diff options
Diffstat (limited to 'security/keys/trusted.c')
| -rw-r--r-- | security/keys/trusted.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/security/keys/trusted.c b/security/keys/trusted.c index 3f163d0489ad..e13fcf7636f7 100644 --- a/security/keys/trusted.c +++ b/security/keys/trusted.c | |||
| @@ -895,23 +895,24 @@ static struct trusted_key_payload *trusted_payload_alloc(struct key *key) | |||
| 895 | * | 895 | * |
| 896 | * On success, return 0. Otherwise return errno. | 896 | * On success, return 0. Otherwise return errno. |
| 897 | */ | 897 | */ |
| 898 | static int trusted_instantiate(struct key *key, const void *data, | 898 | static int trusted_instantiate(struct key *key, |
| 899 | size_t datalen) | 899 | struct key_preparsed_payload *prep) |
| 900 | { | 900 | { |
| 901 | struct trusted_key_payload *payload = NULL; | 901 | struct trusted_key_payload *payload = NULL; |
| 902 | struct trusted_key_options *options = NULL; | 902 | struct trusted_key_options *options = NULL; |
| 903 | size_t datalen = prep->datalen; | ||
| 903 | char *datablob; | 904 | char *datablob; |
| 904 | int ret = 0; | 905 | int ret = 0; |
| 905 | int key_cmd; | 906 | int key_cmd; |
| 906 | size_t key_len; | 907 | size_t key_len; |
| 907 | 908 | ||
| 908 | if (datalen <= 0 || datalen > 32767 || !data) | 909 | if (datalen <= 0 || datalen > 32767 || !prep->data) |
| 909 | return -EINVAL; | 910 | return -EINVAL; |
| 910 | 911 | ||
| 911 | datablob = kmalloc(datalen + 1, GFP_KERNEL); | 912 | datablob = kmalloc(datalen + 1, GFP_KERNEL); |
| 912 | if (!datablob) | 913 | if (!datablob) |
| 913 | return -ENOMEM; | 914 | return -ENOMEM; |
| 914 | memcpy(datablob, data, datalen); | 915 | memcpy(datablob, prep->data, datalen); |
| 915 | datablob[datalen] = '\0'; | 916 | datablob[datalen] = '\0'; |
| 916 | 917 | ||
| 917 | options = trusted_options_alloc(); | 918 | options = trusted_options_alloc(); |
| @@ -981,17 +982,18 @@ static void trusted_rcu_free(struct rcu_head *rcu) | |||
| 981 | /* | 982 | /* |
| 982 | * trusted_update - reseal an existing key with new PCR values | 983 | * trusted_update - reseal an existing key with new PCR values |
| 983 | */ | 984 | */ |
| 984 | static int trusted_update(struct key *key, const void *data, size_t datalen) | 985 | static int trusted_update(struct key *key, struct key_preparsed_payload *prep) |
| 985 | { | 986 | { |
| 986 | struct trusted_key_payload *p = key->payload.data; | 987 | struct trusted_key_payload *p = key->payload.data; |
| 987 | struct trusted_key_payload *new_p; | 988 | struct trusted_key_payload *new_p; |
| 988 | struct trusted_key_options *new_o; | 989 | struct trusted_key_options *new_o; |
| 990 | size_t datalen = prep->datalen; | ||
| 989 | char *datablob; | 991 | char *datablob; |
| 990 | int ret = 0; | 992 | int ret = 0; |
| 991 | 993 | ||
| 992 | if (!p->migratable) | 994 | if (!p->migratable) |
| 993 | return -EPERM; | 995 | return -EPERM; |
| 994 | if (datalen <= 0 || datalen > 32767 || !data) | 996 | if (datalen <= 0 || datalen > 32767 || !prep->data) |
| 995 | return -EINVAL; | 997 | return -EINVAL; |
| 996 | 998 | ||
| 997 | datablob = kmalloc(datalen + 1, GFP_KERNEL); | 999 | datablob = kmalloc(datalen + 1, GFP_KERNEL); |
| @@ -1008,7 +1010,7 @@ static int trusted_update(struct key *key, const void *data, size_t datalen) | |||
| 1008 | goto out; | 1010 | goto out; |
| 1009 | } | 1011 | } |
| 1010 | 1012 | ||
| 1011 | memcpy(datablob, data, datalen); | 1013 | memcpy(datablob, prep->data, datalen); |
| 1012 | datablob[datalen] = '\0'; | 1014 | datablob[datalen] = '\0'; |
| 1013 | ret = datablob_parse(datablob, new_p, new_o); | 1015 | ret = datablob_parse(datablob, new_p, new_o); |
| 1014 | if (ret != Opt_update) { | 1016 | if (ret != Opt_update) { |