From: Harald Freudenberger <freude@linux.ibm.com>
To: Ingo Franzki <ifranzki@linux.ibm.com>
Cc: Holger Dengler <dengler@linux.ibm.com>,
linux-s390@vger.kernel.org, Heiko Carstens <hca@linux.ibm.com>,
Vasily Gorbik <gor@linux.ibm.com>,
Alexander Gordeev <agordeev@linux.ibm.com>
Subject: Re: [PATCH v1 1/1] pkey: Fix bitsize check in PKEY_VERIFYPROTK ioctl
Date: Fri, 19 Jun 2026 10:43:57 +0200 [thread overview]
Message-ID: <c701bc8554683dab75d5fcd95f01175b@linux.ibm.com> (raw)
In-Reply-To: <a4234cb9-5d92-4b97-979d-2b0be9cbeb1e@linux.ibm.com>
On 2026-06-19 10:32, Ingo Franzki wrote:
> On 19.06.2026 09:45, Holger Dengler wrote:
>> As part of the verification, the PKEY_VERIFYPROTK ioctl checks for
>> supported keytype, which are derived from the bit-size of the key. The
>> calculation for the bit-size of a protected key has to take into
>> account, that the length of the protected key blob also includes the
>> length of the wrapping key verification pattern (WKVP). Subtract the
>> length of the MKVP from the protected key length fixes this
>> calculation.
>>
>> Fixes: 8fcc231ce3be ("s390/pkey: Introduce pkey base with handler
>> registry and handler modules")
>> Signed-off-by: Holger Dengler <dengler@linux.ibm.com>
>> ---
>> drivers/s390/crypto/pkey_api.c | 3 ++-
>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/s390/crypto/pkey_api.c
>> b/drivers/s390/crypto/pkey_api.c
>> index d6b595eb3370..2160e1de3014 100644
>> --- a/drivers/s390/crypto/pkey_api.c
>> +++ b/drivers/s390/crypto/pkey_api.c
>> @@ -334,7 +334,8 @@ static int pkey_ioctl_verifyprotk(struct
>> pkey_verifyprotk __user *uvp)
>> if (copy_from_user(&kvp, uvp, sizeof(kvp)))
>> return -EFAULT;
>>
>> - keytype = pkey_aes_bitsize_to_keytype(8 * kvp.protkey.len);
>> + keytype = pkey_aes_bitsize_to_keytype(8 * (kvp.protkey.len -
>> + AES_WK_VP_SIZE));
>> if (!keytype) {
>> PKEY_DBF_ERR("%s unknown/unsupported protkey length %u\n",
>> __func__, kvp.protkey.len);
>
> Why not simply use
>
> t->keytype = kvp.protkey.type;
>
> and remove the whole 'keytype = pkey_aes_bitsize_to_keytype(....)'
> thing ?
> The type of the protected key is already contained in the protected
> key structure, so why trying to guess it from the size again?
Not sure how this comes from. However, as this function anyway is only
valid to be called for protected AES keys I would stay with the guessing
from the length.
>
> You will need a length check for the 'memcpy(t->protkey,
> kvp.protkey.protkey, kvp.protkey.len);' (regardless of how you
> determine the type).
As you wrote, the length still needs to be checked here for <=
sizeof(t->protkey).
next prev parent reply other threads:[~2026-06-19 8:44 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-19 7:45 [PATCH v1 0/1] pkey: Fix for PKEY_VERIFYPROTK ioctl Holger Dengler
2026-06-19 7:45 ` [PATCH v1 1/1] pkey: Fix bitsize check in " Holger Dengler
2026-06-19 8:00 ` sashiko-bot
2026-06-19 8:02 ` Holger Dengler
2026-06-19 8:32 ` Ingo Franzki
2026-06-19 8:43 ` Harald Freudenberger [this message]
2026-06-19 9:17 ` Ingo Franzki
2026-06-19 8:45 ` Holger Dengler
2026-06-19 8:55 ` Ingo Franzki
2026-06-19 9:34 ` Alexander Gordeev
2026-06-19 10:35 ` Holger Dengler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c701bc8554683dab75d5fcd95f01175b@linux.ibm.com \
--to=freude@linux.ibm.com \
--cc=agordeev@linux.ibm.com \
--cc=dengler@linux.ibm.com \
--cc=gor@linux.ibm.com \
--cc=hca@linux.ibm.com \
--cc=ifranzki@linux.ibm.com \
--cc=linux-s390@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox