iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/security/keys
History
Eric Biggers c51abd9683 KEYS: fix length validation in keyctl_pkey_params_get_2() 
In many cases, keyctl_pkey_params_get_2() is validating the user buffer
lengths against the wrong algorithm properties.  Fix it to check against
the correct properties.

Probably this wasn't noticed before because for all asymmetric keys of
the "public_key" subtype, max_data_size == max_sig_size == max_enc_size
== max_dec_size.  However, this isn't necessarily true for the
"asym_tpm" subtype (it should be, but it's not strictly validated).  Of
course, future key types could have different values as well.

Fixes: 00d60fd3b932 ("KEYS: Provide keyctls to drive the new key type ops for asymmetric keys [ver #2]")
Cc: <stable@vger.kernel.org> # v4.20+
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
2022-03-08 10:33:18 +02:00
..
encrypted-keys
crypto: sha - split sha.h into sha1.h and sha2.h
2020-11-20 14:45:33 +11:00
trusted-keys
trusted-keys: match tpm_get_ops on all return paths
2021-05-12 22:36:37 +03:00
big_key.c
security/keys: use kvfree_sensitive()
2021-01-21 16:16:09 +00:00
compat_dh.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
compat.c
security/keys: remove compat_keyctl_instantiate_key_iov
2020-10-03 00:02:16 -04:00
dh.c
security: DH - use KDF implementation from crypto API
2021-11-26 16:25:17 +11:00
gc.c
watch_queue: Add a key/keyring notification facility
2020-05-19 15:19:06 +01:00
internal.h
security/keys: remove compat_keyctl_instantiate_key_iov
2020-10-03 00:02:16 -04:00
Kconfig
security: DH - use KDF implementation from crypto API
2021-11-26 16:25:17 +11:00
key.c
certs: Fix blacklist flag type confusion
2021-01-21 16:16:10 +00:00
keyctl_pkey.c
KEYS: fix length validation in keyctl_pkey_params_get_2()
2022-03-08 10:33:18 +02:00
keyctl.c
security: keys: delete repeated words in comments
2021-01-21 16:16:09 +00:00
keyring.c
security: keys: delete repeated words in comments
2021-01-21 16:16:09 +00:00
Makefile
KEYS: remove CONFIG_KEYS_COMPAT
2019-12-12 23:41:17 +02:00
permission.c
keys: Make the KEY_NEED_* perms an enum rather than a mask
2020-05-19 15:42:22 +01:00
persistent.c
Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"
2019-07-10 18:43:43 -07:00
proc.c
keys: Fix proc_keys_next to increase position index
2020-04-16 10:10:50 -07:00
process_keys.c
ucounts: Move get_ucounts from cred_alloc_blank to key_change_session_keyring
2021-10-20 10:34:20 -05:00
request_key_auth.c
KEYS: Don't write out to userspace while holding key semaphore
2020-03-29 12:40:41 +01:00
request_key.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
sysctl.c
proc/sysctl: add shared variables for range check
2019-07-18 17:08:07 -07:00
user_defined.c
mm, treewide: rename kzfree() to kfree_sensitive()
2020-08-07 11:33:22 -07:00