Eric Lee / smarc-fsl-linux-kernel

24 May, 2019

1 commit

  • b4d0d230c   treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 ... Browse Code »

    Based on 1 normalized pattern(s):

    this program is free software you can redistribute it and or modify
    it under the terms of the gnu general public licence as published by
    the free software foundation either version 2 of the licence or at
    your option any later version

    extracted by the scancode license scanner the SPDX license identifier

    GPL-2.0-or-later

    has been chosen to replace the boilerplate/reference in 114 file(s).

    Signed-off-by: Thomas Gleixner
    Reviewed-by: Allison Randal
    Reviewed-by: Kate Stewart
    Cc: linux-spdx@vger.kernel.org
    Link: https://lkml.kernel.org/r/20190520170857.552531963@linutronix.de
    Signed-off-by: Greg Kroah-Hartman

    Thomas Gleixner
     

02 Jan, 2019

1 commit

  • 57b0e3145   KEYS: fix parsing invalid pkey info string ... Browse Code »

    We need to check the return value of match_token() for Opt_err before
    doing anything with it.

    [ Not only did the old "-1" value for Opt_err cause problems for the
    __test_and_set_bit(), as fixed in commit 94c13f66e13c ("security:
    don't use a negative Opt_err token index"), but accessing
    "args[0].from" is invalid for the Opt_err case, as pointed out by Eric
    later. - Linus ]

    Reported-by: syzbot+a22e0dc07567662c50bc@syzkaller.appspotmail.com
    Fixes: 00d60fd3b932 ("KEYS: Provide keyctls to drive the new key type ops for asymmetric keys [ver #2]")
    Signed-off-by: Eric Biggers
    Cc: stable@kernel.org # 4.20
    Signed-off-by: Linus Torvalds

    Eric Biggers
     

18 Dec, 2018

1 commit

  • 94c13f66e   security: don't use a negative Opt_err token index ... Browse Code »

    The code uses a bitmap to check for duplicate tokens during parsing, and
    that doesn't work at all for the negative Opt_err token case.

    There is absolutely no reason to make Opt_err be negative, and in fact
    it only confuses things, since some of the affected functions actually
    return a positive Opt_xyz enum _or_ a regular negative error code (eg
    -EINVAL), and using -1 for Opt_err makes no sense.

    There are similar problems in ima_policy.c and key encryption, but they
    don't have the immediate bug wrt bitmap handing, and ima_policy.c in
    particular needs a different patch to make the enum values match the
    token array index. Mimi is sending that separately.

    Reported-by: syzbot+a22e0dc07567662c50bc@syzkaller.appspotmail.com
    Reported-by: Eric Biggers
    Fixes: 5208cc83423d ("keys, trusted: fix: *do not* allow duplicate key options")
    Fixes: 00d60fd3b932 ("KEYS: Provide keyctls to drive the new key type ops for asymmetric keys [ver #2]")
    Cc: James Morris James Morris
    Cc: Mimi Zohar
    Cc: Jarkko Sakkinen
    Cc: Peter Huewe
    Signed-off-by: Linus Torvalds

    Linus Torvalds
     

26 Oct, 2018

1 commit

  • 00d60fd3b   KEYS: Provide keyctls to drive the new key type ops for asymmetric keys [ver #2] ... Browse Code »

    Provide five keyctl functions that permit userspace to make use of the new
    key type ops for accessing and driving asymmetric keys.

    (*) Query an asymmetric key.

    long keyctl(KEYCTL_PKEY_QUERY,
    key_serial_t key, unsigned long reserved,
    struct keyctl_pkey_query *info);

    Get information about an asymmetric key. The information is returned
    in the keyctl_pkey_query struct:

    __u32 supported_ops;

    A bit mask of flags indicating which ops are supported. This is
    constructed from a bitwise-OR of:

    KEYCTL_SUPPORTS_{ENCRYPT,DECRYPT,SIGN,VERIFY}

    __u32 key_size;

    The size in bits of the key.

    __u16 max_data_size;
    __u16 max_sig_size;
    __u16 max_enc_size;
    __u16 max_dec_size;

    The maximum sizes in bytes of a blob of data to be signed, a signature
    blob, a blob to be encrypted and a blob to be decrypted.

    reserved must be set to 0. This is intended for future use to hand
    over one or more passphrases needed unlock a key.

    If successful, 0 is returned. If the key is not an asymmetric key,
    EOPNOTSUPP is returned.

    (*) Encrypt, decrypt, sign or verify a blob using an asymmetric key.

    long keyctl(KEYCTL_PKEY_ENCRYPT,
    const struct keyctl_pkey_params *params,
    const char *info,
    const void *in,
    void *out);

    long keyctl(KEYCTL_PKEY_DECRYPT,
    const struct keyctl_pkey_params *params,
    const char *info,
    const void *in,
    void *out);

    long keyctl(KEYCTL_PKEY_SIGN,
    const struct keyctl_pkey_params *params,
    const char *info,
    const void *in,
    void *out);

    long keyctl(KEYCTL_PKEY_VERIFY,
    const struct keyctl_pkey_params *params,
    const char *info,
    const void *in,
    const void *in2);

    Use an asymmetric key to perform a public-key cryptographic operation
    a blob of data.

    The parameter block pointed to by params contains a number of integer
    values:

    __s32 key_id;
    __u32 in_len;
    __u32 out_len;
    __u32 in2_len;

    For a given operation, the in and out buffers are used as follows:

    Operation ID in,in_len out,out_len in2,in2_len
    ======================= =============== =============== ===========
    KEYCTL_PKEY_ENCRYPT Raw data Encrypted data -
    KEYCTL_PKEY_DECRYPT Encrypted data Raw data -
    KEYCTL_PKEY_SIGN Raw data Signature -
    KEYCTL_PKEY_VERIFY Raw data - Signature

    info is a string of key=value pairs that supply supplementary
    information.

    The __spare space in the parameter block must be set to 0. This is
    intended, amongst other things, to allow the passing of passphrases
    required to unlock a key.

    If successful, encrypt, decrypt and sign all return the amount of data
    written into the output buffer. Verification returns 0 on success.

    Signed-off-by: David Howells
    Tested-by: Marcel Holtmann
    Reviewed-by: Marcel Holtmann
    Reviewed-by: Denis Kenzior
    Tested-by: Denis Kenzior
    Signed-off-by: James Morris

    David Howells