Received: by 2002:a05:7412:1e0b:b0:fc:a2b0:25d7 with SMTP id kr11csp1187436rdb;
        Fri, 16 Feb 2024 07:49:33 -0800 (PST)
X-Forwarded-Encrypted: i=3; AJvYcCVjFqQ82YuYd6n/0fxkcEhxdPietLbZE+IZNdNemVRMt/kNO24XfIBWHJ1miwIaBqg16GXwqaofxvmGmaE6QLCGIhTrI0c+vdzmdfdp2A==
X-Google-Smtp-Source: AGHT+IFLxanQ2WkLFnVw0xhzojb6IfIdTiA+xOxiDAm5AEp3dCGZU7gkVnPTqkgZamjOWczbt6Mu
X-Received: by 2002:a05:6358:d391:b0:178:a555:c312 with SMTP id mp17-20020a056358d39100b00178a555c312mr5352899rwb.32.1708098573364;
        Fri, 16 Feb 2024 07:49:33 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1708098573; cv=pass;
        d=google.com; s=arc-20160816;
        b=QVz4JgA9J95qCwHpALHadCr6MXaQD/CC2C+D3h1M3WprMUk1QHrGVMc6kSzknSLwTO
         QL4kqdLOYXd4/0h0Wymi/xlKmo/hiMrolcEPVwYTofaG8sXMoOhz7j81meFZ0SSPVQ6L
         nDPKxd3tGxB0VXaEn3bQGsPgqokYgYA2ngwWN7xYa+IYj7Gs5lRddU0ZV6tzF2eJEoHx
         dp3MGU6jjFgsL+ywc0wQWeG6ov0aMFT7p0DqL/wlgS/6TTXA3PG4O14dq0TgG/bQYJRt
         3cydA4JILSIZbIAPA8aenIgWAHkuTqqd5tddpozLjheQXKEesrrVRwFNjiBAKXa3X35K
         Q8PQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:in-reply-to:message-id
         :date:subject:cc:to:from;
        bh=kqTJaGcttB/9z3nQaNA2GTz6//4MEESHwUGRoOsf7Vs=;
        fh=SbUOXa4Sh89uXGrKp7e9AgKeA+te2bDIZodarB69gbw=;
        b=yAjvQMFUsoxWq9cycBkZzxFXBdjCV0tiai9MzEuU3y5QciTZtS0Lnxt3KsVtxmXBnO
         X3qxzyOp/z6pkzZX8yPnaUHB2h8eBj14XOw+m4OMlFQeGkHySn8BGXfCbJRYlN8fwYHh
         LKtExolD2HK+P92HiI3POwItJoWNidGZZcUl0L+rldgaf04/eTgY9rj5DXomSkQym6OA
         5enkVFikCfv1Y3l/4F1uZPSM6d/q/ztFq/Su3tdWxFYbMop/+Oe0Jp4eM4fY27MOdgey
         qvoWm8/CezfAzBsQ8Etv94gbgvsuUQaMtinF0UB9yJLNNpRt3G9KFZ5rAROsXFejTzZT
         eXcA==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       arc=pass (i=1 spf=pass spfdomain=huaweicloud.com);
       spf=pass (google.com: domain of linux-kernel+bounces-68877-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-68877-linux.lists.archive=gmail.com@vger.kernel.org"
Return-Path: <linux-kernel+bounces-68877-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161])
        by mx.google.com with ESMTPS id v11-20020aa799cb000000b006e08125660csi85529pfi.367.2024.02.16.07.49.32
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 16 Feb 2024 07:49:33 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-68877-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161;
Authentication-Results: mx.google.com;
       arc=pass (i=1 spf=pass spfdomain=huaweicloud.com);
       spf=pass (google.com: domain of linux-kernel+bounces-68877-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-68877-linux.lists.archive=gmail.com@vger.kernel.org"
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sy.mirrors.kernel.org (Postfix) with ESMTPS id 45ABEB24A90
	for <linux.lists.archive@gmail.com>; Fri, 16 Feb 2024 15:36:00 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id B60461369A9;
	Fri, 16 Feb 2024 15:27:09 +0000 (UTC)
Received: from frasgout11.his.huawei.com (frasgout11.his.huawei.com [14.137.139.23])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1908212FB39;
	Fri, 16 Feb 2024 15:27:06 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=14.137.139.23
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1708097229; cv=none; b=Z0Blk9suHvS9o2KqHjVRMvdcFJnYzonPY0/kdxSnOJ/ajlgJJDHxALs4+yDnK1t1aOA17SE0d21cGQkyvMctX7Eh9XhzZ/JWKW5Wjv0Sx1CIRgPafmLRE420kpWTlZpATiqiRAJTGt/3OHD4/As8mrJMibA2X+ocE/KEug2jG6E=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1708097229; c=relaxed/simple;
	bh=u7/YS5J8Vf8MmPiw9ZXI7Ey7ekL1SjQqCgB9ejASgmA=;
	h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:
	 MIME-Version; b=HRMdNN9A2MhFC0SmDz+yqj+/KHPhkKIRACIZambS+2GHA1mlLO0CkJ8VQr8dAGg7oGxsHziql+OVT9L7cIaHNoeeyHZmXnsYCnSaUvv+pYwVn/Xm9Pn+yk3jKF8wrj99FXUNWlzy32sobxrEmWQ1OsiTBbqL92rWv7UUCyeJecs=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=huaweicloud.com; spf=pass smtp.mailfrom=huaweicloud.com; arc=none smtp.client-ip=14.137.139.23
Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=huaweicloud.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=huaweicloud.com
Received: from mail.maildlp.com (unknown [172.18.186.29])
	by frasgout11.his.huawei.com (SkyGuard) with ESMTP id 4TbwPs0nFrz9yTLg;
	Fri, 16 Feb 2024 23:11:45 +0800 (CST)
Received: from mail02.huawei.com (unknown [7.182.16.27])
	by mail.maildlp.com (Postfix) with ESMTP id 1DF8C140732;
	Fri, 16 Feb 2024 23:27:04 +0800 (CST)
Received: from huaweicloud.com (unknown [10.48.131.30])
	by APP2 (Coremail) with SMTP id GxC2BwAHQCRBfs9lTLSaAg--.11044S9;
	Fri, 16 Feb 2024 16:27:03 +0100 (CET)
From: Petr Tesarik <petrtesarik@huaweicloud.com>
To: Dave Hansen <dave.hansen@intel.com>
Cc: =?UTF-8?B?UGV0ciBUZXNhxZnDrWs=?= <petr@tesarici.cz>,
	Petr Tesarik <petrtesarik@huaweicloud.com>,
	Jonathan Corbet <corbet@lwn.net>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>,
	Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	"maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@kernel.org>,
	"H. Peter Anvin" <hpa@zytor.com>,
	Andy Lutomirski <luto@kernel.org>,
	Oleg Nesterov <oleg@redhat.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Xin Li <xin3.li@intel.com>,
	Arnd Bergmann <arnd@arndb.de>,
	Andrew Morton <akpm@linux-foundation.org>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Kees Cook <keescook@chromium.org>,
	"Masami Hiramatsu (Google)" <mhiramat@kernel.org>,
	Pengfei Xu <pengfei.xu@intel.com>,
	Josh Poimboeuf <jpoimboe@kernel.org>,
	Ze Gao <zegao2021@gmail.com>,
	"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
	Kai Huang <kai.huang@intel.com>,
	David Woodhouse <dwmw@amazon.co.uk>,
	Brian Gerst <brgerst@gmail.com>,
	Jason Gunthorpe <jgg@ziepe.ca>,
	Joerg Roedel <jroedel@suse.de>,
	"Mike Rapoport (IBM)" <rppt@kernel.org>,
	Tina Zhang <tina.zhang@intel.com>,
	Jacob Pan <jacob.jun.pan@linux.intel.com>,
	"open list:DOCUMENTATION" <linux-doc@vger.kernel.org>,
	open list <linux-kernel@vger.kernel.org>,
	Roberto Sassu <roberto.sassu@huaweicloud.com>,
	David Howells <dhowells@redhat.com>,
	Petr Tesarik <petr.tesarik1@huawei-partners.com>
Subject: [RFC 7/8] KEYS: Run PGP key parser in a sandbox
Date: Fri, 16 Feb 2024 16:24:34 +0100
Message-Id: <20240216152435.1575-8-petrtesarik@huaweicloud.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20240216152435.1575-1-petrtesarik@huaweicloud.com>
References: <fb4a40c7-af9a-406a-95ab-406595f3ffe5@intel.com>
 <20240216152435.1575-1-petrtesarik@huaweicloud.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-CM-TRANSID:GxC2BwAHQCRBfs9lTLSaAg--.11044S9
X-Coremail-Antispam: 1UD129KBjvJXoW7WrW8JrW5KFyxGrW7CFWkXrb_yoW8Cw47pF
	W8Cws5KFWrKr1Skay3Ar43C34FyF48AFW7Kayxta1ay3sIqw1DGFZ29r4jgF1YyF4kJw1r
	ArWvga4Uur4DtrJanT9S1TB71UUUUUDqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2
	9KBjDU0xBIdaVrnRJUUUmv14x267AKxVWrJVCq3wAFc2x0x2IEx4CE42xK8VAvwI8IcIk0
	rVWrJVCq3wAFIxvE14AKwVWUJVWUGwA2048vs2IY020E87I2jVAFwI0_JF0E3s1l82xGYI
	kIc2x26xkF7I0E14v26ryj6s0DM28lY4IEw2IIxxk0rwA2F7IY1VAKz4vEj48ve4kI8wA2
	z4x0Y4vE2Ix0cI8IcVAFwI0_JFI_Gr1l84ACjcxK6xIIjxv20xvEc7CjxVAFwI0_Gr1j6F
	4UJwA2z4x0Y4vEx4A2jsIE14v26r4j6F4UM28EF7xvwVC2z280aVCY1x0267AKxVWxJr0_
	GcWle2I262IYc4CY6c8Ij28IcVAaY2xG8wAqx4xG64xvF2IEw4CE5I8CrVC2j2WlYx0E2I
	x0cI8IcVAFwI0_Jr0_Jr4lYx0Ex4A2jsIE14v26r1j6r4UMcvjeVCFs4IE7xkEbVWUJVW8
	JwACjcxG0xvY0x0EwIxGrwACjI8F5VA0II8E6IAqYI8I648v4I1lFIxGxcIEc7CjxVA2Y2
	ka0xkIwI1lc7CjxVAaw2AFwI0_GFv_Wryl42xK82IYc2Ij64vIr41l4I8I3I0E4IkC6x0Y
	z7v_Jr0_Gr1lx2IqxVAqx4xG67AKxVWUJVWUGwC20s026x8GjcxK67AKxVWUGVWUWwC2zV
	AF1VAY17CE14v26rWY6r4UJwCIc40Y0x0EwIxGrwCI42IY6xIIjxv20xvE14v26r1I6r4U
	MIIF0xvE2Ix0cI8IcVCY1x0267AKxVW8Jr0_Cr1UMIIF0xvE42xK8VAvwI8IcIk0rVWUJV
	WUCwCI42IY6I8E87Iv67AKxVW8JVWxJwCI42IY6I8E87Iv6xkF7I0E14v26r4UJVWxJrUv
	cSsGvfC2KfnxnUUI43ZEXa7sRiHUDtUUUUU==
X-CM-SenderInfo: hshw23xhvd2x3n6k3tpzhluzxrxghudrp/

