diff mbox series

lib/security: Fix broken if statements in gpg_validate_boot_files()

Message ID 20180320024600.4353-1-sam@mendozajonas.com
State Accepted
Headers show
Series lib/security: Fix broken if statements in gpg_validate_boot_files() | expand

Commit Message

Sam Mendoza-Jonas March 20, 2018, 2:46 a.m. UTC 
The patch ccb478ac "Add encrypted file support" removes two
	result = KEXEC_LOAD_SIGNATURE_FAILURE;
statements from after the `if (verify_file_signature)` lines for the
kernel and cmdline signatures. This appears to have been a mistake that
snuck through testing, and would allow incorrect signatures to pass
validation.

Also fix up some confusing indenting in the decryption section.

Reported-by: Brett Grandbois <brett.grandbois@opengear.com>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
---
 lib/security/gpg.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/lib/security/gpg.c b/lib/security/gpg.c
index 41d1306..76e2c6c 100644
--- a/lib/security/gpg.c
+++ b/lib/security/gpg.c
@@ -462,10 +462,12 @@  int gpg_validate_boot_files(struct boot_task *boot_task) {
 			local_image_signature,
 			authorized_signatures_handle,
 			"/etc/gpg"))
+			result = KEXEC_LOAD_SIGNATURE_FAILURE;
 		if (verify_file_signature(cmdline_template,
 			local_cmdline_signature,
 			authorized_signatures_handle,
 			"/etc/gpg"))
+			result = KEXEC_LOAD_SIGNATURE_FAILURE;
 
 		if (boot_task->local_initrd_signature)
 			if (verify_file_signature(initrd_filename,
@@ -498,7 +500,7 @@  int gpg_validate_boot_files(struct boot_task *boot_task) {
 			"/etc/gpg"))
 			result = KEXEC_LOAD_SIGNATURE_FAILURE;
 		if (boot_task->local_initrd)
-		if (decrypt_file(initrd_filename,
+			if (decrypt_file(initrd_filename,
 				authorized_signatures_handle,
 				"/etc/gpg"))
 				result = KEXEC_LOAD_DECRYPTION_FALURE;
@@ -570,4 +572,4 @@  int lockdown_status() {
 	free(auth_sig_line);
 
 	return ret;
-}
\ No newline at end of file
+}