Re: [PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA

On Mon, Feb 12, 2024 at 12:48 PM Stefan Berger stefanb@linux.ibm.com wrote:

On 1/15/24 13:18, Roberto Sassu wrote:

...

...

+/**

• • ima_kernel_module_request - Prevent crypto-pkcs1pad(rsa,*) requests
• • @kmod_name: kernel module name
• • We have situation, when public_key_verify_signature() in case of RSA > + * algorithm use alg_name to store internal information in order to
• • construct an algorithm on the fly, but crypto_larval_lookup() will try
• • to use alg_name in order to load kernel module with same name.
• • Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules,
• • we are safe to fail such module request from crypto_larval_lookup().
• • In this way we prevent modprobe execution during digsig verification
• • and avoid possible deadlock if modprobe and/or it's dependencies
• • also signed with digsig.

This text needs to some reformulation at some point..

There is no time like the present. If you have a suggestion I would love to hear it and I'm sure Roberto would too.