Received: by 2002:a05:7412:1e0b:b0:fc:a2b0:25d7 with SMTP id kr11csp1187436rdb; Fri, 16 Feb 2024 07:49:33 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVjFqQ82YuYd6n/0fxkcEhxdPietLbZE+IZNdNemVRMt/kNO24XfIBWHJ1miwIaBqg16GXwqaofxvmGmaE6QLCGIhTrI0c+vdzmdfdp2A== X-Google-Smtp-Source: AGHT+IFLxanQ2WkLFnVw0xhzojb6IfIdTiA+xOxiDAm5AEp3dCGZU7gkVnPTqkgZamjOWczbt6Mu X-Received: by 2002:a05:6358:d391:b0:178:a555:c312 with SMTP id mp17-20020a056358d39100b00178a555c312mr5352899rwb.32.1708098573364; Fri, 16 Feb 2024 07:49:33 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708098573; cv=pass; d=google.com; s=arc-20160816; b=QVz4JgA9J95qCwHpALHadCr6MXaQD/CC2C+D3h1M3WprMUk1QHrGVMc6kSzknSLwTO QL4kqdLOYXd4/0h0Wymi/xlKmo/hiMrolcEPVwYTofaG8sXMoOhz7j81meFZ0SSPVQ6L nDPKxd3tGxB0VXaEn3bQGsPgqokYgYA2ngwWN7xYa+IYj7Gs5lRddU0ZV6tzF2eJEoHx dp3MGU6jjFgsL+ywc0wQWeG6ov0aMFT7p0DqL/wlgS/6TTXA3PG4O14dq0TgG/bQYJRt 3cydA4JILSIZbIAPA8aenIgWAHkuTqqd5tddpozLjheQXKEesrrVRwFNjiBAKXa3X35K Q8PQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from; bh=kqTJaGcttB/9z3nQaNA2GTz6//4MEESHwUGRoOsf7Vs=; fh=SbUOXa4Sh89uXGrKp7e9AgKeA+te2bDIZodarB69gbw=; b=yAjvQMFUsoxWq9cycBkZzxFXBdjCV0tiai9MzEuU3y5QciTZtS0Lnxt3KsVtxmXBnO X3qxzyOp/z6pkzZX8yPnaUHB2h8eBj14XOw+m4OMlFQeGkHySn8BGXfCbJRYlN8fwYHh LKtExolD2HK+P92HiI3POwItJoWNidGZZcUl0L+rldgaf04/eTgY9rj5DXomSkQym6OA 5enkVFikCfv1Y3l/4F1uZPSM6d/q/ztFq/Su3tdWxFYbMop/+Oe0Jp4eM4fY27MOdgey qvoWm8/CezfAzBsQ8Etv94gbgvsuUQaMtinF0UB9yJLNNpRt3G9KFZ5rAROsXFejTzZT eXcA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=huaweicloud.com); spf=pass (google.com: domain of linux-kernel+bounces-68877-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-68877-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id v11-20020aa799cb000000b006e08125660csi85529pfi.367.2024.02.16.07.49.32 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Feb 2024 07:49:33 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-68877-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=huaweicloud.com); spf=pass (google.com: domain of linux-kernel+bounces-68877-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-68877-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 45ABEB24A90 for ; Fri, 16 Feb 2024 15:36:00 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id B60461369A9; Fri, 16 Feb 2024 15:27:09 +0000 (UTC) Received: from frasgout11.his.huawei.com (frasgout11.his.huawei.com [14.137.139.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1908212FB39; Fri, 16 Feb 2024 15:27:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=14.137.139.23 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708097229; cv=none; b=Z0Blk9suHvS9o2KqHjVRMvdcFJnYzonPY0/kdxSnOJ/ajlgJJDHxALs4+yDnK1t1aOA17SE0d21cGQkyvMctX7Eh9XhzZ/JWKW5Wjv0Sx1CIRgPafmLRE420kpWTlZpATiqiRAJTGt/3OHD4/As8mrJMibA2X+ocE/KEug2jG6E= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708097229; c=relaxed/simple; bh=u7/YS5J8Vf8MmPiw9ZXI7Ey7ekL1SjQqCgB9ejASgmA=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=HRMdNN9A2MhFC0SmDz+yqj+/KHPhkKIRACIZambS+2GHA1mlLO0CkJ8VQr8dAGg7oGxsHziql+OVT9L7cIaHNoeeyHZmXnsYCnSaUvv+pYwVn/Xm9Pn+yk3jKF8wrj99FXUNWlzy32sobxrEmWQ1OsiTBbqL92rWv7UUCyeJecs= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=huaweicloud.com; spf=pass smtp.mailfrom=huaweicloud.com; arc=none smtp.client-ip=14.137.139.23 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=huaweicloud.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=huaweicloud.com Received: from mail.maildlp.com (unknown [172.18.186.29]) by frasgout11.his.huawei.com (SkyGuard) with ESMTP id 4TbwPs0nFrz9yTLg; Fri, 16 Feb 2024 23:11:45 +0800 (CST) Received: from mail02.huawei.com (unknown [7.182.16.27]) by mail.maildlp.com (Postfix) with ESMTP id 1DF8C140732; Fri, 16 Feb 2024 23:27:04 +0800 (CST) Received: from huaweicloud.com (unknown [10.48.131.30]) by APP2 (Coremail) with SMTP id GxC2BwAHQCRBfs9lTLSaAg--.11044S9; Fri, 16 Feb 2024 16:27:03 +0100 (CET) From: Petr Tesarik To: Dave Hansen Cc: =?UTF-8?B?UGV0ciBUZXNhxZnDrWs=?