android-mainline/ANDROID-fscrypt-extend-max-allowed-size-of-fscrypt_provisioning-keys.patch - kernel/common-patches - Git at Google

 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Eric Biggers <ebiggers@google.com>
 Date: Mon, 2 Mar 2020 14:53:11 +0000
 Subject: ANDROID: fscrypt: extend max allowed size of fscrypt_provisioning
  keys

 Allow the size of fscrypt-provisioning keys to be up to
 FSCRYPT_MAX_HW_WRAPPED_KEY_SIZE rather than FSCRYPT_MAX_KEY_SIZE.

 [maennich: This patch had been picked up from the merge conflict
 resolution when merging f0d874414329 ("Merge tag 'fscrypt-for-linus' of
 git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt") into android-mainline.
 See 5cc45ee5951e ("Merge f0d874414329 ("Merge tag 'fscrypt-for-linus' of
 git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt") into
 android-mainline")]

 Signed-off-by: Eric Biggers <ebiggers@google.com>
 Signed-off-by: Matthias Maennich <maennich@google.com>
 Change-Id: If0cfafa34da08a559190928056086d3e772b29f8
 ---
  fs/crypto/keyring.c | 12 ++++++++++--
  1 file changed, 10 insertions(+), 2 deletions(-)

 diff --git a/fs/crypto/keyring.c b/fs/crypto/keyring.c
 --- a/fs/crypto/keyring.c
 +++ b/fs/crypto/keyring.c
 @@ -513,8 +513,10 @@ static int fscrypt_provisioning_key_preparse(struct key_preparsed_payload *prep)
  {
  	const struct fscrypt_provisioning_key_payload *payload = prep->data;

 +	BUILD_BUG_ON(FSCRYPT_MAX_HW_WRAPPED_KEY_SIZE < FSCRYPT_MAX_KEY_SIZE);
 +
  	if (prep->datalen < sizeof(*payload) + FSCRYPT_MIN_KEY_SIZE ||
 -	    prep->datalen > sizeof(*payload) + FSCRYPT_MAX_KEY_SIZE)
 +	    prep->datalen > sizeof(*payload) + FSCRYPT_MAX_HW_WRAPPED_KEY_SIZE)
  		return -EINVAL;

  	if (payload->type != FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR &&
 @@ -678,9 +680,15 @@ int fscrypt_ioctl_add_key(struct file *filp, void __user *_uarg)
  		err = get_keyring_key(arg.key_id, arg.key_spec.type, &secret);
  		if (err)
  			goto out_wipe_secret;
 +		err = -EINVAL;
 +		if (!(arg.__flags & __FSCRYPT_ADD_KEY_FLAG_HW_WRAPPED) &&
 +		    secret.size > FSCRYPT_MAX_KEY_SIZE)
 +			goto out_wipe_secret;
  	} else {
  		if (arg.raw_size < FSCRYPT_MIN_KEY_SIZE ||
 -		    arg.raw_size > FSCRYPT_MAX_KEY_SIZE)
 +		    arg.raw_size >
 +		    ((arg.__flags & __FSCRYPT_ADD_KEY_FLAG_HW_WRAPPED) ?
 +		     FSCRYPT_MAX_HW_WRAPPED_KEY_SIZE : FSCRYPT_MAX_KEY_SIZE))
  			return -EINVAL;
  		secret.size = arg.raw_size;
  		err = -EFAULT;
	From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
	From: Eric Biggers <ebiggers@google.com>
	Date: Mon, 2 Mar 2020 14:53:11 +0000
	Subject: ANDROID: fscrypt: extend max allowed size of fscrypt_provisioning
	keys

	Allow the size of fscrypt-provisioning keys to be up to
	FSCRYPT_MAX_HW_WRAPPED_KEY_SIZE rather than FSCRYPT_MAX_KEY_SIZE.

	[maennich: This patch had been picked up from the merge conflict
	resolution when merging f0d874414329 ("Merge tag 'fscrypt-for-linus' of
	git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt") into android-mainline.
	See 5cc45ee5951e ("Merge f0d874414329 ("Merge tag 'fscrypt-for-linus' of
	git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt") into
	android-mainline")]

	Signed-off-by: Eric Biggers <ebiggers@google.com>
	Signed-off-by: Matthias Maennich <maennich@google.com>
	Change-Id: If0cfafa34da08a559190928056086d3e772b29f8
	---
	fs/crypto/keyring.c \| 12 ++++++++++--
	1 file changed, 10 insertions(+), 2 deletions(-)

	diff --git a/fs/crypto/keyring.c b/fs/crypto/keyring.c
	--- a/fs/crypto/keyring.c
	+++ b/fs/crypto/keyring.c
	@@ -513,8 +513,10 @@ static int fscrypt_provisioning_key_preparse(struct key_preparsed_payload *prep)
	{
	const struct fscrypt_provisioning_key_payload *payload = prep->data;

	+ BUILD_BUG_ON(FSCRYPT_MAX_HW_WRAPPED_KEY_SIZE < FSCRYPT_MAX_KEY_SIZE);
	+
	if (prep->datalen < sizeof(*payload) + FSCRYPT_MIN_KEY_SIZE \|\|
	- prep->datalen > sizeof(*payload) + FSCRYPT_MAX_KEY_SIZE)
	+ prep->datalen > sizeof(*payload) + FSCRYPT_MAX_HW_WRAPPED_KEY_SIZE)
	return -EINVAL;

	if (payload->type != FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR &&
	@@ -678,9 +680,15 @@ int fscrypt_ioctl_add_key(struct file filp, void __user _uarg)
	err = get_keyring_key(arg.key_id, arg.key_spec.type, &secret);
	if (err)
	goto out_wipe_secret;
	+ err = -EINVAL;
	+ if (!(arg.__flags & __FSCRYPT_ADD_KEY_FLAG_HW_WRAPPED) &&
	+ secret.size > FSCRYPT_MAX_KEY_SIZE)
	+ goto out_wipe_secret;
	} else {
	if (arg.raw_size < FSCRYPT_MIN_KEY_SIZE \|\|
	- arg.raw_size > FSCRYPT_MAX_KEY_SIZE)
	+ arg.raw_size >
	+ ((arg.__flags & __FSCRYPT_ADD_KEY_FLAG_HW_WRAPPED) ?
	+ FSCRYPT_MAX_HW_WRAPPED_KEY_SIZE : FSCRYPT_MAX_KEY_SIZE))
	return -EINVAL;
	secret.size = arg.raw_size;
	err = -EFAULT;