Blame view
kernel/module_signing.c
1.06 KB
b4d0d230c
|
1 |
// SPDX-License-Identifier: GPL-2.0-or-later |
106a4ee25
|
2 3 4 5 |
/* Module signature checker * * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. * Written by David Howells (dhowells@redhat.com) |
106a4ee25
|
6 7 8 |
*/ #include <linux/kernel.h> |
146aa8b14
|
9 |
#include <linux/errno.h> |
c8424e776
|
10 11 |
#include <linux/module.h> #include <linux/module_signature.h> |
89053aa9c
|
12 |
#include <linux/string.h> |
a511e1af8
|
13 |
#include <linux/verification.h> |
3f1e1bea3
|
14 |
#include <crypto/public_key.h> |
106a4ee25
|
15 |
#include "module-internal.h" |
48ba2462a
|
16 |
/* |
106a4ee25
|
17 18 |
* Verify the signature on a module. */ |
f314dfea1
|
19 |
int mod_verify_sig(const void *mod, struct load_info *info) |
106a4ee25
|
20 |
{ |
48ba2462a
|
21 |
struct module_signature ms; |
f314dfea1
|
22 |
size_t sig_len, modlen = info->len; |
c8424e776
|
23 |
int ret; |
48ba2462a
|
24 |
|
0390c8835
|
25 26 |
pr_devel("==>%s(,%zu) ", __func__, modlen); |
48ba2462a
|
27 |
|
caabe2405
|
28 |
if (modlen <= sizeof(ms)) |
48ba2462a
|
29 |
return -EBADMSG; |
caabe2405
|
30 |
memcpy(&ms, mod + (modlen - sizeof(ms)), sizeof(ms)); |
c8424e776
|
31 32 33 34 |
ret = mod_check_sig(&ms, modlen, info->name); if (ret) return ret; |
48ba2462a
|
35 36 |
sig_len = be32_to_cpu(ms.sig_len); |
c8424e776
|
37 |
modlen -= sig_len + sizeof(ms); |
f314dfea1
|
38 |
info->len = modlen; |
48ba2462a
|
39 |
|
e68503bd6
|
40 |
return verify_pkcs7_signature(mod, modlen, mod + modlen, sig_len, |
e84cd7ee6
|
41 42 |
VERIFY_USE_SECONDARY_KEYRING, VERIFYING_MODULE_SIGNATURE, |
e68503bd6
|
43 |
NULL, NULL); |
106a4ee25
|
44 |
} |