[PATCH v5 4/4] powerpc: load firmware trusted keys/hashes into kernel keyring
Lakshmi Ramasubramanian
nramas at linux.microsoft.com
Sat Oct 26 03:02:47 AEDT 2019
On 10/24/19 5:58 PM, Nayna Jain wrote:
> +
> +/*
> + * Get a certificate list blob from the named secure variable.
> + */
> +static __init void *get_cert_list(u8 *key, unsigned long keylen, uint64_t *size)
> +{
> + int rc;
> + void *db;
> +
> + rc = secvar_ops->get(key, keylen, NULL, size);
> + if (rc) {
> + pr_err("Couldn't get size: %d\n", rc);
> + return NULL;
> + }
> +
> + db = kmalloc(*size, GFP_KERNEL);
Is there a MIN\MAX limit on size that should be validated here before
memory allocation?
> + if (!db)
> + return NULL;
> +
> + rc = secvar_ops->get(key, keylen, db, size);
> + if (rc) {
> + kfree(db);
> + pr_err("Error reading db var: %d\n", rc);
> + return NULL;
nit: set db to NULL and return from the end of the function.
> + }
> +
> + return db;
> +}
More information about the Linuxppc-dev
mailing list