Linux-Modules Archive on lore.kernel.org
 help / Atom feed
* Re: modinfo shows md4 signature instead of sha256
       [not found] <093e06b77d7e44af8b9597f1a3701fa7@citrus.nl>
@ 2018-01-31 17:39 ` Lucas De Marchi
  2018-01-31 17:40   ` Lucas De Marchi
  0 siblings, 1 reply; 4+ messages in thread
From: Lucas De Marchi @ 2018-01-31 17:39 UTC (permalink / raw)
  To: Ferry van Steen; +Cc: jcm, David Howells, linux-modules

Hi Ferry,

CC'ing mailing list and Yauheni who worked on fixing modinfo output in
the last release.


On Wed, Jan 31, 2018 at 1:23 AM, Ferry van Steen
<Ferry.van.Steen@citrus.nl> wrote:
> Hi,
>
>
> sorry, not sure where to file this. There seems to be a bug in either the
> kernel signing modules with a wrong signature algorithm, or modinfo is
> reporting it incorrectly. I presume it's the latter.
>
>
> More details are here: https://bugzilla.redhat.com/show_bug.cgi?id=3D1490=
975

Not showing the output on older versions is a known issue: support for
PKCS#7 sig type was
only added to kmod in v23.

Now for the incorrect info, the problem appears to be in the kernel
implementation:
it appends a PKCS#7, but doens't fill out the struct module_signature
correctly. So in F27 I get this from, e.g.
soundcore.ko:

$ xxd -c 8 -g 1 mod.ko | tail -n6
00004d80: b9 d5 04 00 00 02 00 00  ........   <<<<<<
00004d88: 00 00 00 00 00 02 d3 7e  .......~
00004d90: 4d 6f 64 75 6c 65 20 73  Module s
00004d98: 69 67 6e 61 74 75 72 65  ignature
00004da0: 20 61 70 70 65 6e 64 65   appende
00004da8: 64 7e 0a                 d~.

See line marked above. It should match a struct module_signature. So:
id_type =3D=3D 0x2 // PKCS7
hash =3D=3D 0 // md4
algo =3D=3D 0 // dsa

Looking at scripts/sign-file.c, indeed id_type is the only field that
is filled out.
CC'ing  David Howells as well. Any input here?

Lucas De Marchi

>
>
> Thanks in advance and kind regards,
>
>
> Ferry van Steen
> Linux Developer
> Ferry.van.Steen@Citrus.nl
>
> Citrus Software
> =E2=97=8F  Almystraat 10A
> =E2=97=8F  5061 PA Oisterwijk
> =E2=97=8F  +31 (0)13 - 529 91 55
> =E2=97=8F  www.citrus.nl
> ______________________________________________________
>
> This message may contain confidential or privileged information. If you a=
re
> not the addressee, please notify the sender and delete it from your files=
.
> Please consider the environmental impact before printing this e-mail.
>



--=20
Lucas De Marchi

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: modinfo shows md4 signature instead of sha256
  2018-01-31 17:39 ` modinfo shows md4 signature instead of sha256 Lucas De Marchi
@ 2018-01-31 17:40   ` Lucas De Marchi
  2018-01-31 20:39     ` Yauheni Kaliuta
  0 siblings, 1 reply; 4+ messages in thread
From: Lucas De Marchi @ 2018-01-31 17:40 UTC (permalink / raw)
  To: Ferry van Steen; +Cc: jcm, David Howells, linux-modules, Yauheni Kaliuta

Now really CC Yauheni.

