KEYS: do not kmemdup digest in {public,tpm}_key_verify_signature
authorVitaly Chikunov <vt@altlinux.org>
Thu, 11 Apr 2019 15:51:16 +0000 (18:51 +0300)
committerHerbert Xu <herbert@gondor.apana.org.au>
Thu, 18 Apr 2019 14:15:02 +0000 (22:15 +0800)
Treat (struct public_key_signature)'s digest same as its signature (s).
Since digest should be already in the kmalloc'd memory do not kmemdup
digest value before calling {public,tpm}_key_verify_signature.

Patch is split from the previous as suggested by Herbert Xu.

Suggested-by: David Howells <dhowells@redhat.com>
Cc: David Howells <dhowells@redhat.com>
Cc: keyrings@vger.kernel.org
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
Reviewed-by: Denis Kenzior <denkenz@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto/asymmetric_keys/asym_tpm.c
crypto/asymmetric_keys/public_key.c

index 4e5b6fb57a94da6d9dd5656553651380e4136c31..402fc34ca044db38365de83f2e06d460643f9bcd 100644 (file)
@@ -748,7 +748,6 @@ static int tpm_key_verify_signature(const struct key *key,
        char alg_name[CRYPTO_MAX_ALG_NAME];
        uint8_t der_pub_key[PUB_KEY_BUF_SIZE];
        uint32_t der_pub_key_len;
-       void *digest;
        int ret;
 
        pr_devel("==>%s()\n", __func__);
@@ -780,14 +779,9 @@ static int tpm_key_verify_signature(const struct key *key,
        if (!req)
                goto error_free_tfm;
 
-       ret = -ENOMEM;
-       digest = kmemdup(sig->digest, sig->digest_size, GFP_KERNEL);
-       if (!digest)
-               goto error_free_req;
-
        sg_init_table(src_sg, 2);
        sg_set_buf(&src_sg[0], sig->s, sig->s_size);
-       sg_set_buf(&src_sg[1], digest, sig->digest_size);
+       sg_set_buf(&src_sg[1], sig->digest, sig->digest_size);
        akcipher_request_set_crypt(req, src_sg, NULL, sig->s_size,
                                   sig->digest_size);
        crypto_init_wait(&cwait);
@@ -796,8 +790,6 @@ static int tpm_key_verify_signature(const struct key *key,
                                      crypto_req_done, &cwait);
        ret = crypto_wait_req(crypto_akcipher_verify(req), &cwait);
 
-       kfree(digest);
-error_free_req:
        akcipher_request_free(req);
 error_free_tfm:
        crypto_free_akcipher(tfm);
index 0c069fe8a59cb066e77362237b568f7d4a893883..33093b7bcc47a68363a12f627e6e7446ac16da4c 100644 (file)
@@ -229,7 +229,6 @@ int public_key_verify_signature(const struct public_key *pkey,
        struct akcipher_request *req;
        struct scatterlist src_sg[2];
        char alg_name[CRYPTO_MAX_ALG_NAME];
-       void *digest;
        int ret;
 
        pr_devel("==>%s()\n", __func__);
@@ -262,14 +261,9 @@ int public_key_verify_signature(const struct public_key *pkey,
        if (ret)
                goto error_free_req;
 
-       ret = -ENOMEM;
-       digest = kmemdup(sig->digest, sig->digest_size, GFP_KERNEL);
-       if (!digest)
-               goto error_free_req;
-
        sg_init_table(src_sg, 2);
        sg_set_buf(&src_sg[0], sig->s, sig->s_size);
-       sg_set_buf(&src_sg[1], digest, sig->digest_size);
+       sg_set_buf(&src_sg[1], sig->digest, sig->digest_size);
        akcipher_request_set_crypt(req, src_sg, NULL, sig->s_size,
                                   sig->digest_size);
        crypto_init_wait(&cwait);
@@ -278,7 +272,6 @@ int public_key_verify_signature(const struct public_key *pkey,
                                      crypto_req_done, &cwait);
        ret = crypto_wait_req(crypto_akcipher_verify(req), &cwait);
 
-       kfree(digest);
 error_free_req:
        akcipher_request_free(req);
 error_free_tfm: