[PATCH v3 0/1] pkey: Fix for PKEY_VERIFYPROTK ioctl

[PATCH v3 0/1] pkey: Fix for PKEY_VERIFYPROTK ioctl

[Holger Dengler]

The PKEY_VERIFYPROTK ioctl is used to verify protected key blobs. The
verification is mainly done y the called handler implementations. The
following patch 1/1 removes the (broken) length check in the generic API
code. The deep-inspection of the key blob is handler-specific.

The v1 of this series has fixed the length calculation for the keysize, so
that the correct keytype can be derived from it. But this is a violation of
the layering in pkey, where only the handlers should have a deep knowledge
of the key blobs. Therefore, v2 now removes the keysize calculation and the
keytype check, as it is always done by the handler.

The v2 has been rebased to the current master, as it adds a missing length
check for the ioctl request structure. This addresses one comment of the
Sashiko AI review.

Changes since v2:
- Re-phrase the commit message and summary line
- Pick R-b

Changes since v1:
- Remove the keytype check (instead of fix the length calculation)
- Add stable tag
- Rebase to current master

The patch applies to Linus' master branch.

Holger Dengler (1):
  pkey: Move keytype check from pkey api to handler

 drivers/s390/crypto/pkey_api.c | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)


base-commit: 502d801f0ab03e4f32f9a33d203154ce84887921
-- 
2.54.0

[PATCH v3 1/1] pkey: Move keytype check from pkey api to handler

[Holger Dengler]

The PKEY_VERIFYPROTK ioctl takes data from user-space and verifies the
contained protected key. While checking the integrity of the ioctl
request structure is the responsibility of the generic pkey_api code,
the verification of the contained protected key is the responsibility
of the pkey handler.

The keytype verification (based on the calculated bitsize of the key)
is part of the protected key verification and therefore the
responsibility of the pkey handler (which already verifies
it). Therefore the keytype verification is removed from the generic
pkey_api code.

As the calculation of the key bitsize is currently wrong, the removal
of the keytype check in pkey_api also removes this wrong
calculation. For this reason, the commit is flagged with the Fixes:
tag.

Cc: stable@kernel.org # 6.12+
Fixes: 8fcc231ce3be ("s390/pkey: Introduce pkey base with handler registry and handler modules")
Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
Signed-off-by: Holger Dengler <dengler@linux.ibm.com>
---
 drivers/s390/crypto/pkey_api.c | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/drivers/s390/crypto/pkey_api.c b/drivers/s390/crypto/pkey_api.c
index 28e1007005f2..5d8f63f390a8 100644
--- a/drivers/s390/crypto/pkey_api.c
+++ b/drivers/s390/crypto/pkey_api.c
@@ -327,7 +327,6 @@ static int pkey_ioctl_verifyprotk(struct pkey_verifyprotk __user *uvp)
 {
 	struct pkey_verifyprotk kvp;
 	struct protaeskeytoken *t;
-	u32 keytype;
 	u8 *tmpbuf;
 	int rc;
 
@@ -341,14 +340,6 @@ static int pkey_ioctl_verifyprotk(struct pkey_verifyprotk __user *uvp)
 		return -EINVAL;
 	}
 
-	keytype = pkey_aes_bitsize_to_keytype(8 * kvp.protkey.len);
-	if (!keytype) {
-		PKEY_DBF_ERR("%s unknown/unsupported protkey length %u\n",
-			     __func__, kvp.protkey.len);
-		memzero_explicit(&kvp, sizeof(kvp));
-		return -EINVAL;
-	}
-
 	/* build a 'protected key token' from the raw protected key */
 	tmpbuf = kzalloc(sizeof(*t), GFP_KERNEL);
 	if (!tmpbuf) {
@@ -358,7 +349,7 @@ static int pkey_ioctl_verifyprotk(struct pkey_verifyprotk __user *uvp)
 	t = (struct protaeskeytoken *)tmpbuf;
 	t->type = TOKTYPE_NON_CCA;
 	t->version = TOKVER_PROTECTED_KEY;
-	t->keytype = keytype;
+	t->keytype = kvp.protkey.type;
 	t->len = kvp.protkey.len;
 	memcpy(t->protkey, kvp.protkey.protkey, kvp.protkey.len);
 
-- 
2.54.0

Re: [PATCH v3 1/1] pkey: Move keytype check from pkey api to handler

[Harald Freudenberger]

