1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
|
// SPDX-License-Identifier: GPL-2.0-or-later
/* System hash blacklist.
*
* Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
* Written by David Howells (dhowells@redhat.com)
*/
#define pr_fmt(fmt) "blacklist: "fmt
#include <linux/module.h>
#include <linux/slab.h>
#include <linux/key.h>
#include <linux/key-type.h>
#include <linux/sched.h>
#include <linux/ctype.h>
#include <linux/err.h>
#include <linux/seq_file.h>
#include <linux/uidgid.h>
#include <linux/verification.h>
#include <keys/system_keyring.h>
#include "blacklist.h"
#include "common.h"
/*
* According to crypto/asymmetric_keys/x509_cert_parser.c:x509_note_pkey_algo(),
* the size of the currently longest supported hash algorithm is 512 bits,
* which translates into 128 hex characters.
*/
#define MAX_HASH_LEN 128
#define BLACKLIST_KEY_PERM (KEY_POS_SEARCH | KEY_POS_VIEW | \
KEY_USR_SEARCH | KEY_USR_VIEW)
static const char tbs_prefix[] = "tbs";
static const char bin_prefix[] = "bin";
static struct key *blacklist_keyring;
#ifdef CONFIG_SYSTEM_REVOCATION_LIST
extern __initconst const u8 revocation_certificate_list[];
extern __initconst const unsigned long revocation_certificate_list_size;
#endif
/*
* The description must be a type prefix, a colon and then an even number of
* hex digits. The hash is kept in the description.
*/
static int blacklist_vet_description(const char *desc)
{
int i, prefix_len, tbs_step = 0, bin_step = 0;
/* The following algorithm only works if prefix lengths match. */
BUILD_BUG_ON(sizeof(tbs_prefix) != sizeof(bin_prefix));
prefix_len = sizeof(tbs_prefix) - 1;
for (i = 0; *desc; desc++, i++) {
if (*desc == ':') {
if (tbs_step == prefix_len)
goto found_colon;
if (bin_step == prefix_len)
goto found_colon;
return -EINVAL;
}
if (i >= prefix_len)
return -EINVAL;
if (*desc == tbs_prefix[i])
tbs_step++;
if (*desc == bin_prefix[i])
bin_step++;
}
return -EINVAL;
found_colon:
desc++;
for (i = 0; *desc && i < MAX_HASH_LEN; desc++, i++) {
if (!isxdigit(*desc) || isupper(*desc))
return -EINVAL;
}
if (*desc)
/* The hash is greater than MAX_HASH_LEN. */
return -ENOPKG;
/* Checks for an even number of hexadecimal characters. */
if (i == 0 || i & 1)
return -EINVAL;
return 0;
}
static int blacklist_key_instantiate(struct key *key,
struct key_preparsed_payload *prep)
{
#ifdef CONFIG_SYSTEM_BLACKLIST_AUTH_UPDATE
int err;
#endif
/* Sets safe default permissions for keys loaded by user space. */
key->perm = BLACKLIST_KEY_PERM;
/*
* Skips the authentication step for builtin hashes, they are not
* signed but still trusted.
*/
if (key->flags & (1 << KEY_FLAG_BUILTIN))
goto out;
#ifdef CONFIG_SYSTEM_BLACKLIST_AUTH_UPDATE
/*
* Verifies the description's PKCS#7 signature against the builtin
* trusted keyring.
*/
err = verify_pkcs7_signature(key->description,
strlen(key->description), prep->data, prep->datalen,
NULL, VERIFYING_UNSPECIFIED_SIGNATURE, NULL, NULL);
if (err)
return err;
#else
/*
* It should not be possible to come here because the keyring doesn't
* have KEY_USR_WRITE and the only other way to call this function is
* for builtin hashes.
*/
WARN_ON_ONCE(1);
return -EPERM;
#endif
out:
return generic_key_instantiate(key, prep);
}
static int blacklist_key_update(struct key *key,
struct key_preparsed_payload *prep)
{
return -EPERM;
}
static void blacklist_describe(const struct key *key, struct seq_file *m)
{
seq_puts(m, key->description);
}
static struct key_type key_type_blacklist = {
.name = "blacklist",
.vet_description = blacklist_vet_description,
.instantiate = blacklist_key_instantiate,
.update = blacklist_key_update,
.describe = blacklist_describe,
};
static char *get_raw_hash(const u8 *hash, size_t hash_len,
enum blacklist_hash_type hash_type)
{
size_t type_len;
const char *type_prefix;
char *buffer, *p;
switch (hash_type) {
case BLACKLIST_HASH_X509_TBS:
type_len = sizeof(tbs_prefix) - 1;
type_prefix = tbs_prefix;
break;
case BLACKLIST_HASH_BINARY:
type_len = sizeof(bin_prefix) - 1;
type_prefix = bin_prefix;
break;
default:
WARN_ON_ONCE(1);
return ERR_PTR(-EINVAL);
}
buffer = kmalloc(type_len + 1 + hash_len * 2 + 1, GFP_KERNEL);
if (!buffer)
return ERR_PTR(-ENOMEM);
p = memcpy(buffer, type_prefix, type_len);
p += type_len;
*p++ = ':';
bin2hex(p, hash, hash_len);
p += hash_len * 2;
*p = '\0';
return buffer;
}
/**
* mark_raw_hash_blacklisted - Add a hash to the system blacklist
* @hash: The hash as a hex string with a type prefix (eg. "tbs:23aa429783")
*/
static int mark_raw_hash_blacklisted(const char *hash)
{
key_ref_t key;
key = key_create_or_update(make_key_ref(blacklist_keyring, true),
