diff mbox series

ima: fix reference leak in asymmetric_verify()

Message ID 20220113194438.69202-1-ebiggers@kernel.org (mailing list archive)
State New
Headers show
Series ima: fix reference leak in asymmetric_verify() | expand

Commit Message

Eric Biggers Jan. 13, 2022, 7:44 p.m. UTC
From: Eric Biggers <ebiggers@google.com>

Don't leak a reference to the key if its algorithm is unknown.

Fixes: 947d70597236 ("ima: Support EC keys for signature verification")
Cc: <stable@vger.kernel.org> # v5.13+
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 security/integrity/digsig_asymmetric.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)


base-commit: feb7a43de5ef625ad74097d8fd3481d5dbc06a59

Comments

Stefan Berger Jan. 13, 2022, 8:39 p.m. UTC | #1
On 1/13/22 14:44, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> Don't leak a reference to the key if its algorithm is unknown.
>
> Fixes: 947d70597236 ("ima: Support EC keys for signature verification")
> Cc: <stable@vger.kernel.org> # v5.13+
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
>   security/integrity/digsig_asymmetric.c | 15 +++++++++------
>   1 file changed, 9 insertions(+), 6 deletions(-)
>
> diff --git a/security/integrity/digsig_asymmetric.c b/security/integrity/digsig_asymmetric.c
> index 23240d793b07..895f4b9ce8c6 100644
> --- a/security/integrity/digsig_asymmetric.c
> +++ b/security/integrity/digsig_asymmetric.c
> @@ -109,22 +109,25 @@ int asymmetric_verify(struct key *keyring, const char *sig,
>   
>   	pk = asymmetric_key_public_key(key);
>   	pks.pkey_algo = pk->pkey_algo;
> -	if (!strcmp(pk->pkey_algo, "rsa"))
> +	if (!strcmp(pk->pkey_algo, "rsa")) {
>   		pks.encoding = "pkcs1";
> -	else if (!strncmp(pk->pkey_algo, "ecdsa-", 6))
> +	} else if (!strncmp(pk->pkey_algo, "ecdsa-", 6)) {
>   		/* edcsa-nist-p192 etc. */
>   		pks.encoding = "x962";
> -	else if (!strcmp(pk->pkey_algo, "ecrdsa") ||
> -		   !strcmp(pk->pkey_algo, "sm2"))
> +	} else if (!strcmp(pk->pkey_algo, "ecrdsa") ||
> +		   !strcmp(pk->pkey_algo, "sm2")) {
>   		pks.encoding = "raw";
> -	else
> -		return -ENOPKG;
> +	} else {
> +		ret = -ENOPKG;
> +		goto out;
> +	}
>   
>   	pks.digest = (u8 *)data;
>   	pks.digest_size = datalen;
>   	pks.s = hdr->sig;
>   	pks.s_size = siglen;
>   	ret = verify_signature(key, &pks);
> +out:
>   	key_put(key);
>   	pr_debug("%s() = %d\n", __func__, ret);
>   	return ret;
>
> base-commit: feb7a43de5ef625ad74097d8fd3481d5dbc06a59


Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Mimi Zohar Jan. 14, 2022, 1:52 a.m. UTC | #2
Hi Eric,

On Thu, 2022-01-13 at 11:44 -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> Don't leak a reference to the key if its algorithm is unknown.
> 
> Fixes: 947d70597236 ("ima: Support EC keys for signature verification")
> Cc: <stable@vger.kernel.org> # v5.13+
> Signed-off-by: Eric Biggers <ebiggers@google.com>

Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>

thanks,

Mimi
tianjia.zhang Jan. 14, 2022, 2:47 a.m. UTC | #3
Hi Eric,

On 1/14/22 3:44 AM, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> Don't leak a reference to the key if its algorithm is unknown.
> 
> Fixes: 947d70597236 ("ima: Support EC keys for signature verification")
> Cc: <stable@vger.kernel.org> # v5.13+
> Signed-off-by: Eric Biggers <ebiggers@google.com>

LGTM.

