releases/4.9.129/evm-don-t-deadlock-if-a-crypto-algorithm-is-unavailable.patch

   1 From foo@baz Mon Sep 24 09:32:39 CEST 2018
   2 From: Matthew Garrett <mjg59@google.com>
   3 Date: Fri, 8 Jun 2018 14:57:42 -0700
   4 Subject: evm: Don't deadlock if a crypto algorithm is unavailable
   5
   6 From: Matthew Garrett <mjg59@google.com>
   7
   8 [ Upstream commit e2861fa71641c6414831d628a1f4f793b6562580 ]
   9
  10 When EVM attempts to appraise a file signed with a crypto algorithm the
  11 kernel doesn't have support for, it will cause the kernel to trigger a
  12 module load. If the EVM policy includes appraisal of kernel modules this
  13 will in turn call back into EVM - since EVM is holding a lock until the
  14 crypto initialisation is complete, this triggers a deadlock. Add a
  15 CRYPTO_NOLOAD flag and skip module loading if it's set, and add that flag
  16 in the EVM case in order to fail gracefully with an error message
  17 instead of deadlocking.
  18
  19 Signed-off-by: Matthew Garrett <mjg59@google.com>
  20 Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
  21 Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
  22 Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
  23 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  24 ---
  25  crypto/api.c                        |    2 +-
  26  include/linux/crypto.h              |    5 +++++
  27  security/integrity/evm/evm_crypto.c |    3 ++-
  28  3 files changed, 8 insertions(+), 2 deletions(-)
  29
  30 --- a/crypto/api.c
  31 +++ b/crypto/api.c
  32 @@ -215,7 +215,7 @@ struct crypto_alg *crypto_larval_lookup(
  33         type &= mask;
  34
  35         alg = crypto_alg_lookup(name, type, mask);
  36 -       if (!alg) {
  37 +       if (!alg && !(mask & CRYPTO_NOLOAD)) {
  38                 request_module("crypto-%s", name);
  39
  40                 if (!((type ^ CRYPTO_ALG_NEED_FALLBACK) & mask &
  41 --- a/include/linux/crypto.h
  42 +++ b/include/linux/crypto.h
  43 @@ -109,6 +109,11 @@
  44  #define CRYPTO_ALG_OPTIONAL_KEY                0x00004000
  45
  46  /*
  47 + * Don't trigger module loading
  48 + */
  49 +#define CRYPTO_NOLOAD                  0x00008000
  50 +
  51 +/*
  52   * Transform masks and values (for crt_flags).
  53   */
  54  #define CRYPTO_TFM_NEED_KEY            0x00000001
  55 --- a/security/integrity/evm/evm_crypto.c
  56 +++ b/security/integrity/evm/evm_crypto.c
  57 @@ -94,7 +94,8 @@ static struct shash_desc *init_desc(char
  58                 mutex_lock(&mutex);
  59                 if (*tfm)
  60                         goto out;
  61 -               *tfm = crypto_alloc_shash(algo, 0, CRYPTO_ALG_ASYNC);
  62 +               *tfm = crypto_alloc_shash(algo, 0,
  63 +                                         CRYPTO_ALG_ASYNC | CRYPTO_NOLOAD);
  64                 if (IS_ERR(*tfm)) {
  65                         rc = PTR_ERR(*tfm);
  66                         pr_err("Can not allocate %s (reason: %ld)\n", algo, rc);