On Wed, Jan 31, 2018 at 9:39 AM, Lucas De Marchi
<lucas.de.marchi@gmail.com> wrote:
> Hi Ferry,
>
> CC'ing mailing list and Yauheni who worked on fixing modinfo output in
> the last release.
>
>
> On Wed, Jan 31, 2018 at 1:23 AM, Ferry van Steen
> <Ferry.van.Steen@citrus.nl> wrote:
>> Hi,
>>
>>
>> sorry, not sure where to file this. There seems to be a bug in either th=
e
>> kernel signing modules with a wrong signature algorithm, or modinfo is
>> reporting it incorrectly. I presume it's the latter.
>>
>>
>> More details are here: https://bugzilla.redhat.com/show_bug.cgi?id=3D149=
0975
>
> Not showing the output on older versions is a known issue: support for
> PKCS#7 sig type was
> only added to kmod in v23.
>
> Now for the incorrect info, the problem appears to be in the kernel
> implementation:
> it appends a PKCS#7, but doens't fill out the struct module_signature
> correctly. So in F27 I get this from, e.g.
> soundcore.ko:
>
> $ xxd -c 8 -g 1 mod.ko | tail -n6
> 00004d80: b9 d5 04 00 00 02 00 00  ........   <<<<<<
> 00004d88: 00 00 00 00 00 02 d3 7e  .......~
> 00004d90: 4d 6f 64 75 6c 65 20 73  Module s
> 00004d98: 69 67 6e 61 74 75 72 65  ignature
> 00004da0: 20 61 70 70 65 6e 64 65   appende
> 00004da8: 64 7e 0a                 d~.
>
> See line marked above. It should match a struct module_signature. So:
> id_type =3D=3D 0x2 // PKCS7
> hash =3D=3D 0 // md4
> algo =3D=3D 0 // dsa
>
> Looking at scripts/sign-file.c, indeed id_type is the only field that
> is filled out.
> CC'ing  David Howells as well. Any input here?
>
> Lucas De Marchi
>
>>
>>
>> Thanks in advance and kind regards,
>>
>>
>> Ferry van Steen
>> Linux Developer
>> Ferry.van.Steen@Citrus.nl
>>
>> Citrus Software
>> =E2=97=8F  Almystraat 10A
>> =E2=97=8F  5061 PA Oisterwijk
>> =E2=97=8F  +31 (0)13 - 529 91 55
>> =E2=97=8F  www.citrus.nl
>> ______________________________________________________
>>
>> This message may contain confidential or privileged information. If you =
are
>> not the addressee, please notify the sender and delete it from your file=
s.
>> Please consider the environmental impact before printing this e-mail.
>>
>
>
>
> --
> Lucas De Marchi



--=20
Lucas De Marchi

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: modinfo shows md4 signature instead of sha256
  2018-01-31 17:40   ` Lucas De Marchi
@ 2018-01-31 20:39     ` Yauheni Kaliuta
  2018-01-31 21:06       ` Yauheni Kaliuta
  0 siblings, 1 reply; 4+ messages in thread
From: Yauheni Kaliuta @ 2018-01-31 20:39 UTC (permalink / raw)
  To: Lucas De Marchi; +Cc: Ferry van Steen, jcm\, David Howells, linux-modules

Hi, Lucas!

This is a better bugreport
https://bugzilla.redhat.com/show_bug.cgi?id=1320921 

I have a proof of concept realization of PKCS#7 parser based on the kernel
code, but haven't synced the further work with David yet.

>>>>> On Wed, 31 Jan 2018 09:40:47 -0800, Lucas De Marchi  wrote:

