forked from luck/tmp_suning_uos_patched
5df14bba00
commit f985911b7bc75d5c98ed24d8aaa8b94c590f7c6a upstream. Hit kernel warning like this, it can be reproduced by verifying 256 bytes datafile by keyctl command, run script: RAWDATA=rawdata SIGDATA=sigdata modprobe pkcs8_key_parser rm -rf *.der *.pem *.pfx rm -rf $RAWDATA dd if=/dev/random of=$RAWDATA bs=256 count=1 openssl req -nodes -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem \ -subj "/C=CN/ST=GD/L=SZ/O=vihoo/OU=dev/CN=xx.com/emailAddress=yy@xx.com" KEY_ID=`openssl pkcs8 -in key.pem -topk8 -nocrypt -outform DER | keyctl \ padd asymmetric 123 @s` keyctl pkey_sign $KEY_ID 0 $RAWDATA enc=pkcs1 hash=sha1 > $SIGDATA keyctl pkey_verify $KEY_ID 0 $RAWDATA $SIGDATA enc=pkcs1 hash=sha1 Then the kernel reports: WARNING: CPU: 5 PID: 344556 at crypto/rsa-pkcs1pad.c:540 pkcs1pad_verify+0x160/0x190 ... Call Trace: public_key_verify_signature+0x282/0x380 ? software_key_query+0x12d/0x180 ? keyctl_pkey_params_get+0xd6/0x130 asymmetric_key_verify_signature+0x66/0x80 keyctl_pkey_verify+0xa5/0x100 do_syscall_64+0x35/0xb0 entry_SYSCALL_64_after_hwframe+0x44/0xae The reason of this issue, in function 'asymmetric_key_verify_signature': '.digest_size(u8) = params->in_len(u32)' leads overflow of an u8 value, so use u32 instead of u8 for digest_size field. And reorder struct public_key_signature, it saves 8 bytes on a 64-bit machine. Cc: stable@vger.kernel.org Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|---|---|---|
| .. | ||
| internal | ||
| acompress.h | ||
| aead.h | ||
| aes.h | ||
| akcipher.h | ||
| algapi.h | ||
| arc4.h | ||
| asym_tpm_subtype.h | ||
| authenc.h | ||
| b128ops.h | ||
| blake2s.h | ||
| blowfish.h | ||
| cast_common.h | ||
| cast5.h | ||
| cast6.h | ||
| chacha.h | ||
| chacha20poly1305.h | ||
| cryptd.h | ||
| ctr.h | ||
| curve25519.h | ||
| des.h | ||
| dh.h | ||
| drbg.h | ||
| ecdh.h | ||
| engine.h | ||
| gcm.h | ||
| gf128mul.h | ||
| ghash.h | ||
| hash_info.h | ||
| hash.h | ||
| hmac.h | ||
| if_alg.h | ||
| kpp.h | ||
| md5.h | ||
| nhpoly1305.h | ||
| null.h | ||
| padlock.h | ||
| pcrypt.h | ||
| pkcs7.h | ||
| poly1305.h | ||
| public_key.h | ||
| rng.h | ||
| scatterwalk.h | ||
| serpent.h | ||
| sha.h | ||
| sha1_base.h | ||
| sha3.h | ||
| sha256_base.h | ||
| sha512_base.h | ||
| skcipher.h | ||
| sm2.h | ||
| sm3_base.h | ||
| sm3.h | ||
| sm4.h | ||
| streebog.h | ||
| twofish.h | ||
| xts.h | ||