| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240529150253.27630-1-jarkko@kernel.org> Date: Wed, 29 May 2024 18:02:53 +0300 From: Jarkko Sakkinen <jarkko@...nel.org> To: Herbert Xu <herbert@...dor.apana.org.au> Cc: linux-integrity@...r.kernel.org, keyrings@...r.kernel.org, Andreas.Fuchs@...ineon.com, James Prestwood <prestwoj@...il.com>, David Woodhouse <dwmw2@...radead.org>, Eric Biggers <ebiggers@...nel.org>, James Bottomley <James.Bottomley@...senpartnership.com>, linux-crypto@...r.kernel.org, Stefan Berger <stefanb@...ux.ibm.com>, Jarkko Sakkinen <jarkko@...nel.org>, James Bottomley <James.Bottomley@...senPartnership.com>, Mimi Zohar <zohar@...ux.ibm.com>, David Howells <dhowells@...hat.com>, Paul Moore <paul@...l-moore.com>, James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org Subject: [PATCH] KEYS: trusted: Change -EINVAL to -E2BIG Report -E2BIG instead of -EINVAL when too large size for the key blob is requested. By filtering these errors from other invalid data, this will help distinguish the overflows. Link: https://lore.kernel.org/keyrings/D1M4GRF0RL2W.3QHTBXZWNW9RW@kernel.org/ Reviewed-by: Stefan Berger <stefanb@...ux.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko@...nel.org> --- I don't think this is a fix and neither needs to be backported but makes sense for upcoming versions. Sending as a separate patch from the TPM2 asymmetric keys series. security/keys/trusted-keys/trusted_tpm2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c index 8b7dd73d94c1..06c8fa7b21ae 100644 --- a/security/keys/trusted-keys/trusted_tpm2.c +++ b/security/keys/trusted-keys/trusted_tpm2.c @@ -122,7 +122,7 @@ static int tpm2_key_decode(struct trusted_key_payload *payload, return ret; if (ctx.priv_len + ctx.pub_len > MAX_BLOB_SIZE) - return -EINVAL; + return -E2BIG; blob = kmalloc(ctx.priv_len + ctx.pub_len + 4, GFP_KERNEL); if (!blob) -- 2.45.1
Powered by blists - more mailing lists