diff options
| author | Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> | 2016-01-06 16:43:30 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2016-05-04 14:49:15 -0700 |
| commit | 5504693f5dcfae316d10706f6367f8724d69c67f (patch) | |
| tree | d50fa6b63113bc05c09a70986ea1973567111b89 /security | |
| parent | d84be57178d73e9007704e34ac510974a1c380aa (diff) | |
| download | lwn-5504693f5dcfae316d10706f6367f8724d69c67f.tar.gz lwn-5504693f5dcfae316d10706f6367f8724d69c67f.zip | |
tpm: fix checks for policy digest existence in tpm2_seal_trusted()
commit f3c82ade7c59303167d56b0be3e0707751fc45e2 upstream.
In my original patch sealing with policy was done with dynamically
allocated buffer that I changed later into an array so the checks in
tpm2-cmd.c became invalid. This patch fixes the issue.
Fixes: 5beb0c435bdd ("keys, trusted: seal with a TPM2 authorization policy")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/keys/trusted.c | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/security/keys/trusted.c b/security/keys/trusted.c index 0dcab20cdacd..90d61751ff12 100644 --- a/security/keys/trusted.c +++ b/security/keys/trusted.c @@ -744,6 +744,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay, unsigned long handle; unsigned long lock; unsigned long token_mask = 0; + unsigned int digest_len; int i; int tpm2; @@ -752,7 +753,6 @@ static int getoptions(char *c, struct trusted_key_payload *pay, return tpm2; opt->hash = tpm2 ? HASH_ALGO_SHA256 : HASH_ALGO_SHA1; - opt->digest_len = hash_digest_size[opt->hash]; while ((p = strsep(&c, " \t"))) { if (*p == '\0' || *p == ' ' || *p == '\t') @@ -812,8 +812,6 @@ static int getoptions(char *c, struct trusted_key_payload *pay, for (i = 0; i < HASH_ALGO__LAST; i++) { if (!strcmp(args[0].from, hash_algo_name[i])) { opt->hash = i; - opt->digest_len = - hash_digest_size[opt->hash]; break; } } @@ -825,13 +823,14 @@ static int getoptions(char *c, struct trusted_key_payload *pay, } break; case Opt_policydigest: - if (!tpm2 || - strlen(args[0].from) != (2 * opt->digest_len)) + digest_len = hash_digest_size[opt->hash]; + if (!tpm2 || strlen(args[0].from) != (2 * digest_len)) return -EINVAL; res = hex2bin(opt->policydigest, args[0].from, - opt->digest_len); + digest_len); if (res < 0) return -EINVAL; + opt->policydigest_len = digest_len; break; case Opt_policyhandle: if (!tpm2) |