linux/security/keys
David Howells aa9d443789 KEYS: Fix the size of the key description passed to/from userspace
When a key description argument is imported into the kernel from userspace, as
happens in add_key(), request_key(), KEYCTL_JOIN_SESSION_KEYRING,
KEYCTL_SEARCH, the description is copied into a buffer up to PAGE_SIZE in size.
PAGE_SIZE, however, is a variable quantity, depending on the arch.  Fix this at
4096 instead (ie. 4095 plus a NUL termination) and define a constant
(KEY_MAX_DESC_SIZE) to this end.

When reading the description back with KEYCTL_DESCRIBE, a PAGE_SIZE internal
buffer is allocated into which the information and description will be
rendered.  This means that the description will get truncated if an extremely
long description it has to be crammed into the buffer with the stringified
information.  There is no particular need to copy the description into the
buffer, so just copy it directly to userspace in a separate operation.

Reported-by: Christian Kastner <debian@kvr.at>
Signed-off-by: David Howells <dhowells@redhat.com>
Tested-by: Christian Kastner <debian@kvr.at>
2014-12-01 22:52:45 +00:00
..
encrypted-keys KEYS: Remove key_type::match in favour of overriding default by match_preparse 2014-09-16 17:36:06 +01:00
big_key.c KEYS: Remove key_type::match in favour of overriding default by match_preparse 2014-09-16 17:36:06 +01:00
compat.c security/compat: convert to COMPAT_SYSCALL_DEFINE 2014-03-06 16:30:42 +01:00
gc.c sched: Remove proliferation of wait_on_bit() action functions 2014-07-16 15:10:39 +02:00
internal.h KEYS: Make the key matching functions return bool 2014-09-16 17:36:08 +01:00
Kconfig KEYS: Make BIG_KEYS boolean 2013-10-30 11:15:23 +00:00
key.c Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2014-10-12 10:13:55 -04:00
keyctl.c KEYS: Fix the size of the key description passed to/from userspace 2014-12-01 22:52:45 +00:00
keyring.c KEYS: Make the key matching functions return bool 2014-09-16 17:36:08 +01:00
Makefile KEYS: Add per-user_namespace registers for persistent per-UID kerberos caches 2013-09-24 10:35:19 +01:00
permission.c KEYS: Move the flags representing required permission to linux/key.h 2014-03-14 17:44:49 +00:00
persistent.c KEYS: Move the flags representing required permission to linux/key.h 2014-03-14 17:44:49 +00:00
proc.c KEYS: Preparse match data 2014-09-16 17:36:02 +01:00
process_keys.c KEYS: Make the key matching functions return bool 2014-09-16 17:36:08 +01:00
request_key_auth.c KEYS: Remove key_type::match in favour of overriding default by match_preparse 2014-09-16 17:36:06 +01:00
request_key.c Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2014-10-12 10:13:55 -04:00
sysctl.c security: Convert use of typedef ctl_table to struct ctl_table 2014-04-15 13:39:58 +10:00
trusted.c KEYS: Remove key_type::match in favour of overriding default by match_preparse 2014-09-16 17:36:06 +01:00
trusted.h trusted-keys: rename trusted_defined files to trusted 2011-01-24 10:14:22 +11:00
user_defined.c KEYS: Remove key_type::match in favour of overriding default by match_preparse 2014-09-16 17:36:06 +01:00