diff options
Diffstat (limited to 'security/keys/trusted.c')
| -rw-r--r-- | security/keys/trusted.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/security/keys/trusted.c b/security/keys/trusted.c index 2d5d041f2049..42036c7a0856 100644 --- a/security/keys/trusted.c +++ b/security/keys/trusted.c | |||
| @@ -927,22 +927,23 @@ static struct trusted_key_payload *trusted_payload_alloc(struct key *key) | |||
| 927 | * | 927 | * |
| 928 | * On success, return 0. Otherwise return errno. | 928 | * On success, return 0. Otherwise return errno. |
| 929 | */ | 929 | */ |
| 930 | static int trusted_instantiate(struct key *key, const void *data, | 930 | static int trusted_instantiate(struct key *key, |
| 931 | size_t datalen) | 931 | struct key_preparsed_payload *prep) |
| 932 | { | 932 | { |
| 933 | struct trusted_key_payload *payload = NULL; | 933 | struct trusted_key_payload *payload = NULL; |
| 934 | struct trusted_key_options *options = NULL; | 934 | struct trusted_key_options *options = NULL; |
| 935 | size_t datalen = prep->datalen; | ||
| 935 | char *datablob; | 936 | char *datablob; |
| 936 | int ret = 0; | 937 | int ret = 0; |
| 937 | int key_cmd; | 938 | int key_cmd; |
| 938 | 939 | ||
| 939 | if (datalen <= 0 || datalen > 32767 || !data) | 940 | if (datalen <= 0 || datalen > 32767 || !prep->data) |
| 940 | return -EINVAL; | 941 | return -EINVAL; |
| 941 | 942 | ||
| 942 | datablob = kmalloc(datalen + 1, GFP_KERNEL); | 943 | datablob = kmalloc(datalen + 1, GFP_KERNEL); |
| 943 | if (!datablob) | 944 | if (!datablob) |
| 944 | return -ENOMEM; | 945 | return -ENOMEM; |
| 945 | memcpy(datablob, data, datalen); | 946 | memcpy(datablob, prep->data, datalen); |
| 946 | datablob[datalen] = '\0'; | 947 | datablob[datalen] = '\0'; |
| 947 | 948 | ||
| 948 | options = trusted_options_alloc(); | 949 | options = trusted_options_alloc(); |
| @@ -1011,17 +1012,18 @@ static void trusted_rcu_free(struct rcu_head *rcu) | |||
| 1011 | /* | 1012 | /* |
| 1012 | * trusted_update - reseal an existing key with new PCR values | 1013 | * trusted_update - reseal an existing key with new PCR values |
| 1013 | */ | 1014 | */ |
| 1014 | static int trusted_update(struct key *key, const void *data, size_t datalen) | 1015 | static int trusted_update(struct key *key, struct key_preparsed_payload *prep) |
| 1015 | { | 1016 | { |
| 1016 | struct trusted_key_payload *p = key->payload.data; | 1017 | struct trusted_key_payload *p = key->payload.data; |
| 1017 | struct trusted_key_payload *new_p; | 1018 | struct trusted_key_payload *new_p; |
| 1018 | struct trusted_key_options *new_o; | 1019 | struct trusted_key_options *new_o; |
| 1020 | size_t datalen = prep->datalen; | ||
| 1019 | char *datablob; | 1021 | char *datablob; |
| 1020 | int ret = 0; | 1022 | int ret = 0; |
| 1021 | 1023 | ||
| 1022 | if (!p->migratable) | 1024 | if (!p->migratable) |
| 1023 | return -EPERM; | 1025 | return -EPERM; |
| 1024 | if (datalen <= 0 || datalen > 32767 || !data) | 1026 | if (datalen <= 0 || datalen > 32767 || !prep->data) |
| 1025 | return -EINVAL; | 1027 | return -EINVAL; |
| 1026 | 1028 | ||
| 1027 | datablob = kmalloc(datalen + 1, GFP_KERNEL); | 1029 | datablob = kmalloc(datalen + 1, GFP_KERNEL); |
| @@ -1038,7 +1040,7 @@ static int trusted_update(struct key *key, const void *data, size_t datalen) | |||
| 1038 | goto out; | 1040 | goto out; |
| 1039 | } | 1041 | } |
| 1040 | 1042 | ||
| 1041 | memcpy(datablob, data, datalen); | 1043 | memcpy(datablob, prep->data, datalen); |
| 1042 | datablob[datalen] = '\0'; | 1044 | datablob[datalen] = '\0'; |
| 1043 | ret = datablob_parse(datablob, new_p, new_o); | 1045 | ret = datablob_parse(datablob, new_p, new_o); |
| 1044 | if (ret != Opt_update) { | 1046 | if (ret != Opt_update) { |