git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit

author	Eric Biggers <ebiggers@google.com>
	Thu, 22 Feb 2018 14:38:34 +0000 (14:38 +0000)
committer	Seth Forshee <seth.forshee@canonical.com>
	Wed, 28 Feb 2018 14:47:10 +0000 (08:47 -0600)
commit	c2a01185840ecbd5a3de7e703f02b548ee6689ff
tree	a846687dd30bb0349958fadb32fbbbc89a53b823	tree
parent	2579659ade918cd5c46ff6f8977e669efd3ace4e	commit \| diff

X.509: fix NULL dereference when restricting key with unsupported_sig

BugLink: https://bugs.launchpad.net/bugs/1752317
commit 4b34968e77ad09628cfb3c4a7daf2adc2cefc6e8 upstream.

The asymmetric key type allows an X.509 certificate to be added even if
its signature's hash algorithm is not available in the crypto API.  In
that case 'payload.data[asym_auth]' will be NULL.  But the key
restriction code failed to check for this case before trying to use the
signature, resulting in a NULL pointer dereference in
key_or_keyring_common() or in restrict_link_by_signature().

Fix this by returning -ENOPKG when the signature is unsupported.

Reproducer when all the CONFIG_CRYPTO_SHA512* options are disabled and
keyctl has support for the 'restrict_keyring' command:

    keyctl new_session
    keyctl restrict_keyring @s asymmetric builtin_trusted
    openssl req -new -sha512 -x509 -batch -nodes -outform der \
        | keyctl padd asymmetric desc @s

Fixes: a511e1af8b12 ("KEYS: Move the point of trust determination to __key_link()")
Cc: <stable@vger.kernel.org> # v4.7+
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>