superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/security/keys
History
Srish Srinivasan 6342969daf keys/trusted_keys: fix handle passed to tpm_buf_append_name during unseal 
TPM2_Unseal[1] expects the handle of a loaded data object, and not the
handle of the parent key. But the tpm2_unseal_cmd provides the parent
keyhandle instead of blob_handle for the session HMAC calculation. This
causes unseal to fail.

Fix this by passing blob_handle to tpm_buf_append_name().

References:

[1] trustedcomputinggroup.org/wp-content/uploads/
    Trusted-Platform-Module-2.0-Library-Part-3-Version-184_pub.pdf

Fixes: 6e9722e9a7 ("tpm2-sessions: Fix out of range indexing in name_size")
Signed-off-by: Srish Srinivasan <ssrish@linux.ibm.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
 		2026-01-25 19:03:45 +02:00
..
encrypted-keys keys: Replace deprecated strncpy in ecryptfs_fill_auth_tok 2025-11-27 23:50:20 +02:00
trusted-keys keys/trusted_keys: fix handle passed to tpm_buf_append_name during unseal 2026-01-25 19:03:45 +02:00
Kconfig security: keys: use menuconfig for KEYS symbol 2025-10-04 17:25:35 +03:00
Makefile
big_key.c keys: Remove redundant less-than-zero checks 2025-11-27 23:50:20 +02:00
compat.c security/keys: remove compat_keyctl_instantiate_key_iov 2020-10-03 00:02:16 -04:00
compat_dh.c
dh.c KEYS: DH: Use crypto_wait_req 2023-02-13 18:34:48 +08:00
gc.c KEYS: Invert FINAL_PUT bit 2025-06-11 11:57:14 -07:00
internal.h keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry 2023-12-21 13:47:38 +00:00
key.c KEYS: Invert FINAL_PUT bit 2025-06-11 11:57:14 -07:00
keyctl.c task_work: s/task_work_cancel()/task_work_cancel_func()/ 2024-07-09 13:26:31 +02:00
keyctl_pkey.c KEYS: fix length validation in keyctl_pkey_params_get_2() 2022-03-08 10:33:18 +02:00
keyring.c security/keys: fix slab-out-of-bounds in key_task_permission 2024-11-04 21:24:24 +02:00
permission.c
persistent.c
proc.c keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry 2023-12-21 13:47:38 +00:00
process_keys.c cred: make init_cred static 2025-11-04 12:36:02 +01:00
request_key.c keys: Fix linking a duplicate key to a keyring's assoc_array 2023-07-17 19:32:30 +00:00
request_key_auth.c KEYS: Replace all non-returning strlcpy with strscpy 2023-08-17 20:12:35 +00:00
sysctl.c treewide: const qualify ctl_tables where applicable 2025-01-28 13:48:37 +01:00
user_defined.c keys: Remove redundant less-than-zero checks 2025-11-27 23:50:20 +02:00