Re: IMA: Deadlock in ima_appraise_measurement when /bin/kmod carries a digsig in security.evm

[Mimi Zohar <zohar@linux.vnet.ibm.com>]

On Fri, 2018-06-22 at 15:48 -0400, Mimi Zohar wrote:
> On Wed, 2018-06-20 at 12:53 +0200, Matthias Gerstner wrote:
> > Hello Mimi,
> > 
> > > Somehow I missed it.  A more generic patch is currently queued, which
> > > should resolve this problem as well.  Please try commit fdc33c29b022
> > > ("evm: Don't deadlock if a crypto algorithm is unavailable") in the
> > > next-integrity-queued branch.
> > 
> > thank you for helping me out. I tried that patch but it does no fix the
> > issue completely. It still ends up in a deadlock. As you can see from
> > the backtrace attached below the call to public_key_verify_signature()
> > still causes a deadlock, since there is the following call in it:
> > 
> >     tfm = crypto_alloc_akcipher(alg_name, 0, 0);
> > 
> > Passing CRYPTO_NOLOAD here does fix the deadlock for me, but I fear that
> > won't be an option and the interface needs to be extended to pass flags?
> 
> I'm having a hard time reproducing this bug.  Too many different
> permutations of EVM/IMA keys, signatures, and kernel modules.  Is the
> problem loading the crypto algorithm, itself, built as a kernel module
> (eg. insmod/modprobe - If so, which syscall is being used?)  Or is the
> problem accessing a file signed by an algorithm built as a kernel
> module.

I'm now able to reproduce the bug.

> Mikhail, I'm really sorry for not seeing the patch.  I must have been
> dropped from the sf mailing list and didn't notice.  I was only seeing
> posts when Cc'ed on them.
> 
> Matthias, does Mikhail's patch fix this problem?

Mikhail's patch does resolve it.

Mimi