| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aOuavtSpoNLWHoMS@wunner.de>
Date: Sun, 12 Oct 2025 14:10:38 +0200
From: Lukas Wunner <lukas@...ner.de>
To: Thorsten Blum <thorsten.blum@...ux.dev>
Cc: David Howells <dhowells@...hat.com>,
Ignat Korchagin <ignat@...udflare.com>,
Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>, keyrings@...r.kernel.org,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] crypto: asymmetric_keys - simplify
asymmetric_key_hex_to_key_id
On Tue, Oct 07, 2025 at 08:52:21PM +0200, Thorsten Blum wrote:
> Use struct_size() to calculate the number of bytes to allocate for the
> asymmetric key id.
Why? To what end? To guard against an overflow?
I've gone through the callers of asymmetric_key_hex_to_key_id() and
it seems they all limit the length of the keyid. Guarding against
an overflow in asymmetric_key_hex_to_key_id() could thus only be
justified as a defense-in-depth measure, but I doubt that's worth it.
Callers I've found:
- keyctl_keyring_search() [security/keys/keyctl.c]
keyring_search()
type->match_preparse() == asymmetric_key_match_preparse()
asymmetric_key_hex_to_key_id()
Here the size of the key id is constrained to 4096 bytes
(KEY_MAX_DESC_SIZE) by keyctl_keyring_search().
- request_key() [security/keys/keyctl.c]
request_key_and_link()
type->match_preparse() == asymmetric_key_match_preparse()
asymmetric_key_hex_to_key_id()
Same here.
- asymmetric_verify() [security/integrity/digsig_asymmetric.c]
request_asymmetric_key()
find_asymmetric_key()
keyring_search()
type->match_preparse() == asymmetric_key_match_preparse()
asymmetric_key_hex_to_key_id()
Here the size of the key id is a 32-bit integer.
- pkcs7_validate_trust_one() [crypto/asymmetric_keys/pkcs7_trust.c]
find_asymmetric_key()
keyring_search()
type->match_preparse() == asymmetric_key_match_preparse()
asymmetric_key_hex_to_key_id()
Here the key id in hexadecimal is constructed from its binary form,
asymmetric_key_hex_to_key_id() then converts that back. Naturally
the back conversion shouldn't overflow.
- restrict_link_by_signature() [crypto/asymmetric_keys/restrict.c]
find_asymmetric_key()
keyring_search()
type->match_preparse() == asymmetric_key_match_preparse()
asymmetric_key_hex_to_key_id()
Same here.
> +++ b/crypto/asymmetric_keys/asymmetric_type.c
> @@ -236,12 +236,11 @@ struct asymmetric_key_id *asymmetric_key_hex_to_key_id(const char *id)
> if (asciihexlen & 1)
> return ERR_PTR(-EINVAL);
>
> - match_id = kmalloc(sizeof(struct asymmetric_key_id) + asciihexlen / 2,
> - GFP_KERNEL);
> + hexlen = asciihexlen / 2;
> + match_id = kmalloc(struct_size(match_id, data, hexlen), GFP_KERNEL);
> if (!match_id)
> return ERR_PTR(-ENOMEM);
This doesn't look more readable to be honest.
> - ret = __asymmetric_key_hex_to_key_id(id, match_id, asciihexlen / 2);
> - if (ret < 0) {
> + if (__asymmetric_key_hex_to_key_id(id, match_id, hexlen) < 0) {
> kfree(match_id);
> return ERR_PTR(-EINVAL);
> }
If anything, return ret instead of removing the ret variable.
The only negative return value of __asymmetric_key_hex_to_key_id()
is -EINVAL, hence that's returned directly here.
Thanks,
Lukas
Powered by blists - more mailing lists