* [PATCH] KEYS: trusted: Fix overwrite of keyhandle parameter
@ 2025-12-08 14:54 Jarkko Sakkinen
2025-12-08 18:56 ` Jarkko Sakkinen
0 siblings, 1 reply; 2+ messages in thread
From: Jarkko Sakkinen @ 2025-12-08 14:54 UTC (permalink / raw)
To: linux-integrity
Cc: Jarkko Sakkinen, stable, James Bottomley, Mimi Zohar,
David Howells, Paul Moore, James Morris, Serge E. Hallyn,
open list:KEYS-TRUSTED, open list:SECURITY SUBSYSTEM, open list
tpm2_key_decode() overrides the explicit keyhandle parameter, which can
lead to problems, if the loaded parent handle does not match the handle
stored to the key file. This can easily happen as handle by definition
is an ambiguous attribute.
Cc: stable@vger.kernel.org # v5.13+
Fixes: f2219745250f ("security: keys: trusted: use ASN.1 TPM2 key format for the blobs")
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
---
security/keys/trusted-keys/trusted_tpm2.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
index fb76c4ea496f..950684e54c71 100644
--- a/security/keys/trusted-keys/trusted_tpm2.c
+++ b/security/keys/trusted-keys/trusted_tpm2.c
@@ -121,7 +121,9 @@ static int tpm2_key_decode(struct trusted_key_payload *payload,
return -ENOMEM;
*buf = blob;
- options->keyhandle = ctx.parent;
+
+ if (!options->keyhandle)
+ options->keyhandle = ctx.parent;
memcpy(blob, ctx.priv, ctx.priv_len);
blob += ctx.priv_len;
--
2.39.5
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] KEYS: trusted: Fix overwrite of keyhandle parameter
2025-12-08 14:54 [PATCH] KEYS: trusted: Fix overwrite of keyhandle parameter Jarkko Sakkinen
@ 2025-12-08 18:56 ` Jarkko Sakkinen
0 siblings, 0 replies; 2+ messages in thread
From: Jarkko Sakkinen @ 2025-12-08 18:56 UTC (permalink / raw)
To: linux-integrity
Cc: stable, James Bottomley, Mimi Zohar, David Howells, Paul Moore,
James Morris, Serge E. Hallyn, open list:KEYS-TRUSTED,
open list:SECURITY SUBSYSTEM, open list
On Mon, Dec 08, 2025 at 04:54:35PM +0200, Jarkko Sakkinen wrote:
> tpm2_key_decode() overrides the explicit keyhandle parameter, which can
> lead to problems, if the loaded parent handle does not match the handle
> stored to the key file. This can easily happen as handle by definition
> is an ambiguous attribute.
>
> Cc: stable@vger.kernel.org # v5.13+
> Fixes: f2219745250f ("security: keys: trusted: use ASN.1 TPM2 key format for the blobs")
> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
What this means in practice is that sometimes you need either to:
1. Binary patch the key file.
2. Decompose/compose a key file
BR, Jarkko
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-12-08 18:56 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-12-08 14:54 [PATCH] KEYS: trusted: Fix overwrite of keyhandle parameter Jarkko Sakkinen
2025-12-08 18:56 ` Jarkko Sakkinen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).