From: Roberto Sassu <roberto.sassu@huawei.com>

Test it with:

gpg --dearmor < <PGP key> | keyctl padd asymmetric "" @u

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
 crypto/asymmetric_keys/pgp_public_key.c | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/crypto/asymmetric_keys/pgp_public_key.c b/crypto/asymmetric_keys/pgp_public_key.c
index 0529c8ce2d43..876bb83abdd5 100644
--- a/crypto/asymmetric_keys/pgp_public_key.c
+++ b/crypto/asymmetric_keys/pgp_public_key.c
@@ -10,6 +10,7 @@
 #include <linux/kernel.h>
 #include <linux/slab.h>
 #include <linux/mpi.h>
+#include <linux/sbm.h>
 #include <keys/asymmetric-subtype.h>
 #include <keys/asymmetric-parser.h>
 #include <crypto/hash.h>
@@ -310,6 +311,12 @@ static struct asymmetric_key_ids *pgp_key_generate_id(
 	return NULL;
 }
 
+static SBM_DEFINE_FUNC(parse_key, const unsigned char *, data, size_t, datalen,
+		       struct pgp_key_data_parse_context *, ctx)
+{
+	return pgp_parse_packets(data, datalen, &ctx->pgp);
+}
+
 /*
  * Attempt to parse the instantiation data blob for a key as a PGP packet
  * message holding a key.
@@ -318,6 +325,7 @@ static int pgp_key_parse(struct key_preparsed_payload *prep)
 {
 	struct pgp_key_data_parse_context *ctx;
 	struct public_key *pub = NULL;
+	struct sbm sbm;
 	int ret;
 
 	kenter("");
@@ -332,7 +340,16 @@ static int pgp_key_parse(struct key_preparsed_payload *prep)
 				     (1 << PGP_PKT_USER_ID);
 	ctx->pgp.process_packet = pgp_process_public_key;
 
-	ret = pgp_parse_packets(prep->data, prep->datalen, &ctx->pgp);
+	sbm_init(&sbm);
+	ret = sbm_call(&sbm, parse_key,
+		       SBM_COPY_IN(&sbm, prep->data, prep->datalen),
+		       prep->datalen, SBM_COPY_INOUT(&sbm, ctx, sizeof(*ctx)));
+	sbm_destroy(&sbm);
+
+	if (ret < 0)
+		goto error;
+
+	ret = sbm_error(&sbm);
 	if (ret < 0)
 		goto error;
 
-- 
2.34.1