[PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA

Paul Moore paul at paul-moore.com
Mon Feb 12 17:56:50 UTC 2024


On Mon, Feb 12, 2024 at 12:48 PM Stefan Berger <stefanb at linux.ibm.com> wrote:
> On 1/15/24 13:18, Roberto Sassu wrote:

...

> > +/**
> > + * ima_kernel_module_request - Prevent crypto-pkcs1pad(rsa,*) requests
> > + * @kmod_name: kernel module name
> > + *
> > + * We have situation, when public_key_verify_signature() in case of RSA > + * algorithm use alg_name to store internal information in order to
> > + * construct an algorithm on the fly, but crypto_larval_lookup() will try
> > + * to use alg_name in order to load kernel module with same name.
> > + * Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules,
> > + * we are safe to fail such module request from crypto_larval_lookup().
> > + *
> > + * In this way we prevent modprobe execution during digsig verification
> > + * and avoid possible deadlock if modprobe and/or it's dependencies
> > + * also signed with digsig.
>
> This text needs to some reformulation at some point..

There is no time like the present.  If you have a suggestion I would
love to hear it and I'm sure Roberto would too.

-- 
paul-moore.com



More information about the Linux-security-module-archive mailing list