 > Now really CC Yauheni.
 > On Wed, Jan 31, 2018 at 9:39 AM, Lucas De Marchi
 > <lucas.de.marchi@gmail.com> wrote:
 >> Hi Ferry,
 >> 
 >> CC'ing mailing list and Yauheni who worked on fixing modinfo output in
 >> the last release.
 >> 
 >> 
 >> On Wed, Jan 31, 2018 at 1:23 AM, Ferry van Steen
 >> <Ferry.van.Steen@citrus.nl> wrote:
 >>> Hi,
 >>> 
 >>> 
 >>> sorry, not sure where to file this. There seems to be a bug in either the
 >>> kernel signing modules with a wrong signature algorithm, or modinfo is
 >>> reporting it incorrectly. I presume it's the latter.
 >>> 
 >>> 
 >>> More details are here: https://bugzilla.redhat.com/show_bug.cgi?id=1490975
 >> 
 >> Not showing the output on older versions is a known issue: support for
 >> PKCS#7 sig type was
 >> only added to kmod in v23.
 >> 
 >> Now for the incorrect info, the problem appears to be in the kernel
 >> implementation:
 >> it appends a PKCS#7, but doens't fill out the struct module_signature
 >> correctly. So in F27 I get this from, e.g.
 >> soundcore.ko:
 >> 
 >> $ xxd -c 8 -g 1 mod.ko | tail -n6
 >> 00004d80: b9 d5 04 00 00 02 00 00  ........   <<<<<<
 >> 00004d88: 00 00 00 00 00 02 d3 7e  .......~
 >> 00004d90: 4d 6f 64 75 6c 65 20 73  Module s
 >> 00004d98: 69 67 6e 61 74 75 72 65  ignature
 >> 00004da0: 20 61 70 70 65 6e 64 65   appende
 >> 00004da8: 64 7e 0a                 d~.
 >> 
 >> See line marked above. It should match a struct module_signature. So:
 >> id_type == 0x2 // PKCS7
 >> hash == 0 // md4
 >> algo == 0 // dsa
 >> 
 >> Looking at scripts/sign-file.c, indeed id_type is the only field that
 >> is filled out.
 >> CC'ing  David Howells as well. Any input here?
 >> 
 >> Lucas De Marchi
 >> 
 >>> 
 >>> 
 >>> Thanks in advance and kind regards,
 >>> 
 >>> 
 >>> Ferry van Steen
 >>> Linux Developer
 >>> Ferry.van.Steen@Citrus.nl
 >>> 
 >>> Citrus Software
 >>> ●  Almystraat 10A
 >>> ●  5061 PA Oisterwijk
 >>> ●  +31 (0)13 - 529 91 55
 >>> ●  www.citrus.nl
 >>> ______________________________________________________
 >>> 
 >>> This message may contain confidential or privileged information. If you are
 >>> not the addressee, please notify the sender and delete it from your files.
 >>> Please consider the environmental impact before printing this e-mail.
 >>> 
 >> 
 >> 
 >> 
 >> --
 >> Lucas De Marchi



 > -- 
 > Lucas De Marchi

-- 
WBR,
Yauheni Kaliuta

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: modinfo shows md4 signature instead of sha256
  2018-01-31 20:39     ` Yauheni Kaliuta
@ 2018-01-31 21:06       ` Yauheni Kaliuta
  0 siblings, 0 replies; 4+ messages in thread
From: Yauheni Kaliuta @ 2018-01-31 21:06 UTC (permalink / raw)
  To: Lucas De Marchi; +Cc: Ferry van Steen, jcm\, David Howells, linux-modules


>>>>> On Wed, 31 Jan 2018 22:39:42 +0200, Yauheni Kaliuta  wrote:

 > Hi, Lucas!
 > This is a better bugreport
 > https://bugzilla.redhat.com/show_bug.cgi?id=1320921 

 > I have a proof of concept realization of PKCS#7 parser based on the kernel

"implementation" of course :)

 > code, but haven't synced the further work with David yet.

