iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/security/keys
History
Eric Biggers d312c0035e KEYS: fix length validation in keyctl_pkey_params_get_2() 
commit c51abd96837f600d8fd940b6ab8e2da578575504 upstream.

In many cases, keyctl_pkey_params_get_2() is validating the user buffer
lengths against the wrong algorithm properties.  Fix it to check against
the correct properties.

Probably this wasn't noticed before because for all asymmetric keys of
the "public_key" subtype, max_data_size == max_sig_size == max_enc_size
== max_dec_size.  However, this isn't necessarily true for the
"asym_tpm" subtype (it should be, but it's not strictly validated).  Of
course, future key types could have different values as well.

Fixes: 00d60fd3b932 ("KEYS: Provide keyctls to drive the new key type ops for asymmetric keys [ver #2]")
Cc: <stable@vger.kernel.org> # v4.20+
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-04-15 14:17:58 +02:00
..
encrypted-keys
KEYS: Don't write out to userspace while holding key semaphore
2020-04-23 10:36:45 +02:00
big_key.c
KEYS: Don't write out to userspace while holding key semaphore
2020-04-23 10:36:45 +02:00
compat_dh.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
compat.c
Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"
2019-07-10 18:43:43 -07:00
dh.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
gc.c
Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"
2019-07-10 18:43:43 -07:00
internal.h
mm: add kvfree_sensitive() for freeing sensitive data objects
2020-06-17 16:40:23 +02:00
Kconfig
request_key improvements
2019-07-08 19:19:37 -07:00
key.c
certs: Fix blacklist flag type confusion
2021-03-04 10:26:29 +01:00
keyctl_pkey.c
KEYS: fix length validation in keyctl_pkey_params_get_2()
2022-04-15 14:17:58 +02:00
keyctl.c
mm: add kvfree_sensitive() for freeing sensitive data objects
2020-06-17 16:40:23 +02:00
keyring.c
KEYS: Don't write out to userspace while holding key semaphore
2020-04-23 10:36:45 +02:00
Makefile
KEYS: Provide keyctls to drive the new key type ops for asymmetric keys [ver #2]
2018-10-26 09:30:46 +01:00
permission.c
Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"
2019-07-10 18:43:43 -07:00
persistent.c
Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"
2019-07-10 18:43:43 -07:00
proc.c
keys: Fix proc_keys_next to increase position index
2020-04-21 09:04:58 +02:00
process_keys.c
Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"
2019-07-10 18:43:43 -07:00
request_key_auth.c
KEYS: Don't write out to userspace while holding key semaphore
2020-04-23 10:36:45 +02:00
request_key.c
keys: ensure that ->match_free() is called in request_key_and_link()
2019-08-30 11:10:55 -07:00
sysctl.c
proc/sysctl: add shared variables for range check
2019-07-18 17:08:07 -07:00
trusted.c
KEYS: trusted: Fix migratable=1 failing
2021-03-04 10:26:44 +01:00
user_defined.c
KEYS: Don't write out to userspace while holding key semaphore
2020-04-23 10:36:45 +02:00