Thread (4 messages) 4 messages, 2 authors, 2018-01-31

Re: modinfo shows md4 signature instead of sha256

From: Yauheni Kaliuta <hidden>
Date: 2018-01-31 21:06:19 

quoted
quoted
quoted
quoted
On Wed, 31 Jan 2018 22:39:42 +0200, Yauheni Kaliuta  wrote:
 > Hi, Lucas!
 > This is a better bugreport
 > https://bugzilla.redhat.com/show_bug.cgi?id=1320921 

 > I have a proof of concept realization of PKCS#7 parser based on the kernel

"implementation" of course :)

 > code, but haven't synced the further work with David yet.

quoted
quoted
quoted
quoted
On Wed, 31 Jan 2018 09:40:47 -0800, Lucas De Marchi  wrote:
 >> Now really CC Yauheni.
 >> On Wed, Jan 31, 2018 at 9:39 AM, Lucas De Marchi
 >> [off-list ref] wrote:
 >>> Hi Ferry,
 >>> 
 >>> CC'ing mailing list and Yauheni who worked on fixing modinfo output in
 >>> the last release.
 >>> 
 >>> 
 >>> On Wed, Jan 31, 2018 at 1:23 AM, Ferry van Steen
 >>> [off-list ref] wrote:
 >>>> Hi,
 >>>> 
 >>>> 
 >>>> sorry, not sure where to file this. There seems to be a bug in either the
 >>>> kernel signing modules with a wrong signature algorithm, or modinfo is
 >>>> reporting it incorrectly. I presume it's the latter.
 >>>> 
 >>>> 
 >>>> More details are here: https://bugzilla.redhat.com/show_bug.cgi?id=1490975
 >>> 
 >>> Not showing the output on older versions is a known issue: support for
 >>> PKCS#7 sig type was
 >>> only added to kmod in v23.
 >>> 
 >>> Now for the incorrect info, the problem appears to be in the kernel
 >>> implementation:
 >>> it appends a PKCS#7, but doens't fill out the struct module_signature
 >>> correctly. So in F27 I get this from, e.g.
 >>> soundcore.ko:
 >>> 
 >>> $ xxd -c 8 -g 1 mod.ko | tail -n6
 >>> 00004d80: b9 d5 04 00 00 02 00 00  ........   <<<<<<
 >>> 00004d88: 00 00 00 00 00 02 d3 7e  .......~
 >>> 00004d90: 4d 6f 64 75 6c 65 20 73  Module s
 >>> 00004d98: 69 67 6e 61 74 75 72 65  ignature
 >>> 00004da0: 20 61 70 70 65 6e 64 65   appende
 >>> 00004da8: 64 7e 0a                 d~.
 >>> 
 >>> See line marked above. It should match a struct module_signature. So:
 >>> id_type == 0x2 // PKCS7
 >>> hash == 0 // md4
 >>> algo == 0 // dsa
 >>> 
 >>> Looking at scripts/sign-file.c, indeed id_type is the only field that
 >>> is filled out.
 >>> CC'ing  David Howells as well. Any input here?
 >>> 
 >>> Lucas De Marchi
 >>> 
 >>>> 
 >>>> 
 >>>> Thanks in advance and kind regards,
 >>>> 
 >>>> 
 >>>> Ferry van Steen
 >>>> Linux Developer
 >>>> Ferry.van.Steen@Citrus.nl
 >>>> 
 >>>> Citrus Software
 >>>> ●  Almystraat 10A
 >>>> ●  5061 PA Oisterwijk
 >>>> ●  +31 (0)13 - 529 91 55
 >>>> ●  www.citrus.nl
 >>>> ______________________________________________________
 >>>> 
 >>>> This message may contain confidential or privileged information. If you are
 >>>> not the addressee, please notify the sender and delete it from your files.
 >>>> Please consider the environmental impact before printing this e-mail.
 >>>> 
 >>> 
 >>> 
 >>> 
 >>> --
 >>> Lucas De Marchi



 >> -- 
 >> Lucas De Marchi

 > -- 
 > WBR,
 > Yauheni Kaliuta
 > --
 > To unsubscribe from this list: send the line "unsubscribe linux-modules" in
 > the body of a message to majordomo@vger.kernel.org
 > More majordomo info at  http://vger.kernel.org/majordomo-info.html

-- 
WBR,
Yauheni Kaliuta
  



    
  

  
    

      

        Keyboard shortcuts
      

      

        
          
hback out one level

          
jnext message in thread

          
kprevious message in thread

          
ldrill in

          
Escclose help / fold thread tree

          
?toggle this help