>>>>> On Wed, 31 Jan 2018 09:40:47 -0800, Lucas De Marchi  wrote:

 >> Now really CC Yauheni.
 >> On Wed, Jan 31, 2018 at 9:39 AM, Lucas De Marchi
 >> <lucas.de.marchi@gmail.com> wrote:
 >>> Hi Ferry,
 >>> 
 >>> CC'ing mailing list and Yauheni who worked on fixing modinfo output in
 >>> the last release.
 >>> 
 >>> 
 >>> On Wed, Jan 31, 2018 at 1:23 AM, Ferry van Steen
 >>> <Ferry.van.Steen@citrus.nl> wrote:
 >>>> Hi,
 >>>> 
 >>>> 
 >>>> sorry, not sure where to file this. There seems to be a bug in either the
 >>>> kernel signing modules with a wrong signature algorithm, or modinfo is
 >>>> reporting it incorrectly. I presume it's the latter.
 >>>> 
 >>>> 
 >>>> More details are here: https://bugzilla.redhat.com/show_bug.cgi?id=1490975
 >>> 
 >>> Not showing the output on older versions is a known issue: support for
 >>> PKCS#7 sig type was
 >>> only added to kmod in v23.
 >>> 
 >>> Now for the incorrect info, the problem appears to be in the kernel
 >>> implementation:
 >>> it appends a PKCS#7, but doens't fill out the struct module_signature
 >>> correctly. So in F27 I get this from, e.g.
 >>> soundcore.ko:
 >>> 
 >>> $ xxd -c 8 -g 1 mod.ko | tail -n6
 >>> 00004d80: b9 d5 04 00 00 02 00 00  ........   <<<<<<
 >>> 00004d88: 00 00 00 00 00 02 d3 7e  .......~
 >>> 00004d90: 4d 6f 64 75 6c 65 20 73  Module s
 >>> 00004d98: 69 67 6e 61 74 75 72 65  ignature
 >>> 00004da0: 20 61 70 70 65 6e 64 65   appende
 >>> 00004da8: 64 7e 0a                 d~.
 >>> 
 >>> See line marked above. It should match a struct module_signature. So:
 >>> id_type == 0x2 // PKCS7
 >>> hash == 0 // md4
 >>> algo == 0 // dsa
 >>> 
 >>> Looking at scripts/sign-file.c, indeed id_type is the only field that
 >>> is filled out.
 >>> CC'ing  David Howells as well. Any input here?
 >>> 
 >>> Lucas De Marchi
 >>> 
 >>>> 
 >>>> 
 >>>> Thanks in advance and kind regards,
 >>>> 
 >>>> 
 >>>> Ferry van Steen
 >>>> Linux Developer
 >>>> Ferry.van.Steen@Citrus.nl
 >>>> 
 >>>> Citrus Software
 >>>> ●  Almystraat 10A
 >>>> ●  5061 PA Oisterwijk
 >>>> ●  +31 (0)13 - 529 91 55
 >>>> ●  www.citrus.nl
 >>>> ______________________________________________________
 >>>> 
 >>>> This message may contain confidential or privileged information. If you are
 >>>> not the addressee, please notify the sender and delete it from your files.
 >>>> Please consider the environmental impact before printing this e-mail.
 >>>> 
 >>> 
 >>> 
 >>> 
 >>> --
 >>> Lucas De Marchi



 >> -- 
 >> Lucas De Marchi

 > -- 
 > WBR,
 > Yauheni Kaliuta
 > --
 > To unsubscribe from this list: send the line "unsubscribe linux-modules" in
 > the body of a message to majordomo@vger.kernel.org
 > More majordomo info at  http://vger.kernel.org/majordomo-info.html

-- 
WBR,
Yauheni Kaliuta

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, back to index

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <093e06b77d7e44af8b9597f1a3701fa7@citrus.nl>
2018-01-31 17:39 ` modinfo shows md4 signature instead of sha256 Lucas De Marchi
2018-01-31 17:40   ` Lucas De Marchi
2018-01-31 20:39     ` Yauheni Kaliuta
2018-01-31 21:06       ` Yauheni Kaliuta

Linux-Modules Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-modules/0 linux-modules/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-modules linux-modules/ https://lore.kernel.org/linux-modules \
		linux-modules@vger.kernel.org linux-modules@archiver.kernel.org
	public-inbox-index linux-modules


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-modules


AGPL code for this site: git clone https://public-inbox.org/ public-inbox