MLK-24517-4 crypto: caam - validate arguments received from user-space

Validate sizes for each argument received from user-space to avoid untrusted values. Therefor check if Encrypted Key Type, Key Mode and Key Value are given - their sizes must be at least 1 since they have the null terminator. Reported-by: Coverity 10893160 Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Franck LENORMAND <franck.lenormand@nxp.com>
2026-01-27 12:35:36 +01:00 · 2020-08-21 19:12:51 +03:00 · 2020-08-21 19:12:51 +03:00 · d7c41169bc
commit d7c41169bc
parent b8c49eddfd
1 changed files with 12 additions and 0 deletions
--- a/drivers/crypto/caam/caamkeygen.c
+++ b/drivers/crypto/caam/caamkeygen.c
@ -169,6 +169,18 @@ static int validate_input(struct caam_keygen_cmd *key_crt, unsigned long arg,
 	 * the Key Mode and Key Value
 	 */
 	if (create_key_op) {
+		/*
+		 * Validate arguments received from user.
+		 * These must be at least 1 since
+		 * they have null terminator.
+		 */
+		if (key_crt->key_enc_len < 1 || key_crt->key_mode_len < 1 ||
+		    key_crt->key_value_len < 1) {
+			msg = "Invalid arguments.\n";
+			send_err_msg(msg, u64_to_user_ptr(key_crt->blob),
+				     key_crt->blob_len);
+			return -EFAULT;
+		}
 		/*
 		 * Allocate memory for temporary buffer used to
 		 * get the user arguments from user-space