From 197123c970c49fd3ae2f78c7856e5577005ece31 Mon Sep 17 00:00:00 2001
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Wed, 13 Feb 2019 15:00:23 +0800
Subject: [PATCH] security: don't use a negative Opt_err token index

mainline inclusion
from mainline-4.20
commit 94c13f66e13ca0f3d5b7b9e7e385fe5db35abe3c
category: bugfix
bugzilla: 6257
CVE: NA

---------------------------

The code uses a bitmap to check for duplicate tokens during parsing, and
that doesn't work at all for the negative Opt_err token case.

There is absolutely no reason to make Opt_err be negative, and in fact
it only confuses things, since some of the affected functions actually
return a positive Opt_xyz enum _or_ a regular negative error code (eg
-EINVAL), and using -1 for Opt_err makes no sense.

There are similar problems in ima_policy.c and key encryption, but they
don't have the immediate bug wrt bitmap handing, and ima_policy.c in
particular needs a different patch to make the enum values match the
token array index.  Mimi is sending that separately.

Reported-by: syzbot+a22e0dc07567662c50bc@syzkaller.appspotmail.com
Reported-by: Eric Biggers <ebiggers@kernel.org>
Fixes: 5208cc83423d ("keys, trusted: fix: *do not* allow duplicate key options")
Fixes: 00d60fd3b932 ("KEYS: Provide keyctls to drive the new key type ops for asymmetric keys [ver #2]")
Cc: James Morris James Morris <jmorris@namei.org>
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Conflicts:
	security/keys/keyctl_pkey.c

commit 00d60fd3b932 ("KEYS: Provide keyctls to drive the new key type ops for
asymmetric keys [ver #2]") has not been merged to 4.19, so no file
security/keys/keyctl_pkey.c at all.

Signed-off-by: Jason Yan <yanaijie@huawei.com>
Reviewed-by: Zhang xiaoxu <zhangxiaoxu5@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
---
 security/keys/trusted.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index b69d3b1777c2..d398bf634d1d 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -707,7 +707,7 @@ static int key_unseal(struct trusted_key_payload *p,
 }
 
 enum {
-	Opt_err = -1,
+	Opt_err,
 	Opt_new, Opt_load, Opt_update,
 	Opt_keyhandle, Opt_keyauth, Opt_blobauth,
 	Opt_pcrinfo, Opt_pcrlock, Opt_migratable,
-- 
GitLab