Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() #222

Open
wants to merge 1 commit into
base: dev-6.1
Choose a base branch
from
Open

KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() #222

wants to merge 1 commit into from

Commits on Jun 5, 2023

  1. KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() 

    Commit ac4e97a ("scatterlist: sg_set_buf() argument must be in linear
mapping") checks that both the signature and the digest reside in the
linear mapping area.

However, more recently commit ba14a19 ("fork: Add generic vmalloced
stack support") made it possible to move the stack in the vmalloc area,
which is not contiguous, and thus not suitable for sg_set_buf() which needs
adjacent pages.

Always make a copy of the signature and digest in the same buffer used to
store the key and its parameters, and pass them to sg_init_one(). Prefer it
to conditionally doing the copy if necessary, to keep the code simple. The
buffer allocated with kmalloc() is in the linear mapping area.

Cc: [email protected] # 4.9.x
Fixes: ba14a19 ("fork: Add generic vmalloced stack support")
Link: https://lore.kernel.org/linux-integrity/[email protected]/
Suggested-by: Eric Biggers <[email protected]>
Signed-off-by: Roberto Sassu <[email protected]>
Reviewed-by: Eric Biggers <[email protected]>
Tested-by: Stefan Berger <[email protected]>
    @robertosassu @stefanberger
    robertosassu authored and stefanberger committed Jun 5, 2023
    Configuration menu
    Copy the full SHA
    a8c5eb6 View commit details
    Browse the repository at this point in the history