Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c818695c authored by Matthew Garrett's avatar Matthew Garrett Committed by Greg Kroah-Hartman
Browse files

evm: Don't deadlock if a crypto algorithm is unavailable 



[ Upstream commit e2861fa71641c6414831d628a1f4f793b6562580 ]

When EVM attempts to appraise a file signed with a crypto algorithm the
kernel doesn't have support for, it will cause the kernel to trigger a
module load. If the EVM policy includes appraisal of kernel modules this
will in turn call back into EVM - since EVM is holding a lock until the
crypto initialisation is complete, this triggers a deadlock. Add a
CRYPTO_NOLOAD flag and skip module loading if it's set, and add that flag
in the EVM case in order to fail gracefully with an error message
instead of deadlocking.

Signed-off-by: default avatarMatthew Garrett <mjg59@google.com>
Acked-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: default avatarMimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: default avatarSasha Levin <alexander.levin@microsoft.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent ef49d0e8

crypto/api.c

+1 −1
Original line number Diff line number Diff line
@@ -215,7 +215,7 @@ struct crypto_alg *crypto_larval_lookup(const char *name, u32 type, u32 mask) 
	mask &= ~(CRYPTO_ALG_LARVAL | CRYPTO_ALG_DEAD);



	alg = crypto_alg_lookup(name, type, mask);

	if (!alg) {

	if (!alg && !(mask & CRYPTO_NOLOAD)) {

		request_module("crypto-%s", name);



		if (!((type ^ CRYPTO_ALG_NEED_FALLBACK) & mask &

include/linux/crypto.h

+5 −0
Original line number Diff line number Diff line
@@ -111,6 +111,11 @@ 
 */

#define CRYPTO_ALG_OPTIONAL_KEY		0x00004000



/*

 * Don't trigger module loading

 */

#define CRYPTO_NOLOAD			0x00008000



/*

 * Transform masks and values (for crt_flags).

 */

security/integrity/evm/evm_crypto.c

+2 −1
Original line number Diff line number Diff line
@@ -94,7 +94,8 @@ static struct shash_desc *init_desc(char type) 
		mutex_lock(&mutex);

		if (*tfm)

			goto out;

		*tfm = crypto_alloc_shash(algo, 0, CRYPTO_ALG_ASYNC);

		*tfm = crypto_alloc_shash(algo, 0,

					  CRYPTO_ALG_ASYNC | CRYPTO_NOLOAD);

		if (IS_ERR(*tfm)) {

			rc = PTR_ERR(*tfm);

			pr_err("Can not allocate %s (reason: %ld)\n", algo, rc);