summaryrefslogtreecommitdiff
path: root/drivers/s390/crypto
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2026-07-04 06:28:45 -1000
committerLinus Torvalds <torvalds@linux-foundation.org>2026-07-04 06:28:45 -1000
commit7404ce51637231382873d0b55edabc2f3b841a9d (patch)
tree402d966ef2d808c4a3ae5c09bbbd6368c7611b73 /drivers/s390/crypto
parent410430b616a739eb395143f4f608d4339a3b0a8f (diff)
parent2995ccec260caa9e85b3301a4aba1e66ed80ad74 (diff)
Merge tag 's390-7.2-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linuxHEADmaster
Pull s390 fixes from Vasily Gorbik: - Fix PKEY_VERIFYPROTK ioctl key type handling by removing the generic key-length based type check with its wrong bit-size calculation, and leaving protected key verification to the pkey handler - Fix monwriter buffer reuse by rejecting records that change the data length, preventing out of bounds user copy into the kernel buffer * tag 's390-7.2-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: s390/monwriter: Reject buffer reuse with different data length pkey: Move keytype check from pkey api to handler
Diffstat (limited to 'drivers/s390/crypto')
-rw-r--r--drivers/s390/crypto/pkey_api.c11
1 files changed, 1 insertions, 10 deletions
diff --git a/drivers/s390/crypto/pkey_api.c b/drivers/s390/crypto/pkey_api.c
index 28e1007005f2..5d8f63f390a8 100644
--- a/drivers/s390/crypto/pkey_api.c
+++ b/drivers/s390/crypto/pkey_api.c
@@ -327,7 +327,6 @@ static int pkey_ioctl_verifyprotk(struct pkey_verifyprotk __user *uvp)
{
struct pkey_verifyprotk kvp;
struct protaeskeytoken *t;
- u32 keytype;
u8 *tmpbuf;
int rc;
@@ -341,14 +340,6 @@ static int pkey_ioctl_verifyprotk(struct pkey_verifyprotk __user *uvp)
return -EINVAL;
}
- keytype = pkey_aes_bitsize_to_keytype(8 * kvp.protkey.len);
- if (!keytype) {
- PKEY_DBF_ERR("%s unknown/unsupported protkey length %u\n",
- __func__, kvp.protkey.len);
- memzero_explicit(&kvp, sizeof(kvp));
- return -EINVAL;
- }
-
/* build a 'protected key token' from the raw protected key */
tmpbuf = kzalloc(sizeof(*t), GFP_KERNEL);
if (!tmpbuf) {
@@ -358,7 +349,7 @@ static int pkey_ioctl_verifyprotk(struct pkey_verifyprotk __user *uvp)
t = (struct protaeskeytoken *)tmpbuf;
t->type = TOKTYPE_NON_CCA;
t->version = TOKVER_PROTECTED_KEY;
- t->keytype = keytype;
+ t->keytype = kvp.protkey.type;
t->len = kvp.protkey.len;
memcpy(t->protkey, kvp.protkey.protkey, kvp.protkey.len);