| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <CA61EE6A-F2D5-4812-96D4-4B1AF3B8B3ED@sigma-star.at>
Date: Tue, 7 Jan 2025 13:56:01 +0100
From: David Gstir <david@...ma-star.at>
To: sigma star Kernel Team <upstream+dcp@...ma-star.at>,
James Bottomley <jejb@...ux.ibm.com>,
Jarkko Sakkinen <jarkko@...nel.org>,
Mimi Zohar <zohar@...ux.ibm.com>,
David Howells <dhowells@...hat.com>,
Paul Moore <paul@...l-moore.com>,
James Morris <jmorris@...ei.org>,
"Serge E. Hallyn" <serge@...lyn.com>
Cc: "linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>,
"keyrings@...r.kernel.org" <keyrings@...r.kernel.org>,
"linux-security-module@...r.kernel.org" <linux-security-module@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
stable@...r.kernel.org
Subject: Re: [PATCH] KEYS: trusted: dcp: fix improper sg use with
CONFIG_VMAP_STACK=y
> On 13.11.2024, at 22:27, David Gstir <david@...ma-star.at> wrote:
>
> With vmalloc stack addresses enabled (CONFIG_VMAP_STACK=y) DCP trusted
> keys can crash during en- and decryption of the blob encryption key via
> the DCP crypto driver. This is caused by improperly using sg_init_one()
> with vmalloc'd stack buffers (plain_key_blob).
>
> Fix this by always using kmalloc() for buffers we give to the DCP crypto
> driver.
>
> Cc: stable@...r.kernel.org # v6.10+
> Fixes: 0e28bf61a5f9 ("KEYS: trusted: dcp: fix leak of blob encryption key")
> Signed-off-by: David Gstir <david@...ma-star.at>
gentle ping.
Thanks!
- David
Powered by blists - more mailing lists