On 2026-06-23 16:20, Holger Dengler wrote:
> The PKEY_VERIFYPROTK ioctl takes data from user-space and verifies the
> contained protected key. While checking the integrity of the ioctl
> request structure is the responsibility of the generic pkey_api code,
> the verification of the contained protected key is the responsibility
> of the pkey handler.
> 
> The keytype verification (based on the calculated bitsize of the key)
> is part of the protected key verification and therefore the
> responsibility of the pkey handler (which already verifies
> it). Therefore the keytype verification is removed from the generic
> pkey_api code.
> 
> As the calculation of the key bitsize is currently wrong, the removal
> of the keytype check in pkey_api also removes this wrong
> calculation. For this reason, the commit is flagged with the Fixes:
> tag.
> 
> Cc: stable@kernel.org # 6.12+
> Fixes: 8fcc231ce3be ("s390/pkey: Introduce pkey base with handler
> registry and handler modules")
> Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
> Signed-off-by: Holger Dengler <dengler@linux.ibm.com>
> ---
>  drivers/s390/crypto/pkey_api.c | 11 +----------
>  1 file changed, 1 insertion(+), 10 deletions(-)
> 
> diff --git a/drivers/s390/crypto/pkey_api.c 
> b/drivers/s390/crypto/pkey_api.c
> index 28e1007005f2..5d8f63f390a8 100644
> --- a/drivers/s390/crypto/pkey_api.c
> +++ b/drivers/s390/crypto/pkey_api.c
> @@ -327,7 +327,6 @@ static int pkey_ioctl_verifyprotk(struct
> pkey_verifyprotk __user *uvp)
>  {
>  	struct pkey_verifyprotk kvp;
>  	struct protaeskeytoken *t;
> -	u32 keytype;
>  	u8 *tmpbuf;
>  	int rc;
> 
> @@ -341,14 +340,6 @@ static int pkey_ioctl_verifyprotk(struct
> pkey_verifyprotk __user *uvp)
>  		return -EINVAL;
>  	}
> 
> -	keytype = pkey_aes_bitsize_to_keytype(8 * kvp.protkey.len);
> -	if (!keytype) {
> -		PKEY_DBF_ERR("%s unknown/unsupported protkey length %u\n",
> -			     __func__, kvp.protkey.len);
> -		memzero_explicit(&kvp, sizeof(kvp));
> -		return -EINVAL;
> -	}
> -
>  	/* build a 'protected key token' from the raw protected key */
>  	tmpbuf = kzalloc(sizeof(*t), GFP_KERNEL);
>  	if (!tmpbuf) {
> @@ -358,7 +349,7 @@ static int pkey_ioctl_verifyprotk(struct
> pkey_verifyprotk __user *uvp)
>  	t = (struct protaeskeytoken *)tmpbuf;
>  	t->type = TOKTYPE_NON_CCA;
>  	t->version = TOKVER_PROTECTED_KEY;
> -	t->keytype = keytype;
> +	t->keytype = kvp.protkey.type;
>  	t->len = kvp.protkey.len;
>  	memcpy(t->protkey, kvp.protkey.protkey, kvp.protkey.len);

Reviewed-by: Harald Freudenberger <freude@linux.ibm.com>

Re: [PATCH v3 1/1] pkey: Move keytype check from pkey api to handler

[Alexander Gordeev]

On Tue, Jun 23, 2026 at 04:20:31PM +0200, Holger Dengler wrote:
> The PKEY_VERIFYPROTK ioctl takes data from user-space and verifies the
> contained protected key. While checking the integrity of the ioctl
> request structure is the responsibility of the generic pkey_api code,
> the verification of the contained protected key is the responsibility
> of the pkey handler.
> 
> The keytype verification (based on the calculated bitsize of the key)
> is part of the protected key verification and therefore the
> responsibility of the pkey handler (which already verifies
> it). Therefore the keytype verification is removed from the generic
> pkey_api code.
> 
> As the calculation of the key bitsize is currently wrong, the removal
> of the keytype check in pkey_api also removes this wrong
> calculation. For this reason, the commit is flagged with the Fixes:
> tag.
> 
> Cc: stable@kernel.org # 6.12+
> Fixes: 8fcc231ce3be ("s390/pkey: Introduce pkey base with handler registry and handler modules")
> Reviewed-by: Ingo Franzki <ifranzki@linux.ibm.com>
> Signed-off-by: Holger Dengler <dengler@linux.ibm.com>
> ---
>  drivers/s390/crypto/pkey_api.c | 11 +----------
>  1 file changed, 1 insertion(+), 10 deletions(-)

Applied, thanks!