* [PATCH v2 0/2] KEYS: trusted: bug fixes for v6.10-rc2
@ 2024-05-20 19:04 Jarkko Sakkinen
2024-05-20 19:04 ` [PATCH v2 1/2] KEYS: trusted: Fix memory leak in tpm2_key_encode() Jarkko Sakkinen
2024-05-20 19:04 ` [PATCH v2 2/2] KEYS: trusted: Do not use WARN when encode fails Jarkko Sakkinen
0 siblings, 2 replies; 3+ messages in thread
From: Jarkko Sakkinen @ 2024-05-20 19:04 UTC (permalink / raw)
To: linux-integrity
Cc: keyrings, James.Bottomley, Jarkko Sakkinen, Mimi Zohar,
David Howells, Paul Moore, James Morris, Serge E. Hallyn,
linux-security-module, linux-kernel
Accumulated bug fixes for trusted keys.
v2:
Dropped a patch disabling hmac by default for now.
Jarkko Sakkinen (2):
KEYS: trusted: Fix memory leak in tpm2_key_encode()
KEYS: trusted: Do not use WARN when encode fails
security/keys/trusted-keys/trusted_tpm2.c | 25 +++++++++++++++++------
1 file changed, 19 insertions(+), 6 deletions(-)
--
2.45.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH v2 1/2] KEYS: trusted: Fix memory leak in tpm2_key_encode()
2024-05-20 19:04 [PATCH v2 0/2] KEYS: trusted: bug fixes for v6.10-rc2 Jarkko Sakkinen
@ 2024-05-20 19:04 ` Jarkko Sakkinen
2024-05-20 19:04 ` [PATCH v2 2/2] KEYS: trusted: Do not use WARN when encode fails Jarkko Sakkinen
1 sibling, 0 replies; 3+ messages in thread
From: Jarkko Sakkinen @ 2024-05-20 19:04 UTC (permalink / raw)
To: linux-integrity
Cc: keyrings, James.Bottomley, Jarkko Sakkinen, stable, Mimi Zohar,
David Howells, Paul Moore, James Morris, Serge E. Hallyn,
linux-security-module, linux-kernel
'scratch' is never freed. Fix this by calling kfree() in the success, and
in the error case.
Cc: stable@vger.kernel.org # +v5.13
Fixes: f2219745250f ("security: keys: trusted: use ASN.1 TPM2 key format for the blobs")
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
---
security/keys/trusted-keys/trusted_tpm2.c | 24 +++++++++++++++++------
1 file changed, 18 insertions(+), 6 deletions(-)
diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
index dfeec06301ce..c6882f5d094f 100644
--- a/security/keys/trusted-keys/trusted_tpm2.c
+++ b/security/keys/trusted-keys/trusted_tpm2.c
@@ -38,6 +38,7 @@ static int tpm2_key_encode(struct trusted_key_payload *payload,
u8 *end_work = scratch + SCRATCH_SIZE;
u8 *priv, *pub;
u16 priv_len, pub_len;
+ int ret;
priv_len = get_unaligned_be16(src) + 2;
priv = src;
@@ -57,8 +58,10 @@ static int tpm2_key_encode(struct trusted_key_payload *payload,
unsigned char bool[3], *w = bool;
/* tag 0 is emptyAuth */
w = asn1_encode_boolean(w, w + sizeof(bool), true);
- if (WARN(IS_ERR(w), "BUG: Boolean failed to encode"))
- return PTR_ERR(w);
+ if (WARN(IS_ERR(w), "BUG: Boolean failed to encode")) {
+ ret = PTR_ERR(w);
+ goto err;
+ }
work = asn1_encode_tag(work, end_work, 0, bool, w - bool);
}
@@ -69,8 +72,10 @@ static int tpm2_key_encode(struct trusted_key_payload *payload,
* trigger, so if it does there's something nefarious going on
*/
if (WARN(work - scratch + pub_len + priv_len + 14 > SCRATCH_SIZE,
- "BUG: scratch buffer is too small"))
- return -EINVAL;
