kernel/linux.git/security/keys, branch v6.18.34

security/keys: fix missed RCU read section on lookup

2026-06-01T15:51:08+00:00

commit 43a1e3744548e6fd85873e6fb43e293eb4010694 upstream. Nicholas Carlini reports that the keyring code calls assoc_array_find() in find_key_to_update() without holding the RCU read lock, while the assoc_array_gc() code really is designed around removing the node from the tree and then freeing it after an RCU grace-period. The regular key handling doesn't see this because holding the keyring semaphore hides any lifetime issues, but the persistent key handling uses a different model. Instead of extending the keyring locking, just do the simple RCU locking that the assoc_array was designed for. Reported-by: Nicholas Carlini Cc: David Howells Cc: Jarkko Sakkinen Cc: Paul Moore Cc: James Morris James Morris Cc: Serge E. Hallyn Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman

keys/trusted_keys: fix handle passed to tpm_buf_append_name during unseal

2026-01-30T09:32:22+00:00

[ Upstream commit 6342969dafbc63597cfc221aa13c3b123c2800c5 ] TPM2_Unseal[1] expects the handle of a loaded data object, and not the handle of the parent key. But the tpm2_unseal_cmd provides the parent keyhandle instead of blob_handle for the session HMAC calculation. This causes unseal to fail. Fix this by passing blob_handle to tpm_buf_append_name(). References: [1] trustedcomputinggroup.org/wp-content/uploads/ Trusted-Platform-Module-2.0-Library-Part-3-Version-184_pub.pdf Fixes: 6e9722e9a7bf ("tpm2-sessions: Fix out of range indexing in name_size") Signed-off-by: Srish Srinivasan Reviewed-by: Stefan Berger Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen Signed-off-by: Sasha Levin

tpm2-sessions: Fix out of range indexing in name_size

2026-01-02T11:57:11+00:00

commit 6e9722e9a7bfe1bbad649937c811076acf86e1fd upstream. 'name_size' does not have any range checks, and it just directly indexes with TPM_ALG_ID, which could lead into memory corruption at worst. Address the issue by only processing known values and returning -EINVAL for unrecognized values. Make also 'tpm_buf_append_name' and 'tpm_buf_fill_hmac_session' fallible so that errors are detected before causing any spurious TPM traffic. End also the authorization session on failure in both of the functions, as the session state would be then by definition corrupted. Cc: stable@vger.kernel.org # v6.10+ Fixes: 1085b8276bb4 ("tpm: Add the rest of the session HMAC API") Reviewed-by: Jonathan McDowell Signed-off-by: Jarkko Sakkinen Signed-off-by: Greg Kroah-Hartman

KEYS: trusted: Fix a memory leak in tpm2_load_cmd

2026-01-02T11:57:05+00:00

commit 62cd5d480b9762ce70d720a81fa5b373052ae05f upstream. 'tpm2_load_cmd' allocates a tempoary blob indirectly via 'tpm2_key_decode' but it is not freed in the failure paths. Address this by wrapping the blob into with a cleanup helper. Cc: stable@vger.kernel.org # v5.13+ Fixes: f2219745250f ("security: keys: trusted: use ASN.1 TPM2 key format for the blobs") Signed-off-by: Jarkko Sakkinen Signed-off-by: Greg Kroah-Hartman

security: keys: use menuconfig for KEYS symbol

2025-10-04T14:25:35+00:00

Give the KEYS kconfig symbol and its associated symbols a separate menu space under Security options by using "menuconfig" instead of "config". This also makes it easier to find the security and LSM options. Signed-off-by: Randy Dunlap Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen

KEYS: encrypted: Use SHA-256 library instead of crypto_shash

2025-10-04T14:25:35+00:00

Instead of the "sha256" crypto_shash, just use sha256(). Similarly, instead of the "hmac(sha256)" crypto_shash, just use hmac_sha256_usingrawkey(). This is simpler and faster. Signed-off-by: Eric Biggers Reviewed-by: Jarkko Sakkinen Reviewed-by: Mimi Zohar Signed-off-by: Jarkko Sakkinen

KEYS: trusted_tpm1: Move private functionality out of public header

2025-09-27T18:05:06+00:00

Move functionality used only by trusted_tpm1.c out of the public header . Specifically, change the exported functions into static functions, since they are not used outside trusted_tpm1.c, and move various other definitions and inline functions to trusted_tpm1.c. Signed-off-by: Eric Biggers Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen

KEYS: trusted_tpm1: Use SHA-1 library instead of crypto_shash

2025-09-27T18:05:06+00:00

Use the SHA-1 and HMAC-SHA1 library functions instead of crypto_shash. This is simpler and faster. Replace the selection of CRYPTO, CRYPTO_HMAC, and CRYPTO_SHA1 with CRYPTO_LIB_SHA1 and CRYPTO_LIB_UTILS. The latter is needed for crypto_memneq() which was previously being pulled in via CRYPTO. Signed-off-by: Eric Biggers Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen

KEYS: trusted_tpm1: Compare HMAC values in constant time

2025-09-27T18:05:06+00:00

To prevent timing attacks, HMAC value comparison needs to be constant time. Replace the memcmp() with the correct function, crypto_memneq(). [For the Fixes commit I used the commit that introduced the memcmp(). It predates the introduction of crypto_memneq(), but it was still a bug at the time even though a helper function didn't exist yet.] Fixes: d00a1c72f7f4 ("keys: add new trusted key-type") Cc: stable@vger.kernel.org Signed-off-by: Eric Biggers Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen

KEYS: Invert FINAL_PUT bit

2025-06-11T18:57:14+00:00

Invert the FINAL_PUT bit so that test_bit_acquire and clear_bit_unlock can be used instead of smp_mb. Signed-off-by: Herbert Xu Signed-off-by: David Howells Reviewed-by: Jarkko Sakkinen Signed-off-by: Linus Torvalds