[PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA
Paul Moore
paul at paul-moore.com
Mon Feb 12 17:56:50 UTC 2024
On Mon, Feb 12, 2024 at 12:48 PM Stefan Berger <stefanb at linux.ibm.com> wrote:
> On 1/15/24 13:18, Roberto Sassu wrote:
...
> > +/**
> > + * ima_kernel_module_request - Prevent crypto-pkcs1pad(rsa,*) requests
> > + * @kmod_name: kernel module name
> > + *
> > + * We have situation, when public_key_verify_signature() in case of RSA > + * algorithm use alg_name to store internal information in order to
> > + * construct an algorithm on the fly, but crypto_larval_lookup() will try
> > + * to use alg_name in order to load kernel module with same name.
> > + * Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules,
> > + * we are safe to fail such module request from crypto_larval_lookup().
> > + *
> > + * In this way we prevent modprobe execution during digsig verification
> > + * and avoid possible deadlock if modprobe and/or it's dependencies
> > + * also signed with digsig.
>
> This text needs to some reformulation at some point..
There is no time like the present. If you have a suggestion I would
love to hear it and I'm sure Roberto would too.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list