MODSIGN: Make shash allocation failure fatal

debian/changelog

@@ -1094,6 +1094,7 @@ linux (4.19.37-1) UNRELEASED; urgency=medium
     (CVE-2018-12929, CVE-2018-12930, CVE-2018-12931)
   * [x86] platform: Enable INTEL_ATOMISP2_PM as module
   * drivers/firmware/google: Adjust configuration for 4.19
+  * MODSIGN: Make shash allocation failure fatal
 
   [ YunQiang Su ]
   * [mips*r6] Re-enable CONFIG_JUMP_LABEL, which has been fixed in upstream.

debian/patches/features/all/db-mok-keyring/modsign-make-shash-allocation-failure-fatal.patch

@@ -0,0 +1,28 @@
+From: Ben Hutchings <ben@decadent.org.uk>
+Date: Sun, 05 May 2019 13:45:06 +0100
+Subject: MODSIGN: Make shash allocation failure fatal
+
+mod_is_hash_blacklisted() currently returns 0 (suceess) if
+crypto_alloc_shash() fails.  This should instead be a fatal error,
+so unwrap and pass up the error code.
+
+Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
+---
+--- a/kernel/module_signing.c
++++ b/kernel/module_signing.c
+@@ -51,11 +51,13 @@ static int mod_is_hash_blacklisted(const
+ 	struct shash_desc *desc;
+ 	size_t digest_size, desc_size;
+ 	u8 *digest;
+-	int ret = 0;
++	int ret;
+ 
+ 	tfm = crypto_alloc_shash("sha256", 0, 0);
+-	if (IS_ERR(tfm))
++	if (IS_ERR(tfm)) {
++		ret = PTR_ERR(tfm);
+ 		goto error_return;
++	}
+ 
+ 	desc_size = crypto_shash_descsize(tfm) + sizeof(*desc);
+ 	digest_size = crypto_shash_digestsize(tfm);

debian/patches/series

@@ -155,6 +155,7 @@ features/all/db-mok-keyring/0001-MODSIGN-do-not-load-mok-when-secure-boot-disabl
 features/all/db-mok-keyring/0002-MODSIGN-load-blacklist-from-MOKx.patch
 features/all/db-mok-keyring/0003-MODSIGN-checking-the-blacklisted-hash-before-loading-a-kernel-module.patch
 features/all/db-mok-keyring/0004-MODSIGN-check-the-attributes-of-db-and-mok.patch
+features/all/db-mok-keyring/modsign-make-shash-allocation-failure-fatal.patch
 
 # Security fixes
 debian/i386-686-pae-pci-set-pci-nobios-by-default.patch