee94b..ff41541e982a 100644
> --- a/kernel/module/signing.c
> +++ b/kernel/module/signing.c

> @@ -43,3 +62,59 @@ int mod_verify_sig(const void *mod, struct load_info *info)
> VERIFYING_MODULE_SIGNATURE,
> NULL, NULL);
> }
> +
> +int module_sig_check(struct load_info *info, int flags)
> +{
> + int err = -ENODATA;
> + const unsigned long markerlen = sizeof(MODULE_SIG_STRING) - 1;
> + const char *reason;
> + const void *mod = info->hdr;
> +
> + /*
> + * Require flags == 0, as a module with version information
> + * removed is no longer the module that was signed
> + */
> + if (flags == 0 &&
^^^^^^

This reverts a97ac8cb24a3c3ad74794adb83717ef1605d1b47

Please re-apply.

Thanks

Michal
> + info->len > markerlen &&
> + memcmp(mod + info->len - markerlen, MODULE_SIG_STRING, markerlen) == 0) {
> + /* We truncate the module to discard the signature */
> + info->len -= markerlen;
> + err = mod_verify_sig(mod, info);
> + if (!err) {
> + info->sig_ok = true;
> + return 0;
> + }
> + }

Next message: Sean Christopherson: "Re: [PATCH v3 5/5] KVM: Do compatibility checks on hotplugged CPUs"
Previous message: Giovanni Cabiddu: "Re: [PATCH v1 1/1] crypto: qat - don't cast parameter in bit operations"
In reply to: Aaron Tomlin: "Re: [PATCH v5 09/13] module: Move kallsyms support into a separate file"
Next in thread: Aaron Tomlin: "Re: [PATCH v5 07/13] module: Move extra signature support out of core code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]