Received: by 2002:a05:6a10:af89:0:0:0:0 with SMTP id iu9csp2053116pxb;
        Sun, 16 Jan 2022 08:22:52 -0800 (PST)
X-Google-Smtp-Source: ABdhPJyv+GmxTbhEZC30guQjHW6lPPV6JraNtemyNFiOOrqcjam7ALCzPvJe+zIg6bS8dkUM3sB6
X-Received: by 2002:a63:78c5:: with SMTP id t188mr15944357pgc.363.1642350171816;
        Sun, 16 Jan 2022 08:22:51 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1642350171; cv=none;
        d=google.com; s=arc-20160816;
        b=nf+7YiaNP8Oe4rUAx7tXm4eu0lIjh024miIHlbNR5p54rFBnXwZFEEUPPujHXKriiP
         BsYgyWlgmz65s/stp+tf3VRpnvT+zwY3ePXRSPgcMZ7l55kzp2B6by+ZdCoobEgHy91d
         csrGQb3G8DTB6euLi90Ig7E/ogThmcja54xVvr2NtanPGmj8hdPADimFXuq1bRptgxlm
         +c8hZcsIsxLMAGzSfogOobXXn+cZjSEhwPUWu+4udWrHkG1K+/Qr3C8V2At6lz15xl93
         U/qYIYoMigFZg0eeSZ0CRn0zL9kM7scoTdm1nXPBT2bh6eWAY6SyKGL92j7bq59rs/3I
         PMTw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=Qv0GzWPgxiM83+1gtuNBu9yHWZUBWhXn/IrN9HsJ1dU=;
        b=eGq3B0aX6NQ2BP4JB8XOXz6LAoInTo1kqT3y4OqLP119HjaLmuMKzlqo/4X0Ce8ScA
         LA0mQb3GwEwuer2eIWfAZMuFo4y98MJdLwVduSxa6IcaKysBCdBkoOo+82vGbMqqpaEq
         aRQ0MMfvnxQQbDvnibyLu8ajmpUL6f0XI5TOTHw1TiCaBFc0MriRZGgQ3gNNI5I6Y9JV
         Fej+QHLR9+7i0N67BCwQBB2yXbtVk8u1FI1oStdybYL19jBNU8o18IWL52B2PilJifYk
         dVVo4QSgxFnqJIgmvi/L5NboBwJwpplV1CgHZTjQgHfgyJ6O06qRODADldRAwiXI9NqX
         CXsQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Z53PbNuB;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id j3si10683520pjs.63.2022.01.16.08.22.39;
        Sun, 16 Jan 2022 08:22:51 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Z53PbNuB;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231645AbiAOTxj (ORCPT <rfc822;linux.lists.archive@gmail.com>
        + 99 others); Sat, 15 Jan 2022 14:53:39 -0500
Received: from ams.source.kernel.org ([145.40.68.75]:38770 "EHLO
        ams.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229703AbiAOTxj (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Sat, 15 Jan 2022 14:53:39 -0500
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ams.source.kernel.org (Postfix) with ESMTPS id C73C3B80AF2;
        Sat, 15 Jan 2022 19:53:37 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 41BB5C36AE7;
        Sat, 15 Jan 2022 19:53:36 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1642276416;
        bh=YxN1ydtr52PL3Ynys1IZmTX5ThAF9iwp9eJjSAzaRkc=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=Z53PbNuBaq0NfIeRIRLWSAt7/3ZYhsbjQLVvo0HqRBE89fGh5JWR5JT3ei+6NCCYW
         TtxeSXqcsfoRuIJvrOCP5dkP3T0Gg7Ou3h4sS4UyzjWgUlLBvGkA+CzTlnpBiLOdYk
         d1Gy438bDosJXvDwNb7F9aC1zx0/kg2dfxlE74wRjf/VNygWQN3CxHOF34SpkpXON4
         0JZjMSF7WBjVI/O8mUQqpmMI2YevO1lGgfWHkaG6Q0C2RBV2ApJMXB6KonNXG+yslP
         E4KmuYcvie5O3Eosw+YXSBBO8zzZUwamJsQgeEEa534pb8X40tpkqWZYP/dUTmPt9Z
         4tBduESFiq0eg==
Date:   Sat, 15 Jan 2022 11:53:34 -0800
From:   Eric Biggers <ebiggers@kernel.org>
To:     Jarkko Sakkinen <jarkko@kernel.org>
Cc:     keyrings@vger.kernel.org, David Howells <dhowells@redhat.com>,
        linux-crypto@vger.kernel.org,
        Marcel Holtmann <marcel@holtmann.org>,
        Denis Kenzior <denkenz@gmail.com>, stable@vger.kernel.org
Subject: Re: [PATCH] KEYS: fix length validation in keyctl_pkey_params_get_2()
Message-ID: <YeMmPs+gf+q7XUv4@sol.localdomain>
References: <20220113200454.72609-1-ebiggers@kernel.org>
 <YeMWLyceg4xcwShF@iki.fi>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <YeMWLyceg4xcwShF@iki.fi>
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Sat, Jan 15, 2022 at 08:45:03PM +0200, Jarkko Sakkinen wrote:
> On Thu, Jan 13, 2022 at 12:04:54PM -0800, Eric Biggers wrote:
> > From: Eric Biggers <ebiggers@google.com>
> > 
> > In many cases, keyctl_pkey_params_get_2() is validating the user buffer
> > lengths against the wrong algorithm properties.  Fix it to check against
> > the correct properties.
> > 
> > Probably this wasn't noticed before because for all asymmetric keys of
> > the "public_key" subtype, max_data_size == max_sig_size == max_enc_size
> > == max_dec_size.  However, this isn't necessarily true for the
> > "asym_tpm" subtype (it should be, but it's not strictly validated).  Of
> > course, future key types could have different values as well.
> 
> With a quick look, asym_tpm is TPM 1.x only, which only has 2048-bit RSA
> keys.

The code allows other lengths, as well as the case where the "RSA key size"
doesn't match the "public key size".  Probably both are bugs and they should
both be 256 bytes (2048 bits) only.  Anyway, that would be a separate fix.

- Eric