diff mbox

[1/2] crypto/x509: Fix unaligned access in x509_get_sig_params()

Message ID 288f39ff7c8b0bc60693e338fc8f6cea9008d443.1445286755.git.sowmini.varadhan@oracle.com (mailing list archive)
State Accepted
Delegated to: Herbert Xu
Headers show

Commit Message

Sowmini Varadhan Oct. 19, 2015, 9:23 p.m. UTC 
x509_get_sig_params() has the same code pattern as the one in
pkcs7_verify() that is fixed by commit 62f57d05e287 ("crypto: pkcs7 - Fix
unaligned access in pkcs7_verify()") so apply a similar fix here: make
sure that desc is pointing at an algined value past the digest_size,
and take alignment values into consideration when doing kzalloc()

Signed-off-by: Sowmini Varadhan <sowmini.varadhan@oracle.com>
---
 crypto/asymmetric_keys/x509_public_key.c |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

Comments

David Howells Oct. 20, 2015, 9:50 a.m. UTC | #1 
Sowmini Varadhan <sowmini.varadhan@oracle.com> wrote:

> x509_get_sig_params() has the same code pattern as the one in
> pkcs7_verify() that is fixed by commit 62f57d05e287 ("crypto: pkcs7 - Fix
> unaligned access in pkcs7_verify()") so apply a similar fix here: make
> sure that desc is pointing at an algined value past the digest_size,
> and take alignment values into consideration when doing kzalloc()
> 
> Signed-off-by: Sowmini Varadhan <sowmini.varadhan@oracle.com>

Acked-by: David Howells <dhowells@redhat.com>
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Herbert Xu Oct. 20, 2015, 2:26 p.m. UTC | #2 
On Mon, Oct 19, 2015 at 05:23:28PM -0400, Sowmini Varadhan wrote:
> x509_get_sig_params() has the same code pattern as the one in
> pkcs7_verify() that is fixed by commit 62f57d05e287 ("crypto: pkcs7 - Fix
> unaligned access in pkcs7_verify()") so apply a similar fix here: make
> sure that desc is pointing at an algined value past the digest_size,
> and take alignment values into consideration when doing kzalloc()
> 
> Signed-off-by: Sowmini Varadhan <sowmini.varadhan@oracle.com>

Patch applied.  Thanks.
diff mbox

Patch

diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c
index 1970966..68c3c40 100644
--- a/crypto/asymmetric_keys/x509_public_key.c
+++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -194,14 +194,15 @@  int x509_get_sig_params(struct x509_certificate *cert)
 	 * digest storage space.
 	 */
 	ret = -ENOMEM;
-	digest = kzalloc(digest_size + desc_size, GFP_KERNEL);
+	digest = kzalloc(ALIGN(digest_size, __alignof__(*desc)) + desc_size,
+			 GFP_KERNEL);
 	if (!digest)
 		goto error;
 
 	cert->sig.digest = digest;
 	cert->sig.digest_size = digest_size;
 
-	desc = digest + digest_size;
+	desc = PTR_ALIGN(digest + digest_size, __alignof__(*desc));
 	desc->tfm = tfm;
 	desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;