mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,094,263 Commits 103 Branches 5,012 Tags 5.5 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Go to file
Tianjia Zhang f8b4a29481 KEYS: asymmetric: enforce SM2 signature use pkey algo 
[ Upstream commit 0815291a8f ]

The signature verification of SM2 needs to add the Za value and
recalculate sig->digest, which requires the detection of the pkey_algo
in public_key_verify_signature(). As Eric Biggers said, the pkey_algo
field in sig is attacker-controlled and should be use pkey->pkey_algo
instead of sig->pkey_algo, and secondly, if sig->pkey_algo is NULL, it
will also cause signature verification failure.

The software_key_determine_akcipher() already forces the algorithms
are matched, so the SM3 algorithm is enforced in the SM2 signature,
although this has been checked, we still avoid using any algorithm
information in the signature as input.

Fixes: 2155256396 ("X.509: support OSCCA SM2-with-SM3 certificate verification")
Reported-by: Eric Biggers <ebiggers@google.com>
Cc: stable@vger.kernel.org # v5.10+
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2022-08-17 14:42:32 +02:00
Documentation serial: 8250: Add proper clock handling for OxSemi PCIe devices 2022-08-17 14:42:23 +02:00
LICENSES LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid identifiers 2021-12-16 14:33:10 +01:00
arch KVM: nVMX: Attempt to load PERF_GLOBAL_CTRL on nVMX xfer iff it exists 2022-08-17 14:42:29 +02:00
block block: don't allow the same type rq_qos add more than once 2022-08-17 14:42:24 +02:00
certs certs/blacklist_hashes.c: fix const confusion in certs blacklist 2022-06-22 14:28:03 +02:00
crypto KEYS: asymmetric: enforce SM2 signature use pkey algo 2022-08-17 14:42:32 +02:00
drivers dm raid: fix address sanitizer warning in raid_resume 2022-08-17 14:42:29 +02:00
fs ext4: fix race when reusing xattr blocks 2022-08-17 14:42:32 +02:00
include tracing: Use a struct alignof to determine trace event field alignment 2022-08-17 14:42:29 +02:00
init stack: Declare {randomize_,}kstack_offset to fix Sparse warnings 2022-08-17 14:40:36 +02:00
io_uring io_uring: Don't require reinitable percpu_ref 2022-08-17 14:40:42 +02:00
ipc ipc/mqueue: use get_tree_nodev() in mqueue_get_tree() 2022-06-09 10:30:30 +02:00
kernel block: serialize all debugfs operations using q->debugfs_mutex 2022-08-17 14:42:24 +02:00
lib crypto: blake2s - remove shash module 2022-08-17 14:42:20 +02:00
mm hugetlb_cgroup: fix wrong hugetlb cgroup numa stat 2022-08-17 14:42:29 +02:00
net batman-adv: tracing: Use the new __vstring() helper 2022-08-17 14:42:29 +02:00
samples samples/landlock: Format with clang-format 2022-06-09 10:30:46 +02:00
scripts scripts/faddr2line: Fix vmlinux detection on arm64 2022-08-17 14:42:15 +02:00
security selinux: Add boundary check in put_entry() 2022-08-17 14:40:26 +02:00
sound ASoC: mchp-spdifrx: disable end of block interrupt on failures 2022-08-17 14:42:10 +02:00
tools tools/thermal: Fix possible path truncations 2022-08-17 14:42:15 +02:00
usr Kbuild updates for v5.18 2022-03-31 11:59:03 -07:00
virt KVM: Don't set Accessed/Dirty bits for ZERO_PAGE 2022-08-17 14:41:37 +02:00
.clang-format genirq/msi: Make interrupt allocation less convoluted 2021-12-16 22:22:20 +01:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore .gitignore: ignore only top-level modules.builtin 2021-05-02 00:43:35 +09:00
.mailmap hotfixes for 5.18-rc7 2022-05-13 10:22:37 -07:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: replace a Microchip AT91 maintainer 2022-02-09 11:30:01 +01:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS io_uring: move to separate directory 2022-08-17 14:40:41 +02:00
Makefile io_uring: move to separate directory 2022-08-17 14:40:41 +02:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.