Skip to content

Commit

Permalink
MODSIGN: Add FIPS policy
Browse files Browse the repository at this point in the history 
If we're in FIPS mode, we should panic if we fail to verify the signature on a
module or we're asked to load an unsigned module in signature enforcing mode.
Possibly FIPS mode should automatically enable enforcing mode.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
  • Loading branch information
@dhowells @rustyrussell
dhowells authored and rustyrussell committed Oct 10, 2012
1 parent 106a4ee commit 1d0059f
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions kernel/module.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@
#include <linux/jump_label.h>
#include <linux/pfn.h>
#include <linux/bsearch.h>
#include <linux/fips.h>
#include "module-internal.h"

#define CREATE_TRACE_POINTS
Expand Down Expand Up @@ -2447,6 +2448,9 @@ static int module_sig_check(struct load_info *info,
}

/* Not having a signature is only an error if we're strict. */
if (err < 0 && fips_enabled)
panic("Module verification failed with error %d in FIPS mode\n",
err);
if (err == -ENOKEY && !sig_enforce)
err = 0;

Expand Down

0 comments on commit 1d0059f

Please sign in to comment.