On Sat, Jan 15, 2022 at 11:26:16PM +0200, Jarkko Sakkinen wrote: > On Sat, Jan 15, 2022 at 11:53:34AM -0800, Eric Biggers wrote: > > On Sat, Jan 15, 2022 at 08:45:03PM +0200, Jarkko Sakkinen wrote: > > > On Thu, Jan 13, 2022 at 12:04:54PM -0800, Eric Biggers wrote: > > > > From: Eric Biggers <ebiggers@xxxxxxxxxx> > > > > > > > > In many cases, keyctl_pkey_params_get_2() is validating the user buffer > > > > lengths against the wrong algorithm properties. Fix it to check against > > > > the correct properties. > > > > > > > > Probably this wasn't noticed before because for all asymmetric keys of > > > > the "public_key" subtype, max_data_size == max_sig_size == max_enc_size > > > > == max_dec_size. However, this isn't necessarily true for the > > > > "asym_tpm" subtype (it should be, but it's not strictly validated). Of > > > > course, future key types could have different values as well. > > > > > > With a quick look, asym_tpm is TPM 1.x only, which only has 2048-bit RSA > > > keys. > > > > The code allows other lengths, as well as the case where the "RSA key size" > > doesn't match the "public key size". Probably both are bugs and they should > > both be 256 bytes (2048 bits) only. Anyway, that would be a separate fix. > > > > - Eric > > I'm fine with the current commit message. E.g. I have no idea at this > point whether there should be in future separate asym_tpm2 or all bundled > to asym_tpm. > > Acked-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx> > Okay, great. Just to be clear, I'm expecting either you or David (maintainer:KEYS/KEYRINGS) to apply this patch. Acked-by is usually given by a maintainer when someone else applies a patch. - Eric