Skip to main content

Browse the archive

https://github.com/torvalds/linux
23 October 2021, 00:29:24 UTC
Revision aa9d4437893f7e015ce5b6d6c443a9ba92c8a2e7 authored by David Howells on 01 December 2014, 22:52:45 UTC, committed by David Howells on 01 December 2014, 22:52:45 UTC 
KEYS: Fix the size of the key description passed to/from userspace
 
When a key description argument is imported into the kernel from userspace, as
happens in add_key(), request_key(), KEYCTL_JOIN_SESSION_KEYRING,
KEYCTL_SEARCH, the description is copied into a buffer up to PAGE_SIZE in size.
PAGE_SIZE, however, is a variable quantity, depending on the arch.  Fix this at
4096 instead (ie. 4095 plus a NUL termination) and define a constant
(KEY_MAX_DESC_SIZE) to this end.

When reading the description back with KEYCTL_DESCRIBE, a PAGE_SIZE internal
buffer is allocated into which the information and description will be
rendered.  This means that the description will get truncated if an extremely
long description it has to be crammed into the buffer with the stringified
information.  There is no particular need to copy the description into the
buffer, so just copy it directly to userspace in a separate operation.

Reported-by: Christian Kastner <debian@kvr.at>
Signed-off-by: David Howells <dhowells@redhat.com>
Tested-by: Christian Kastner <debian@kvr.at>
1 parent 009d043
History
Tip revision: aa9d4437893f7e015ce5b6d6c443a9ba92c8a2e7 authored by David Howells on 01 December 2014, 22:52:45 UTC
KEYS: Fix the size of the key description passed to/from userspace
Tip revision: aa9d443
File Mode Size
Documentation
arch
block
crypto
drivers
firmware
fs
include
init
ipc
kernel
lib
mm
net
samples
scripts
security
sound
tools
usr
virt
.gitignore -rw-r--r-- 1.1 KB
.mailmap -rw-r--r-- 4.7 KB
COPYING -rw-r--r-- 18.3 KB
CREDITS -rw-r--r-- 93.8 KB
Kbuild -rw-r--r-- 2.5 KB
Kconfig -rw-r--r-- 252 bytes
MAINTAINERS -rw-r--r-- 285.4 KB
Makefile -rw-r--r-- 53.2 KB
README -rw-r--r-- 18.3 KB
REPORTING-BUGS -rw-r--r-- 7.3 KB

README

back to top