From: David Howells Subject: Re: [PATCH 1/1] x509: only prefix strip raw serial numbers Date: Wed, 16 Sep 2015 23:29:27 +0100 Message-ID: <24348.1442442567@warthog.procyon.org.uk> References: <1442218417-24897-1-git-send-email-apw@canonical.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8BIT Cc: dhowells@redhat.com, Herbert Xu , arjan@linux.intel.com, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org To: Andy Whitcroft Return-path: Received: from mx1.redhat.com ([209.132.183.28]:35496 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752252AbbIPW3c convert rfc822-to-8bit (ORCPT ); Wed, 16 Sep 2015 18:29:32 -0400 In-Reply-To: <1442218417-24897-1-git-send-email-apw@canonical.com> Content-ID: <24347.1442442567.1@warthog.procyon.org.uk> Sender: linux-crypto-owner@vger.kernel.org List-ID: Hi Andy, Okay, it seems that the 00-stripping you pointed out is the problem. Does this patch fix it? Note that patch won't necessarily apply post-4.2. David --- commit fefc5570aa2c88985f62f0f3335428c867103763 Author: David Howells Date: Wed Sep 16 23:10:24 2015 +0100 MODSIGN: Don't strip leading 00's from key ID when constructing key description Don't strip leading zeros from the crypto key ID when using it to construct the struct key description as the signature in kernels up to and including 4.2 matched this aspect of the key. This means that 1 in 256 keys won't actually match if their key ID begins with 00. The key ID is stored in the module signature as binary and so must be converted to text in order to invoke request_key() - but it isn't stripped at this point. Something like this is likely to be observed in dmesg when the key is loaded: [ 1.572423] Loaded X.509 cert 'Build time autogenerated kernel key: 62a7c3d2da278be024da4af8652c071f3fea33' followed by this when we try and use it: [ 1.646153] Request for unknown module key 'Build time autogenerated kernel key: 0062a7c3d2da278be024da4af8652c071f3fea33' err -11 The 'Loaded' line should show an extra '00' on the front of the hex string. This problem should not affect 4.3-rc1 and onwards because there the key should be matched on one of its auxiliary identities rather than the key struct's description string. Reported-by: Arjan van de Ven Reported-by: Andy Whitcroft Signed-off-by: David Howells diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index 24f17e6c5904..4c850ac474e2 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -307,10 +307,6 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) srlen = cert->raw_serial_size; q = cert->raw_serial; } - if (srlen > 1 && *q == 0) { - srlen--; - q++; - } ret = -ENOMEM; desc = kmalloc(sulen + 2 + srlen * 2 + 1, GFP_KERNEL);