• Wenwen Wang's avatar
    crypto: chtls - fix a missing-check bug · f16b613c
    Wenwen Wang authored
    In do_chtls_setsockopt(), the tls crypto info is first copied from the
    poiner 'optval' in userspace and saved to 'tmp_crypto_info'. Then the
    'version' of the crypto info is checked. If the version is not as expected,
    i.e., TLS_1_2_VERSION, error code -ENOTSUPP is returned to indicate that
    the provided crypto info is not supported yet. Then, the 'cipher_type'
    field of the 'tmp_crypto_info' is also checked to see if it is
    TLS_CIPHER_AES_GCM_128. If it is, the whole struct of
    tls12_crypto_info_aes_gcm_128 is copied from the pointer 'optval' and then
    the function chtls_setkey() is invoked to set the key.
    
    Given that the 'optval' pointer resides in userspace, a malicious userspace
    process can race to change the data pointed by 'optval' between the two
    copies. For example, a user can provide a crypto info with TLS_1_2_VERSION
    and TLS_CIPHER_AES_GCM_128. After the first copy, the user can modify the
    'version' and the 'cipher_type' fields to any versions and/or cipher types
    that are not allowed. This way, the user can bypass the checks, inject
    bad data to the kernel, cause chtls_setkey() to set a wrong key or other
    issues.
    
    This patch reuses the data copied in the first try so as to ensure these
    checks will not be bypassed.
    Signed-off-by: default avatarWenwen Wang <wang6495@umn.edu>
    Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    f16b613c
chtls_main.c 13.4 KB