diff mbox series

[v2,1/2] KEYS: trusted: fix DCP blob payload length assignment

Message ID 20240717112845.92088-1-david@sigma-star.at (mailing list archive)
State New
Headers show
Series [v2,1/2] KEYS: trusted: fix DCP blob payload length assignment | expand

Commit Message

David Gstir July 17, 2024, 11:28 a.m. UTC
The DCP trusted key type uses the wrong helper function to store
the blob's payload length which can lead to the wrong byte order
being used in case this would ever run on big endian architectures.

Fix by using correct helper function.

Cc: stable@vger.kernel.org # v6.10+
Fixes: 2e8a0f40a39c ("KEYS: trusted: Introduce NXP DCP-backed trusted keys")
Suggested-by: Richard Weinberger <richard@nod.at>
Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202405240610.fj53EK0q-lkp@intel.com/
Signed-off-by: David Gstir <david@sigma-star.at>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
---
v1 -> v2: fix ordering of commit tags, add s-o-b from Jarkko Sakkinen

 security/keys/trusted-keys/trusted_dcp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Jarkko Sakkinen July 17, 2024, 1:33 p.m. UTC | #1
On Wed Jul 17, 2024 at 2:28 PM EEST, David Gstir wrote:
> The DCP trusted key type uses the wrong helper function to store
> the blob's payload length which can lead to the wrong byte order
> being used in case this would ever run on big endian architectures.
>
> Fix by using correct helper function.
>
> Cc: stable@vger.kernel.org # v6.10+
> Fixes: 2e8a0f40a39c ("KEYS: trusted: Introduce NXP DCP-backed trusted keys")
> Suggested-by: Richard Weinberger <richard@nod.at>
> Reported-by: kernel test robot <lkp@intel.com>
> Closes: https://lore.kernel.org/oe-kbuild-all/202405240610.fj53EK0q-lkp@intel.com/
> Signed-off-by: David Gstir <david@sigma-star.at>
> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>

I applied the patches, will send the PR later on (probably either
-rc2 or -rc3), so thus they are mirrored already to also linux-next.

BR, Jarkko
diff mbox series

Patch

diff --git a/security/keys/trusted-keys/trusted_dcp.c b/security/keys/trusted-keys/trusted_dcp.c
index b5f81a05be36..b0947f072a98 100644
--- a/security/keys/trusted-keys/trusted_dcp.c
+++ b/security/keys/trusted-keys/trusted_dcp.c
@@ -222,7 +222,7 @@  static int trusted_dcp_seal(struct trusted_key_payload *p, char *datablob)
 		return ret;
 	}
 
-	b->payload_len = get_unaligned_le32(&p->key_len);
+	put_unaligned_le32(p->key_len, &b->payload_len);
 	p->blob_len = blen;
 	return 0;
 }