Re: [PATCH v5 4/4] powerpc: load firmware trusted keys/hashes into kernel keyring

From: Lakshmi Ramasubramanian
Date: Fri Oct 25 2019 - 12:02:50 EST

Next message: Andy Shevchenko: "Re: [PATCH 1/2] regulator: add support for Intel Cherry Whiskey Cove regulator"
Previous message: Jacob Pan: "Re: [PATCH v7 07/11] iommu/vt-d: Add nested translation helper function"
In reply to: Nayna Jain: "[PATCH v5 4/4] powerpc: load firmware trusted keys/hashes into kernel keyring"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/24/19 5:58 PM, Nayna Jain wrote:

+
+/*
+ * Get a certificate list blob from the named secure variable.
+ */
+static __init void *get_cert_list(u8 *key, unsigned long keylen, uint64_t *size)
+{
+ int rc;
+ void *db;
+
+ rc = secvar_ops->get(key, keylen, NULL, size);
+ if (rc) {
+ pr_err("Couldn't get size: %d\n", rc);
+ return NULL;
+ }
+
+ db = kmalloc(*size, GFP_KERNEL);

Is there a MIN\MAX limit on size that should be validated here before memory allocation?

+ if (!db)
+ return NULL;
+
+ rc = secvar_ops->get(key, keylen, db, size);
+ if (rc) {
+ kfree(db);
+ pr_err("Error reading db var: %d\n", rc);
+ return NULL;

nit: set db to NULL and return from the end of the function.

+ }
+
+ return db;
+}

Next message: Andy Shevchenko: "Re: [PATCH 1/2] regulator: add support for Intel Cherry Whiskey Cove regulator"
Previous message: Jacob Pan: "Re: [PATCH v7 07/11] iommu/vt-d: Add nested translation helper function"
In reply to: Nayna Jain: "[PATCH v5 4/4] powerpc: load firmware trusted keys/hashes into kernel keyring"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]