+ "BUG: scratch buffer is too small")) {
+ ret = -EINVAL;
+ goto err;
+ }
work = asn1_encode_integer(work, end_work, options->keyhandle);
work = asn1_encode_octet_string(work, end_work, pub, pub_len);
@@ -79,10 +84,17 @@ static int tpm2_key_encode(struct trusted_key_payload *payload,
work1 = payload->blob;
work1 = asn1_encode_sequence(work1, work1 + sizeof(payload->blob),
scratch, work - scratch);
- if (WARN(IS_ERR(work1), "BUG: ASN.1 encoder failed"))
- return PTR_ERR(work1);
+ if (WARN(IS_ERR(work1), "BUG: ASN.1 encoder failed")) {
+ ret = PTR_ERR(work1);
+ goto err;
+ }
+ kfree(scratch);
return work1 - payload->blob;
+
+err:
+ kfree(scratch);
+ return ret;
}
struct tpm2_key_context {
--
2.45.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH v2 2/2] KEYS: trusted: Do not use WARN when encode fails
2024-05-20 19:04 [PATCH v2 0/2] KEYS: trusted: bug fixes for v6.10-rc2 Jarkko Sakkinen
2024-05-20 19:04 ` [PATCH v2 1/2] KEYS: trusted: Fix memory leak in tpm2_key_encode() Jarkko Sakkinen
@ 2024-05-20 19:04 ` Jarkko Sakkinen
1 sibling, 0 replies; 3+ messages in thread
From: Jarkko Sakkinen @ 2024-05-20 19:04 UTC (permalink / raw)
To: linux-integrity
Cc: keyrings, James.Bottomley, Jarkko Sakkinen, stable, Mimi Zohar,
David Howells, Paul Moore, James Morris, Serge E. Hallyn,
linux-security-module, linux-kernel
When asn1_encode_sequence() fails, WARN is not the correct solution.
1. asn1_encode_sequence() is not an internal function (located
in lib/asn1_encode.c).
2. Location is known, which makes the stack trace useless.
3. Results a crash if panic_on_warn is set.
It is also noteworthy that the use of WARN is undocumented, and it
should be avoided unless there is a carefully considered rationale to
use it.
Replace WARN with pr_err, and print the return value instead, which is
only useful piece of information.
Cc: stable@vger.kernel.org # v5.13+
Fixes: f2219745250f ("security: keys: trusted: use ASN.1 TPM2 key format for the blobs")
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
---
security/keys/trusted-keys/trusted_tpm2.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
index c6882f5d094f..8b7dd73d94c1 100644
--- a/security/keys/trusted-keys/trusted_tpm2.c
+++ b/security/keys/trusted-keys/trusted_tpm2.c
@@ -84,8 +84,9 @@ static int tpm2_key_encode(struct trusted_key_payload *payload,
work1 = payload->blob;
work1 = asn1_encode_sequence(work1, work1 + sizeof(payload->blob),
scratch, work - scratch);
- if (WARN(IS_ERR(work1), "BUG: ASN.1 encoder failed")) {
+ if (IS_ERR(work1)) {
ret = PTR_ERR(work1);
+ pr_err("BUG: ASN.1 encoder failed with %d\n", ret);
goto err;
}
--
2.45.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-05-20 19:05 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-05-20 19:04 [PATCH v2 0/2] KEYS: trusted: bug fixes for v6.10-rc2 Jarkko Sakkinen
2024-05-20 19:04 ` [PATCH v2 1/2] KEYS: trusted: Fix memory leak in tpm2_key_encode() Jarkko Sakkinen
2024-05-20 19:04 ` [PATCH v2 2/2] KEYS: trusted: Do not use WARN when encode fails Jarkko Sakkinen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.