Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/security/keys
History
David Gstir e8d9fab39d KEYS: trusted: dcp: fix improper sg use with CONFIG_VMAP_STACK=y 
With vmalloc stack addresses enabled (CONFIG_VMAP_STACK=y) DCP trusted
keys can crash during en- and decryption of the blob encryption key via
the DCP crypto driver. This is caused by improperly using sg_init_one()
with vmalloc'd stack buffers (plain_key_blob).

Fix this by always using kmalloc() for buffers we give to the DCP crypto
driver.

Cc: stable@vger.kernel.org # v6.10+
Fixes: 0e28bf61a5 ("KEYS: trusted: dcp: fix leak of blob encryption key")
Signed-off-by: David Gstir <david@sigma-star.at>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
 		2025-01-21 11:25:23 +02:00
..
encrypted-keys KEYS: encrypted: add missing MODULE_DESCRIPTION() 2024-07-01 14:16:54 +00:00
trusted-keys KEYS: trusted: dcp: fix improper sg use with CONFIG_VMAP_STACK=y 2025-01-21 11:25:23 +02:00
Kconfig
Makefile
big_key.c
compat.c
compat_dh.c
dh.c
gc.c keys: update key quotas in key_put() 2024-05-09 16:28:58 +03:00
internal.h keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry 2023-12-21 13:47:38 +00:00
key.c keys: Fix overwrite of key expiration on instantiation 2024-05-09 16:28:58 +03:00
keyctl.c task_work: s/task_work_cancel()/task_work_cancel_func()/ 2024-07-09 13:26:31 +02:00
keyctl_pkey.c
keyring.c security/keys: fix slab-out-of-bounds in key_task_permission 2024-11-04 21:24:24 +02:00
permission.c
persistent.c
proc.c keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry 2023-12-21 13:47:38 +00:00
process_keys.c
request_key.c
request_key_auth.c
sysctl.c lsm: remove the now superfluous sentinel element from ctl_table array 2024-04-15 15:00:00 -04:00
user_defined.c