On Sat, Jan 15, 2022 at 08:45:03PM +0200, Jarkko Sakkinen wrote: > On Thu, Jan 13, 2022 at 12:04:54PM -0800, Eric Biggers wrote: > > From: Eric Biggers <ebiggers@xxxxxxxxxx> > > > > In many cases, keyctl_pkey_params_get_2() is validating the user buffer > > lengths against the wrong algorithm properties. Fix it to check against > > the correct properties. > > > > Probably this wasn't noticed before because for all asymmetric keys of > > the "public_key" subtype, max_data_size == max_sig_size == max_enc_size > > == max_dec_size. However, this isn't necessarily true for the > > "asym_tpm" subtype (it should be, but it's not strictly validated). Of > > course, future key types could have different values as well. > > With a quick look, asym_tpm is TPM 1.x only, which only has 2048-bit RSA > keys. The code allows other lengths, as well as the case where the "RSA key size" doesn't match the "public key size". Probably both are bugs and they should both be 256 bytes (2048 bits) only. Anyway, that would be a separate fix. - Eric