"blacklist",
hash,
NULL,
0,
BLACKLIST_KEY_PERM,
KEY_ALLOC_NOT_IN_QUOTA |
KEY_ALLOC_BUILT_IN);
if (IS_ERR(key)) {
pr_err("Problem blacklisting hash (%ld)\n", PTR_ERR(key));
return PTR_ERR(key);
}
return 0;
}
int mark_hash_blacklisted(const u8 *hash, size_t hash_len,
enum blacklist_hash_type hash_type)
{
const char *buffer;
int err;
buffer = get_raw_hash(hash, hash_len, hash_type);
if (IS_ERR(buffer))
return PTR_ERR(buffer);
err = mark_raw_hash_blacklisted(buffer);
kfree(buffer);
return err;
}
/**
* is_hash_blacklisted - Determine if a hash is blacklisted
* @hash: The hash to be checked as a binary blob
* @hash_len: The length of the binary hash
* @hash_type: Type of hash
*/
int is_hash_blacklisted(const u8 *hash, size_t hash_len,
enum blacklist_hash_type hash_type)
{
key_ref_t kref;
const char *buffer;
int ret = 0;
buffer = get_raw_hash(hash, hash_len, hash_type);
if (IS_ERR(buffer))
return PTR_ERR(buffer);
kref = keyring_search(make_key_ref(blacklist_keyring, true),
&key_type_blacklist, buffer, false);
if (!IS_ERR(kref)) {
key_ref_put(kref);
ret = -EKEYREJECTED;
}
kfree(buffer);
return ret;
}
EXPORT_SYMBOL_GPL(is_hash_blacklisted);
int is_binary_blacklisted(const u8 *hash, size_t hash_len)
{
if (is_hash_blacklisted(hash, hash_len, BLACKLIST_HASH_BINARY) ==
-EKEYREJECTED)
return -EPERM;
return 0;
}
EXPORT_SYMBOL_GPL(is_binary_blacklisted);
#ifdef CONFIG_SYSTEM_REVOCATION_LIST
/**
* add_key_to_revocation_list - Add a revocation certificate to the blacklist
* @data: The data blob containing the certificate
* @size: The size of data blob
*/
int add_key_to_revocation_list(const char *data, size_t size)
{
key_ref_t key;
key = key_create_or_update(make_key_ref(blacklist_keyring, true),
"asymmetric",
NULL,
data,
size,
KEY_POS_VIEW | KEY_POS_READ | KEY_POS_SEARCH
| KEY_USR_VIEW,
KEY_ALLOC_NOT_IN_QUOTA | KEY_ALLOC_BUILT_IN
| KEY_ALLOC_BYPASS_RESTRICTION);
if (IS_ERR(key)) {
pr_err("Problem with revocation key (%ld)\n", PTR_ERR(key));
return PTR_ERR(key);
}
return 0;
}
/**
* is_key_on_revocation_list - Determine if the key for a PKCS#7 message is revoked
* @pkcs7: The PKCS#7 message to check
*/
int is_key_on_revocation_list(struct pkcs7_message *pkcs7)
{
int ret;
ret = pkcs7_validate_trust(pkcs7, blacklist_keyring);
if (ret == 0)
return -EKEYREJECTED;
return -ENOKEY;
}
#endif
static int restrict_link_for_blacklist(struct key *dest_keyring,
const struct key_type *type, const union key_payload *payload,
struct key *restrict_key)
{
if (type == &key_type_blacklist)
return 0;
return -EOPNOTSUPP;
}
/*
* Initialise the blacklist
*
* The blacklist_init() function is registered as an initcall via
* device_initcall(). As a result if the blacklist_init() function fails for
* any reason the kernel continues to execute. While cleanly returning -ENODEV
* could be acceptable for some non-critical kernel parts, if the blacklist
* keyring fails to load it defeats the certificate/key based deny list for
* signed modules. If a critical piece of security functionality that users
* expect to be present fails to initialize, panic()ing is likely the right
* thing to do.
*/
static int __init blacklist_init(void)
{
const char *const *bl;
struct key_restriction *restriction;
if (register_key_type(&key_type_blacklist) < 0)
panic("Can't allocate system blacklist key type\n");
restriction = kzalloc(sizeof(*restriction), GFP_KERNEL);
if (!restriction)
panic("Can't allocate blacklist keyring restriction\n");
restriction->check = restrict_link_for_blacklist;
blacklist_keyring =
keyring_alloc(".blacklist",
GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, current_cred(),
KEY_POS_VIEW | KEY_POS_READ | KEY_POS_SEARCH |
KEY_POS_WRITE |
KEY_USR_VIEW | KEY_USR_READ | KEY_USR_SEARCH
#ifdef CONFIG_SYSTEM_BLACKLIST_AUTH_UPDATE
| KEY_USR_WRITE
#endif
, KEY_ALLOC_NOT_IN_QUOTA |
KEY_ALLOC_SET_KEEP,
restriction, NULL);
if (IS_ERR(blacklist_keyring))
panic("Can't allocate system blacklist keyring\n");
for (bl = blacklist_hashes; *bl; bl++)
if (mark_raw_hash_blacklisted(*bl) < 0)
pr_err("- blacklisting failed\n");
return 0;
}
/*
* Must be initialised before we try and load the keys into the keyring.
*/
device_initcall(blacklist_init);
#ifdef CONFIG_SYSTEM_REVOCATION_LIST
/*
* Load the compiled-in list of revocation X.509 certificates.
*/
static __init int load_revocation_certificate_list(void)
{
if (revocation_certificate_list_size)
pr_notice("Loading compiled-in revocation X.509 certificates\n");
return load_certificate_list(revocation_certificate_list, revocation_certificate_list_size,
blacklist_keyring);
}
late_initcall(load_revocation_certificate_list);
#endif
|