@@ -118,7 +118,7 @@ static int public_key_verify_signature_2(const struct key *key,
/*
* Public key algorithm asymmetric key subtype
*/
-struct asymmetric_key_subtype public_key_subtype = {
+const struct asymmetric_key_subtype public_key_subtype = {
.owner = THIS_MODULE,
.name = "public_key",
.name_len = sizeof("public_key") - 1,
@@ -13,7 +13,7 @@
#include <crypto/public_key.h>
-extern struct asymmetric_key_subtype public_key_subtype;
+extern const struct asymmetric_key_subtype public_key_subtype;
/*
* Public key algorithm definition.
During the attempt to disable the kernel module signing verification in some android kernel, I came across that the public_key_subtype in asymmetric_keys/public_key.c which has following declarations: struct asymmetric_key_subtype public_key_subtype = { ... .describe = public_key_describe, .destroy = public_key_destroy, .verify_signature = public_key_verify_signature_2, }; As long as I have root access and /dev/mem access available, it seems to be quite easy to have kernel module signing verification workarounded by just simply assign the address of public_key_describe() to the .verify_signature data member. This could be avoided by adding const to the data structure to make all the data members ready only. Signed-off-by: zibo zhao <chinabull@gmail.com> --- crypto/asymmetric_keys/public_key.c | 2 +- crypto/asymmetric_keys/public_key.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)