| Message ID | 20220113194438.69202-1-ebiggers@kernel.org |
|---|---|
| State | New |
| Headers | show |
| Series | ima: fix reference leak in asymmetric_verify() | expand |
On 1/13/22 14:44, Eric Biggers wrote: > From: Eric Biggers <ebiggers@google.com> > > Don't leak a reference to the key if its algorithm is unknown. > > Fixes: 947d70597236 ("ima: Support EC keys for signature verification") > Cc: <stable@vger.kernel.org> # v5.13+ > Signed-off-by: Eric Biggers <ebiggers@google.com> > --- > security/integrity/digsig_asymmetric.c | 15 +++++++++------ > 1 file changed, 9 insertions(+), 6 deletions(-) > > diff --git a/security/integrity/digsig_asymmetric.c b/security/integrity/digsig_asymmetric.c > index 23240d793b07..895f4b9ce8c6 100644 > --- a/security/integrity/digsig_asymmetric.c > +++ b/security/integrity/digsig_asymmetric.c > @@ -109,22 +109,25 @@ int asymmetric_verify(struct key *keyring, const char *sig, > > pk = asymmetric_key_public_key(key); > pks.pkey_algo = pk->pkey_algo; > - if (!strcmp(pk->pkey_algo, "rsa")) > + if (!strcmp(pk->pkey_algo, "rsa")) { > pks.encoding = "pkcs1"; > - else if (!strncmp(pk->pkey_algo, "ecdsa-", 6)) > + } else if (!strncmp(pk->pkey_algo, "ecdsa-", 6)) { > /* edcsa-nist-p192 etc. */ > pks.encoding = "x962"; > - else if (!strcmp(pk->pkey_algo, "ecrdsa") || > - !strcmp(pk->pkey_algo, "sm2")) > + } else if (!strcmp(pk->pkey_algo, "ecrdsa") || > + !strcmp(pk->pkey_algo, "sm2")) { > pks.encoding = "raw"; > - else > - return -ENOPKG; > + } else { > + ret = -ENOPKG; > + goto out; > + } > > pks.digest = (u8 *)data; > pks.digest_size = datalen; > pks.s = hdr->sig; > pks.s_size = siglen; > ret = verify_signature(key, &pks); > +out: > key_put(key); > pr_debug("%s() = %d\n", __func__, ret); > return ret; > > base-commit: feb7a43de5ef625ad74097d8fd3481d5dbc06a59 Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Hi Eric, On Thu, 2022-01-13 at 11:44 -0800, Eric Biggers wrote: > From: Eric Biggers <ebiggers@google.com> > > Don't leak a reference to the key if its algorithm is unknown. > > Fixes: 947d70597236 ("ima: Support EC keys for signature verification") > Cc: <stable@vger.kernel.org> # v5.13+ > Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> thanks, Mimi
Hi Eric, On 1/14/22 3:44 AM, Eric Biggers wrote: > From: Eric Biggers <ebiggers@google.com> > > Don't leak a reference to the key if its algorithm is unknown. > > Fixes: 947d70597236 ("ima: Support EC keys for signature verification") > Cc: <stable@vger.kernel.org> # v5.13+ > Signed-off-by: Eric Biggers <ebiggers@google.com> LGTM. Reviewed-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Best regards, Tianjia
On Thu, Jan 13, 2022 at 08:52:59PM -0500, Mimi Zohar wrote: > Hi Eric, > > On Thu, 2022-01-13 at 11:44 -0800, Eric Biggers wrote: > > From: Eric Biggers <ebiggers@google.com> > > > > Don't leak a reference to the key if its algorithm is unknown. > > > > Fixes: 947d70597236 ("ima: Support EC keys for signature verification") > > Cc: <stable@vger.kernel.org> # v5.13+ > > Signed-off-by: Eric Biggers <ebiggers@google.com> > > Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> > Thanks. You're intending to apply this patch, right? Or are you expecting someone else to? get_maintainer.pl didn't associate this file with IMA, but I see you sent out a patch to fix that (https://lore.kernel.org/linux-integrity/20220117230229.16475-1-zohar@linux.ibm.com/T/#u). - Eric
On Tue, 2022-01-18 at 16:18 -0800, Eric Biggers wrote: > On Thu, Jan 13, 2022 at 08:52:59PM -0500, Mimi Zohar wrote: > > Hi Eric, > > > > On Thu, 2022-01-13 at 11:44 -0800, Eric Biggers wrote: > > > From: Eric Biggers <ebiggers@google.com> > > > > > > Don't leak a reference to the key if its algorithm is unknown. > > > > > > Fixes: 947d70597236 ("ima: Support EC keys for signature verification") > > > Cc: <stable@vger.kernel.org> # v5.13+ > > > Signed-off-by: Eric Biggers <ebiggers@google.com> > > > > Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> > > > > Thanks. You're intending to apply this patch, right? Or are you expecting > someone else to? get_maintainer.pl didn't associate this file with IMA, but I > see you sent out a patch to fix that > (https://lore.kernel.org/linux-integrity/20220117230229.16475-1-zohar@linux.ibm.com/T/#u). Once the open window closes, I'll apply it. Mimi
diff --git a/security/integrity/digsig_asymmetric.c b/security/integrity/digsig_asymmetric.c index 23240d793b07..895f4b9ce8c6 100644 --- a/security/integrity/digsig_asymmetric.c +++ b/security/integrity/digsig_asymmetric.c @@ -109,22 +109,25 @@ int asymmetric_verify(struct key *keyring, const char *sig, pk = asymmetric_key_public_key(key); pks.pkey_algo = pk->pkey_algo; - if (!strcmp(pk->pkey_algo, "rsa")) + if (!strcmp(pk->pkey_algo, "rsa")) { pks.encoding = "pkcs1"; - else if (!strncmp(pk->pkey_algo, "ecdsa-", 6)) + } else if (!strncmp(pk->pkey_algo, "ecdsa-", 6)) { /* edcsa-nist-p192 etc. */ pks.encoding = "x962"; - else if (!strcmp(pk->pkey_algo, "ecrdsa") || - !strcmp(pk->pkey_algo, "sm2")) + } else if (!strcmp(pk->pkey_algo, "ecrdsa") || + !strcmp(pk->pkey_algo, "sm2")) { pks.encoding = "raw"; - else - return -ENOPKG; + } else { + ret = -ENOPKG; + goto out; + } pks.digest = (u8 *)data; pks.digest_size = datalen; pks.s = hdr->sig; pks.s_size = siglen; ret = verify_signature(key, &pks); +out: key_put(key); pr_debug("%s() = %d\n", __func__, ret); return ret;