From: Vegard Nossum <[email protected]> The signature check in regular module verification process `crypto_check_module_sig()` is skipped for this standalone crypto module because its signature has already been checked during load (as described in later patch).
Signed-off-by: Vegard Nossum <[email protected]> [Revise commit message] Signed-off-by: Jay Wang <[email protected]> --- crypto/algapi.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/crypto/algapi.c b/crypto/algapi.c index 37de377719ae..663698e0cd65 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -24,7 +24,19 @@ static LIST_HEAD(crypto_template_list); static inline void crypto_check_module_sig(struct module *mod) { - if (fips_enabled && mod && !module_sig_ok(mod)) +#ifdef FIPS_MODULE + /* + * The FIPS module should ignore its own signature check, as it was + * already been verified elsewhere during loading. + */ + if (mod == THIS_MODULE) + return; +#else + if (!fips_enabled) + return; +#endif + + if (mod && !module_sig_ok(mod)) panic("Module %s signature verification failed in FIPS mode\n", module_name(mod)); } -- 2.47.3
