Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp3202431rwb; Fri, 9 Dec 2022 11:14:15 -0800 (PST) X-Google-Smtp-Source: AA0mqf5MI+gLI9of2FoiAEkVRXbKwyMKgUBuyYRDYr0MChKNMeLa4t0PclvBo2iGOe4U1wkJhTFT X-Received: by 2002:a05:6402:25c4:b0:463:3dd8:6d48 with SMTP id x4-20020a05640225c400b004633dd86d48mr6961438edb.39.1670613255136; Fri, 09 Dec 2022 11:14:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670613255; cv=none; d=google.com; s=arc-20160816; b=xyxz8+4QB8Cxau2D+yK+IomOesjuqCORJwLzNNwrP3XGLbRNfGHK9HIJjHLJ7jki8V 6A//q+sXIv1VR5ooHLLNRbE1DQta/3Yg34jPpY0ZZJ/VVHm7aHEvXj5uCPGQRKNRd+fN pLcgT0rsI0xsCBkxhzjXTJjlc2ba1hxTE2tfCgdWz8/QtKHPeosS7ntMpFPnUvGdqKzd j7G0FUcfPhYVUQDtYv03mToHMILDsG+Su3at2XmcAp2gIPRWbHLl69kipUJxGyb+3XzH J55nIKzkqkQ/X8KXDDUsMYHjNPfEGOg7ynF/7HPtgK7uL3yX9Wf6ztp6qE5KecwuSO2l sY2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=UTTpLCoWJZxG/+41ZZyZwvGn5E5w8qFoexih1o3iZHc=; b=vRSo8rGK0BIPimH2i9Qbam0wf94ifkp4PreXhh1vkA5exF8GbbN79JDGjoGAn04fuQ 7bsvGoTU+dk5Is34V3M6SoDpt6eirVJN5fy09q/oGPBbc+4NX7v//ZSu35T87hi2M1oo nBoiVwOh+cMs6n3c7/kpMdgWx4qpq/1QjTrg60wNVOT1H/w1EriR6RW9CbnKV3h6/PYx 6BVO+IfB4lf6xoF4iFI8JkpRQLLgp0BL7E5xnmFFbYQsY6IPg2pWWY6M2MtIiioJkB7a xv2iYxpi9cHCHiClRq0/IxY96myMB4nKy3lPfLSLT6XCaqzjdhSZgTV+lj7P5ASv2hoK Tk3g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=tLMnJl1P; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id hz5-20020a1709072ce500b007ae127c6c7asi545064ejc.176.2022.12.09.11.13.44; Fri, 09 Dec 2022 11:14:15 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=tLMnJl1P; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229849AbiLITE1 (ORCPT + 99 others); Fri, 9 Dec 2022 14:04:27 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45848 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229556AbiLITE0 (ORCPT ); Fri, 9 Dec 2022 14:04:26 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AE373DF83; Fri, 9 Dec 2022 11:04:25 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 3AA926230A; Fri, 9 Dec 2022 19:04:25 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2B0F6C433EF; Fri, 9 Dec 2022 19:04:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1670612664; bh=yUWQOgEIaDmtTjkbKrKQhx+5Ioj4N+tSig1q86SSvhw=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=tLMnJl1PGg+JaRv9e0cov1W2dQSwupzZoGE56bhg8Hwg4PA3WcR5BIYhw7mVCEttj iGHhEdfj7hyfUZz2uSLQ2iEXhc12d6p8wLdj2j//mBJ92/voNdjVjFS19amXkWVj5N pwtXFLpr2NIckxsu3ultA4YzewH8cWptBr78vn10xjt0vEsNQPo3+LW9G4GVoufS6I vrYW9c3eqMxE16+glX6oDbEE+Cq3QoLOFT5WB4a552VhRNK/nbES24rE8MK8ZRZZyI O2v1QfkwgNdjfj9R1IMi10JM9xKAljGWriKvqkNPillS6YZ5ZQo6P6X+K3YcZRJzJS yo5mmZFHUhc8Q== Date: Fri, 9 Dec 2022 11:04:15 -0800 From: Eric Biggers To: Roberto Sassu Cc: dhowells@redhat.com, herbert@gondor.apana.org.au, davem@davemloft.net, zohar@linux.ibm.com, dmitry.kasatkin@gmail.com, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, Roberto Sassu , stable@vger.kernel.org Subject: Re: [PATCH v2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() Message-ID: References: <20221209150633.1033556-1-roberto.sassu@huaweicloud.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20221209150633.1033556-1-roberto.sassu@huaweicloud.com> X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Fri, Dec 09, 2022 at 04:06:33PM +0100, Roberto Sassu wrote: > + /* key is used to store the sig and digest too. */ > + key = kmalloc(key_max_len, GFP_KERNEL); > if (!key) > goto error_free_req; Maybe just call this 'buf', as the key is just one of the purposes the buffer is used for now. > + /* Cannot use one scatterlist. The first needs to be s->s_size long. */ > + sg_set_buf(&src_sg[0], key, sig->s_size); > + sg_set_buf(&src_sg[1], key + sig->s_size, sig->digest_size); > akcipher_request_set_crypt(req, src_sg, NULL, sig->s_size, > sig->digest_size); AFAIK, none of the crypto APIs that operate on 'scatterlist' are supposed to care how the data is divided up into scatterlist elements. So it sounds like there is another bug that needs to be fixed. It should be fixed, not worked around. - Eric