From 2c62d20848aa4861c6f367f80f8756be167af980 Mon Sep 17 00:00:00 2001 From: Ben Hutchings Date: Sun, 5 May 2019 13:47:00 +0100 Subject: [PATCH] MODSIGN: Make shash allocation failure fatal --- debian/changelog | 1 + ...-make-shash-allocation-failure-fatal.patch | 28 +++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 30 insertions(+) create mode 100644 debian/patches/features/all/db-mok-keyring/modsign-make-shash-allocation-failure-fatal.patch diff --git a/debian/changelog b/debian/changelog index d43cf7024..3b19e7a3d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1094,6 +1094,7 @@ linux (4.19.37-1) UNRELEASED; urgency=medium (CVE-2018-12929, CVE-2018-12930, CVE-2018-12931) * [x86] platform: Enable INTEL_ATOMISP2_PM as module * drivers/firmware/google: Adjust configuration for 4.19 + * MODSIGN: Make shash allocation failure fatal [ YunQiang Su ] * [mips*r6] Re-enable CONFIG_JUMP_LABEL, which has been fixed in upstream. diff --git a/debian/patches/features/all/db-mok-keyring/modsign-make-shash-allocation-failure-fatal.patch b/debian/patches/features/all/db-mok-keyring/modsign-make-shash-allocation-failure-fatal.patch new file mode 100644 index 000000000..2ae3ddde4 --- /dev/null +++ b/debian/patches/features/all/db-mok-keyring/modsign-make-shash-allocation-failure-fatal.patch @@ -0,0 +1,28 @@ +From: Ben Hutchings +Date: Sun, 05 May 2019 13:45:06 +0100 +Subject: MODSIGN: Make shash allocation failure fatal + +mod_is_hash_blacklisted() currently returns 0 (suceess) if +crypto_alloc_shash() fails. This should instead be a fatal error, +so unwrap and pass up the error code. + +Signed-off-by: Ben Hutchings +--- +--- a/kernel/module_signing.c ++++ b/kernel/module_signing.c +@@ -51,11 +51,13 @@ static int mod_is_hash_blacklisted(const + struct shash_desc *desc; + size_t digest_size, desc_size; + u8 *digest; +- int ret = 0; ++ int ret; + + tfm = crypto_alloc_shash("sha256", 0, 0); +- if (IS_ERR(tfm)) ++ if (IS_ERR(tfm)) { ++ ret = PTR_ERR(tfm); + goto error_return; ++ } + + desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); + digest_size = crypto_shash_digestsize(tfm); diff --git a/debian/patches/series b/debian/patches/series index f713f9f68..dcb83f1d9 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -155,6 +155,7 @@ features/all/db-mok-keyring/0001-MODSIGN-do-not-load-mok-when-secure-boot-disabl features/all/db-mok-keyring/0002-MODSIGN-load-blacklist-from-MOKx.patch features/all/db-mok-keyring/0003-MODSIGN-checking-the-blacklisted-hash-before-loading-a-kernel-module.patch features/all/db-mok-keyring/0004-MODSIGN-check-the-attributes-of-db-and-mok.patch +features/all/db-mok-keyring/modsign-make-shash-allocation-failure-fatal.patch # Security fixes debian/i386-686-pae-pci-set-pci-nobios-by-default.patch