linux/security/keys
David Howells d9f4bb1a0f KEYS: Use individual pages in big_key for crypto buffers
kmalloc() can't always allocate large enough buffers for big_key to use for
crypto (1MB + some metadata) so we cannot use that to allocate the buffer.
Further, vmalloc'd pages can't be passed to sg_init_one() and the aead
crypto accessors cannot be called progressively and must be passed all the
data in one go (which means we can't pass the data in one block at a time).

Fix this by allocating the buffer pages individually and passing them
through a multientry scatterlist to the crypto layer.  This has the bonus
advantage that we don't have to allocate a contiguous series of pages.

We then vmap() the page list and pass that through to the VFS read/write
routines.

This can trigger a warning:

	WARNING: CPU: 0 PID: 60912 at mm/page_alloc.c:3883 __alloc_pages_nodemask+0xb7c/0x15f8
	([<00000000002acbb6>] __alloc_pages_nodemask+0x1ee/0x15f8)
	 [<00000000002dd356>] kmalloc_order+0x46/0x90
	 [<00000000002dd3e0>] kmalloc_order_trace+0x40/0x1f8
	 [<0000000000326a10>] __kmalloc+0x430/0x4c0
	 [<00000000004343e4>] big_key_preparse+0x7c/0x210
	 [<000000000042c040>] key_create_or_update+0x128/0x420
	 [<000000000042e52c>] SyS_add_key+0x124/0x220
	 [<00000000007bba2c>] system_call+0xc4/0x2b0

from the keyctl/padd/useradd test of the keyutils testsuite on s390x.

Note that it might be better to shovel data through in page-sized lumps
instead as there's no particular need to use a monolithic buffer unless the
kernel itself wants to access the data.

Fixes: 13100a72f4 ("Security: Keys: Big keys stored encrypted")
Reported-by: Paul Bunyan <pbunyan@redhat.com>
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Kirill Marinushkin <k.marinushkin@gmail.com>
2018-02-22 14:58:38 +00:00
..
encrypted-keys License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
big_key.c KEYS: Use individual pages in big_key for crypto buffers 2018-02-22 14:58:38 +00:00
compat_dh.c KEYS: DH: validate __spare field 2017-07-14 11:01:38 +10:00
compat.c KEYS: add SP800-56A KDF support for DH 2017-04-04 22:33:38 +01:00
dh.c KEYS: DH: validate __spare field 2017-07-14 11:01:38 +10:00
gc.c Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-11-25 08:37:16 -10:00
internal.h security: keys: Replace time_t/timespec with time64_t 2017-11-15 16:38:45 +00:00
Kconfig security/keys: BIG_KEY requires CONFIG_CRYPTO 2017-10-18 09:12:40 +01:00
key.c security: keys: remove redundant assignment to key_ref 2017-12-08 15:13:29 +00:00
keyctl.c KEYS: reject NULL restriction string when type is specified 2017-12-08 15:13:29 +00:00
keyring.c keyring: Remove now-redundant smp_read_barrier_depends() 2017-12-04 10:53:14 -08:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
permission.c security: keys: Replace time_t/timespec with time64_t 2017-11-15 16:38:45 +00:00
persistent.c sched/headers: Prepare to remove <linux/cred.h> inclusion from <linux/sched.h> 2017-03-02 08:42:31 +01:00
proc.c security: keys: Replace time_t/timespec with time64_t 2017-11-15 16:38:45 +00:00
process_keys.c security: keys: Replace time_t/timespec with time64_t 2017-11-15 16:38:45 +00:00
request_key_auth.c KEYS: Fix race between updating and finding a negative key 2017-10-18 09:12:40 +01:00
request_key.c KEYS: add missing permission check for request_key() destination 2017-12-08 15:13:27 +00:00
sysctl.c
trusted.c tpm: use struct tpm_chip for tpm_chip_find_get() 2018-01-08 12:58:36 +02:00
trusted.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
user_defined.c KEYS: Fix race between updating and finding a negative key 2017-10-18 09:12:40 +01:00