= , Petr Tesarik , Jonathan Corbet , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" , "H. Peter Anvin" , Andy Lutomirski , Oleg Nesterov , Peter Zijlstra , Xin Li , Arnd Bergmann , Andrew Morton , Rick Edgecombe , Kees Cook , "Masami Hiramatsu (Google)" , Pengfei Xu , Josh Poimboeuf , Ze Gao , "Kirill A. Shutemov" , Kai Huang , David Woodhouse , Brian Gerst , Jason Gunthorpe , Joerg Roedel , "Mike Rapoport (IBM)" , Tina Zhang , Jacob Pan , "open list:DOCUMENTATION" , open list , Roberto Sassu , David Howells , Petr Tesarik Subject: [RFC 7/8] KEYS: Run PGP key parser in a sandbox Date: Fri, 16 Feb 2024 16:24:34 +0100 Message-Id: <20240216152435.1575-8-petrtesarik@huaweicloud.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240216152435.1575-1-petrtesarik@huaweicloud.com> References: <20240216152435.1575-1-petrtesarik@huaweicloud.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-CM-TRANSID:GxC2BwAHQCRBfs9lTLSaAg--.11044S9 X-Coremail-Antispam: 1UD129KBjvJXoW7WrW8JrW5KFyxGrW7CFWkXrb_yoW8Cw47pF W8Cws5KFWrKr1Skay3Ar43C34FyF48AFW7Kayxta1ay3sIqw1DGFZ29r4jgF1YyF4kJw1r ArWvga4Uur4DtrJanT9S1TB71UUUUUDqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUUmv14x267AKxVWrJVCq3wAFc2x0x2IEx4CE42xK8VAvwI8IcIk0 rVWrJVCq3wAFIxvE14AKwVWUJVWUGwA2048vs2IY020E87I2jVAFwI0_JF0E3s1l82xGYI kIc2x26xkF7I0E14v26ryj6s0DM28lY4IEw2IIxxk0rwA2F7IY1VAKz4vEj48ve4kI8wA2 z4x0Y4vE2Ix0cI8IcVAFwI0_JFI_Gr1l84ACjcxK6xIIjxv20xvEc7CjxVAFwI0_Gr1j6F 4UJwA2z4x0Y4vEx4A2jsIE14v26r4j6F4UM28EF7xvwVC2z280aVCY1x0267AKxVWxJr0_ GcWle2I262IYc4CY6c8Ij28IcVAaY2xG8wAqx4xG64xvF2IEw4CE5I8CrVC2j2WlYx0E2I x0cI8IcVAFwI0_Jr0_Jr4lYx0Ex4A2jsIE14v26r1j6r4UMcvjeVCFs4IE7xkEbVWUJVW8 JwACjcxG0xvY0x0EwIxGrwACjI8F5VA0II8E6IAqYI8I648v4I1lFIxGxcIEc7CjxVA2Y2 ka0xkIwI1lc7CjxVAaw2AFwI0_GFv_Wryl42xK82IYc2Ij64vIr41l4I8I3I0E4IkC6x0Y z7v_Jr0_Gr1lx2IqxVAqx4xG67AKxVWUJVWUGwC20s026x8GjcxK67AKxVWUGVWUWwC2zV AF1VAY17CE14v26rWY6r4UJwCIc40Y0x0EwIxGrwCI42IY6xIIjxv20xvE14v26r1I6r4U MIIF0xvE2Ix0cI8IcVCY1x0267AKxVW8Jr0_Cr1UMIIF0xvE42xK8VAvwI8IcIk0rVWUJV WUCwCI42IY6I8E87Iv67AKxVW8JVWxJwCI42IY6I8E87Iv6xkF7I0E14v26r4UJVWxJrUv cSsGvfC2KfnxnUUI43ZEXa7sRiHUDtUUUUU== X-CM-SenderInfo: hshw23xhvd2x3n6k3tpzhluzxrxghudrp/ From: Roberto Sassu Test it with: gpg --dearmor < | keyctl padd asymmetric "" @u Signed-off-by: Roberto Sassu --- crypto/asymmetric_keys/pgp_public_key.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/crypto/asymmetric_keys/pgp_public_key.c b/crypto/asymmetric_keys/pgp_public_key.c index 0529c8ce2d43..876bb83abdd5 100644 --- a/crypto/asymmetric_keys/pgp_public_key.c +++ b/crypto/asymmetric_keys/pgp_public_key.c @@ -10,6 +10,7 @@ #include #include #include +#include #include #include #include @@ -310,6 +311,12 @@ static struct asymmetric_key_ids *pgp_key_generate_id( return NULL; } +static SBM_DEFINE_FUNC(parse_key, const unsigned char *, data, size_t, datalen, + struct pgp_key_data_parse_context *, ctx) +{ + return pgp_parse_packets(data, datalen, &ctx->pgp); +} + /* * Attempt to parse the instantiation data blob for a key as a PGP packet * message holding a key. @@ -318,6 +325,7 @@ static int pgp_key_parse(struct key_preparsed_payload *prep) { struct pgp_key_data_parse_context *ctx; struct public_key *pub = NULL; + struct sbm sbm; int ret; kenter(""); @@ -332,7 +340,16 @@ static int pgp_key_parse(struct key_preparsed_payload *prep) (1 << PGP_PKT_USER_ID); ctx->pgp.process_packet = pgp_process_public_key; - ret = pgp_parse_packets(prep->data, prep->datalen, &ctx->pgp); + sbm_init(&sbm); + ret = sbm_call(&sbm, parse_key, + SBM_COPY_IN(&sbm, prep->data, prep->datalen), + prep->datalen, SBM_COPY_INOUT(&sbm, ctx, sizeof(*ctx))); + sbm_destroy(&sbm); + + if (ret < 0) + goto error; + + ret = sbm_error(&sbm); if (ret < 0) goto error; -- 2.34.1