| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <fd19f9d3-b01c-4cc8-9fd5-642350e7b36b@suse.com>
Date: Thu, 29 Jan 2026 15:44:31 +0100
From: Petr Pavlu <petr.pavlu@...e.com>
To: Thomas Weißschuh <linux@...ssschuh.net>
Cc: Nathan Chancellor <nathan@...nel.org>, Arnd Bergmann <arnd@...db.de>,
Luis Chamberlain <mcgrof@...nel.org>, Sami Tolvanen
<samitolvanen@...gle.com>, Daniel Gomez <da.gomez@...sung.com>,
Paul Moore <paul@...l-moore.com>, James Morris <jmorris@...ei.org>,
"Serge E. Hallyn" <serge@...lyn.com>, Jonathan Corbet <corbet@....net>,
Madhavan Srinivasan <maddy@...ux.ibm.com>,
Michael Ellerman <mpe@...erman.id.au>, Nicholas Piggin <npiggin@...il.com>,
Naveen N Rao <naveen@...nel.org>, Mimi Zohar <zohar@...ux.ibm.com>,
Roberto Sassu <roberto.sassu@...wei.com>,
Dmitry Kasatkin <dmitry.kasatkin@...il.com>,
Eric Snowberg <eric.snowberg@...cle.com>,
Nicolas Schier <nicolas.schier@...ux.dev>, Daniel Gomez
<da.gomez@...nel.org>, Aaron Tomlin <atomlin@...mlin.com>,
"Christophe Leroy (CS GROUP)" <chleroy@...nel.org>,
Nicolas Schier <nsc@...nel.org>,
Nicolas Bouchinet <nicolas.bouchinet@....cyber.gouv.fr>,
Xiu Jianfeng <xiujianfeng@...wei.com>,
Fabian Grünbichler <f.gruenbichler@...xmox.com>,
Arnout Engelen <arnout@...t.net>, Mattia Rizzolo <mattia@...reri.org>,
kpcyrd <kpcyrd@...hlinux.org>, Christian Heusel <christian@...sel.eu>,
Câju Mihai-Drosi <mcaju95@...il.com>,
Sebastian Andrzej Siewior <bigeasy@...utronix.de>,
linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-arch@...r.kernel.org, linux-modules@...r.kernel.org,
linux-security-module@...r.kernel.org, linux-doc@...r.kernel.org,
linuxppc-dev@...ts.ozlabs.org, linux-integrity@...r.kernel.org
Subject: Re: [PATCH v4 13/17] module: Report signature type to users
On 1/13/26 1:28 PM, Thomas Weißschuh wrote:
> The upcoming CONFIG_MODULE_HASHES will introduce a signature type.
> This needs to be handled by callers differently than PKCS7 signatures.
>
> Report the signature type to the caller and let them verify it.
>
> Signed-off-by: Thomas Weißschuh <linux@...ssschuh.net>
> ---
> [...]
> diff --git a/kernel/module/main.c b/kernel/module/main.c
> index d65bc300a78c..2a28a0ece809 100644
> --- a/kernel/module/main.c
> +++ b/kernel/module/main.c
> @@ -3348,19 +3348,24 @@ static int module_integrity_check(struct load_info *info, int flags)
> {
> bool mangled_module = flags & (MODULE_INIT_IGNORE_MODVERSIONS |
> MODULE_INIT_IGNORE_VERMAGIC);
> + enum pkey_id_type sig_type;
> size_t sig_len;
> const u8 *sig;
> int err = 0;
>
> if (IS_ENABLED(CONFIG_MODULE_SIG_POLICY)) {
> err = mod_split_sig(info->hdr, &info->len, mangled_module,
> - &sig_len, &sig, "module");
> + &sig_type, &sig_len, &sig, "module");
> if (err)
> return err;
> }
>
> - if (IS_ENABLED(CONFIG_MODULE_SIG))
> + if (IS_ENABLED(CONFIG_MODULE_SIG) && sig_type == PKEY_ID_PKCS7) {
> err = module_sig_check(info, sig, sig_len);
> + } else {
> + pr_err("module: not signed with expected PKCS#7 message\n");
> + err = -ENOPKG;
> + }
The new else branch means that if the user chooses not to configure any
module integrity policy, they will no longer be able to load any
modules. I think this entire if-else part should be moved under the
IS_ENABLED(CONFIG_MODULE_SIG_POLICY) block above, as I'm mentioning on
patch #12.
--
Thanks,
Petr
Powered by blists - more mailing lists