linux-sg2042/security
Nikolaus Voss 1d1a710c19 KEYS: encrypted: fix key instantiation with user-provided data
commit 5adedd4224 upstream.

Commit cd3bc044af ("KEYS: encrypted: Instantiate key with
user-provided decrypted data") added key instantiation with user
provided decrypted data.  The user data is hex-ascii-encoded but was
just memcpy'ed to the binary buffer. Fix this to use hex2bin instead.

Old keys created from user provided decrypted data saved with "keyctl
pipe" are still valid, however if the key is recreated from decrypted
data the old key must be converted to the correct format. This can be
done with a small shell script, e.g.:

BROKENKEY=abcdefABCDEF1234567890aaaaaaaaaa
NEWKEY=$(echo -ne $BROKENKEY | xxd -p -c32)
keyctl add user masterkey "$(cat masterkey.bin)" @u
keyctl add encrypted testkey "new user:masterkey 32 $NEWKEY" @u

However, NEWKEY is still broken: If for BROKENKEY 32 bytes were
specified, a brute force attacker knowing the key properties would only
need to try at most 2^(16*8) keys, as if the key was only 16 bytes long.

The security issue is a result of the combination of limiting the input
range to hex-ascii and using memcpy() instead of hex2bin(). It could
have been fixed either by allowing binary input or using hex2bin() (and
doubling the ascii input key length). This patch implements the latter.

The corresponding test for the Linux Test Project ltp has also been
fixed (see link below).

Fixes: cd3bc044af ("KEYS: encrypted: Instantiate key with user-provided decrypted data")
Cc: stable@kernel.org
Link: https://lore.kernel.org/ltp/20221006081709.92303897@mail.steuer-voss.de/
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Nikolaus Voss <nikolaus.voss@haag-streit.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-12-21 17:48:11 +01:00
..
apparmor ->getprocattr(): attribute name is const char *, TYVM... 2022-09-01 17:34:39 -04:00
bpf bpf: Implement task local storage 2020-11-06 08:08:37 -08:00
integrity fs.acl.rework.prep.v6.1 2022-10-03 19:48:54 -07:00
keys KEYS: encrypted: fix key instantiation with user-provided data 2022-12-21 17:48:11 +01:00
landlock landlock: Fix documentation style 2022-09-29 18:43:04 +02:00
loadpin LoadPin: Require file with verity root digests to have a header 2022-09-07 16:37:27 -07:00
lockdown lockdown: ratelimit denial messages 2022-09-14 07:37:50 -04:00
safesetid LSM: SafeSetID: Add setgroups() security policy handling 2022-07-15 18:24:42 +00:00
selinux selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() 2022-10-19 09:55:53 -04:00
smack whack-a-mole: constifying struct path * 2022-10-06 17:31:02 -07:00
tomoyo tomoyo: struct path it might get from LSM callers won't have NULL dentry or mnt 2022-08-21 11:50:42 -04:00
yama task_work: cleanup notification modes 2020-10-17 15:05:30 -06:00
Kconfig x86/retbleed: Add fine grained Kconfig knobs 2022-06-29 17:43:41 +02:00
Kconfig.hardening - Yu Zhao's Multi-Gen LRU patches are here. They've been under test in 2022-10-10 17:53:04 -07:00
Makefile security: remove unneeded subdir-$(CONFIG_...) 2021-09-03 08:17:20 +09:00
commoncap.c capabilities: fix potential memleak on error path from vfs_getxattr_alloc() 2022-10-28 06:44:33 -04:00
device_cgroup.c bpf: Make BPF_PROG_RUN_ARRAY return -err instead of allow boolean 2022-01-19 12:51:30 -08:00
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
lsm_audit.c lsm: clean up redundant NULL pointer check 2022-08-15 22:44:01 -04:00
min_addr.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
security.c powerpc updates for 6.1 2022-10-09 14:05:15 -07:00