summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSamuel Mendoza-Jonas <sam@mendozajonas.com>2018-03-20 10:49:32 +1100
committerSamuel Mendoza-Jonas <sam@mendozajonas.com>2018-03-23 11:39:35 +1100
commit3dfa4123bdf987aaa0e4bfd73d436c6bab0184ce (patch)
treed6a75c0bcb855b0851d6b9b82a3c45e935f5b869
parentabf92c05c31955333719f1a83cffb0d0d194c770 (diff)
downloadtalos-petitboot-3dfa4123bdf987aaa0e4bfd73d436c6bab0184ce.zip
talos-petitboot-3dfa4123bdf987aaa0e4bfd73d436c6bab0184ce.tar.gz
lib/security: Fix broken if statements in gpg_validate_boot_files()
The patch ccb478ac "Add encrypted file support" removes two result = KEXEC_LOAD_SIGNATURE_FAILURE; statements from after the `if (verify_file_signature)` lines for the kernel and cmdline signatures. This appears to have been a mistake that snuck through testing, and would allow incorrect signatures to pass validation. Also fix up some confusing indenting in the decryption section. Reported-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
-rw-r--r--lib/security/gpg.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/security/gpg.c b/lib/security/gpg.c
index 41d1306..76e2c6c 100644
--- a/lib/security/gpg.c
+++ b/lib/security/gpg.c
@@ -462,10 +462,12 @@ int gpg_validate_boot_files(struct boot_task *boot_task) {
local_image_signature,
authorized_signatures_handle,
"/etc/gpg"))
+ result = KEXEC_LOAD_SIGNATURE_FAILURE;
if (verify_file_signature(cmdline_template,
local_cmdline_signature,
authorized_signatures_handle,
"/etc/gpg"))
+ result = KEXEC_LOAD_SIGNATURE_FAILURE;
if (boot_task->local_initrd_signature)
if (verify_file_signature(initrd_filename,
@@ -498,7 +500,7 @@ int gpg_validate_boot_files(struct boot_task *boot_task) {
"/etc/gpg"))
result = KEXEC_LOAD_SIGNATURE_FAILURE;
if (boot_task->local_initrd)
- if (decrypt_file(initrd_filename,
+ if (decrypt_file(initrd_filename,
authorized_signatures_handle,
"/etc/gpg"))
result = KEXEC_LOAD_DECRYPTION_FALURE;
@@ -570,4 +572,4 @@ int lockdown_status() {
free(auth_sig_line);
return ret;
-} \ No newline at end of file
+}
OpenPOWER on IntegriCloud