Reviewed-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>

Best regards,
Tianjia
Eric Biggers Jan. 19, 2022, 12:18 a.m. UTC | #4
On Thu, Jan 13, 2022 at 08:52:59PM -0500, Mimi Zohar wrote:
> Hi Eric,
> 
> On Thu, 2022-01-13 at 11:44 -0800, Eric Biggers wrote:
> > From: Eric Biggers <ebiggers@google.com>
> > 
> > Don't leak a reference to the key if its algorithm is unknown.
> > 
> > Fixes: 947d70597236 ("ima: Support EC keys for signature verification")
> > Cc: <stable@vger.kernel.org> # v5.13+
> > Signed-off-by: Eric Biggers <ebiggers@google.com>
> 
> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
> 

Thanks.  You're intending to apply this patch, right?  Or are you expecting
someone else to?  get_maintainer.pl didn't associate this file with IMA, but I
see you sent out a patch to fix that
(https://lore.kernel.org/linux-integrity/20220117230229.16475-1-zohar@linux.ibm.com/T/#u).

- Eric
Mimi Zohar Jan. 19, 2022, 12:28 a.m. UTC | #5
On Tue, 2022-01-18 at 16:18 -0800, Eric Biggers wrote:
> On Thu, Jan 13, 2022 at 08:52:59PM -0500, Mimi Zohar wrote:
> > Hi Eric,
> > 
> > On Thu, 2022-01-13 at 11:44 -0800, Eric Biggers wrote:
> > > From: Eric Biggers <ebiggers@google.com>
> > > 
> > > Don't leak a reference to the key if its algorithm is unknown.
> > > 
> > > Fixes: 947d70597236 ("ima: Support EC keys for signature verification")
> > > Cc: <stable@vger.kernel.org> # v5.13+
> > > Signed-off-by: Eric Biggers <ebiggers@google.com>
> > 
> > Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
> > 
> 
> Thanks.  You're intending to apply this patch, right?  Or are you expecting
> someone else to?  get_maintainer.pl didn't associate this file with IMA, but I
> see you sent out a patch to fix that
> (https://lore.kernel.org/linux-integrity/20220117230229.16475-1-zohar@linux.ibm.com/T/#u).

Once the open window closes, I'll apply it.

Mimi
diff mbox series

Patch

diff --git a/security/integrity/digsig_asymmetric.c b/security/integrity/digsig_asymmetric.c
index 23240d793b07..895f4b9ce8c6 100644
--- a/security/integrity/digsig_asymmetric.c
+++ b/security/integrity/digsig_asymmetric.c
@@ -109,22 +109,25 @@  int asymmetric_verify(struct key *keyring, const char *sig,
 
 	pk = asymmetric_key_public_key(key);
 	pks.pkey_algo = pk->pkey_algo;
-	if (!strcmp(pk->pkey_algo, "rsa"))
+	if (!strcmp(pk->pkey_algo, "rsa")) {
 		pks.encoding = "pkcs1";
-	else if (!strncmp(pk->pkey_algo, "ecdsa-", 6))
+	} else if (!strncmp(pk->pkey_algo, "ecdsa-", 6)) {
 		/* edcsa-nist-p192 etc. */
 		pks.encoding = "x962";
-	else if (!strcmp(pk->pkey_algo, "ecrdsa") ||
-		   !strcmp(pk->pkey_algo, "sm2"))
+	} else if (!strcmp(pk->pkey_algo, "ecrdsa") ||
+		   !strcmp(pk->pkey_algo, "sm2")) {
 		pks.encoding = "raw";
-	else
-		return -ENOPKG;
+	} else {
+		ret = -ENOPKG;
+		goto out;
+	}
 
 	pks.digest = (u8 *)data;
 	pks.digest_size = datalen;
 	pks.s = hdr->sig;
 	pks.s_size = siglen;
 	ret = verify_signature(key, &pks);
+out:
 	key_put(key);
 	pr_debug("%s() = %d\n", __func__, ret);
 	return ret;