On Fri, Jan 25, 2019 at 09:01:16PM +0300, Vitaly Chikunov wrote: > > @@ -781,36 +780,17 @@ static int tpm_key_verify_signature(const struct key > *key, > if (!req) > goto error_free_tfm; > > - ret = -ENOMEM; > - outlen = crypto_akcipher_maxsize(tfm); > - output = kmalloc(outlen, GFP_KERNEL); > - if (!output) > - goto error_free_req; > - > - sg_init_one(&sig_sg, sig->s, sig->s_size); > - sg_init_one(&digest_sg, output, outlen); > - akcipher_request_set_crypt(req, &sig_sg, &digest_sg, sig->s_size, > - outlen); > + sg_init_table(&src_sg, 2); > + sg_set_buf(&src_sg[0], sig->s, sig->s_size); > + sg_set_buf(&src_sg[1], sig->digest, sig->digest_size); > + akcipher_request_set_crypt(req, &src_sg, NULL, sig->s_size, > + sig->digest_size);
It's not clear that sig->digest is guaranteed to be kmalloc memory. In any case, it's best not to mix unrelated changes in a single patch. So please keep the kmalloc on output and then copy sig->digest into it and put output into the SG list. Thanks, -- Email: Herbert Xu <herb...@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
