[PATCH] module: fix signature check failures when using in-kernel decompression

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Dmitry Torokhov <dmitry.torokhov@gmail.com>
To: Luis Chamberlain <mcgrof@kernel.org>
Cc: Jessica Yu <jeyu@kernel.org>, linux-kernel@vger.kernel.org
Subject: [PATCH] module: fix signature check failures when using in-kernel decompression
Date: Thu, 13 Jan 2022 16:51:52 -0800	[thread overview]
Message-ID: <YeDJKNTYVu/Fe9VS@google.com> (raw)

The new flag MODULE_INIT_COMPRESSED_FILE unintentionally trips check in
module_sig_check(). The check was supposed to catch case when version
info or magic was removed from a signed module, making signature
invalid, but it was coded too broadly and was catching this new flag as
well.

Change the check to only test the 2 particular flags affecting signature
validity.

Fixes: b1ae6dc41eaa ("module: add in-kernel support for decompressing")
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
---
 kernel/module.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/kernel/module.c b/kernel/module.c
index 201398d58079..24dab046e16c 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -2883,12 +2883,13 @@ static int module_sig_check(struct load_info *info, int flags)
 	const unsigned long markerlen = sizeof(MODULE_SIG_STRING) - 1;
 	const char *reason;
 	const void *mod = info->hdr;
-
+	bool mangled_module = flags & (MODULE_INIT_IGNORE_MODVERSIONS |
+				       MODULE_INIT_IGNORE_VERMAGIC);
 	/*
-	 * Require flags == 0, as a module with version information
-	 * removed is no longer the module that was signed
+	 * Do not allow mangled modules as a module with version information
+	 * removed is no longer the module that was signed.
 	 */
-	if (flags == 0 &&
+	if (!mangled_module &&
 	    info->len > markerlen &&
 	    memcmp(mod + info->len - markerlen, MODULE_SIG_STRING, markerlen) == 0) {
 		/* We truncate the module to discard the signature */
-- 
2.34.1.703.g22d0c6ccf7-goog


-- 
Dmitry

next             reply	other threads:[~2022-01-14  0:52 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-01-14  0:51 Dmitry Torokhov [this message]
2022-01-14 16:12 ` [PATCH] module: fix signature check failures when using in-kernel decompression Doug Anderson
2022-01-14 17:43 ` Luis Chamberlain

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:201398d5807 dfblob:24dab046e16 )
 OR (
bs:"[PATCH] module: fix signature check failures when using in-kernel decompression" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YeDJKNTYVu/Fe9VS@google.com \
    --to=dmitry.torokhov@gmail.com \
    --cc=jeyu@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mcgrof@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.