Piteball
/
android_kernel_samsung_msm8976
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/security
History
Eric Biggers 4237e3091c KEYS: trusted: fix writing past end of buffer in trusted_read() 
commit a3c812f7cfd80cf51e8f5b7034f7418f6beb56c1 upstream.

When calling keyctl_read() on a key of type "trusted", if the
user-supplied buffer was too small, the kernel ignored the buffer length
and just wrote past the end of the buffer, potentially corrupting
userspace memory.  Fix it by instead returning the size required, as per
the documentation for keyctl_read().

We also don't even fill the buffer at all in this case, as this is
slightly easier to implement than doing a short read, and either
behavior appears to be permitted.  It also makes it match the behavior
of the "encrypted" key type.

Fixes: d00a1c72f7 ("keys: add new trusted key-type")
Reported-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Reviewed-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
 		2019-07-27 21:45:42 +02:00
..
apparmor sched: move no_new_privs into new atomic flags 2015-03-19 14:52:51 -07:00
integrity evm: check xattr value length and type in evm_inode_setxattr() 2014-11-14 08:47:54 -08:00
keys KEYS: trusted: fix writing past end of buffer in trusted_read() 2019-07-27 21:45:42 +02:00
mstdrv Import latest Samsung release 2017-04-18 03:43:52 +02:00
sdp Import T813XXS2BRC2 kernel source changes 2018-05-26 00:39:42 +02:00
selinux selinux: fix double free in selinux_parse_opts_str() 2019-07-27 21:44:49 +02:00
smack
tima_uevent Import latest Samsung release 2017-04-18 03:43:52 +02:00
tomoyo
tz_iccc Import latest Samsung release 2017-04-18 03:43:52 +02:00
yama
Kconfig Import latest Samsung release 2017-04-18 03:43:52 +02:00
Makefile Import latest Samsung release 2017-04-18 03:43:52 +02:00
capability.c Add security hooks to binder and implement the hooks for SELinux. 2018-02-06 13:12:15 +01:00
commoncap.c BACKPORT: commoncap: don't alloc the credential unless needed in cap_task_prctl 2018-02-06 13:12:16 +01:00
device_cgroup.c
inode.c vfs: Add permission2 for filesystems with per mount permissions 2018-02-06 13:12:19 +01:00
lsm_audit.c security: add ioctl specific auditing to lsm_audit 2016-05-18 14:34:39 +05:30
min_addr.c
security.c Add security hooks to binder and implement the hooks for SELinux. 2018-02-06 13:12:15 +01:00