crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() - linux/linux-stable.git

diff options

author	Lukas Wunner <lukas@wunner.de>	2025-02-02 20:00:52 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2025-07-17 18:37:24 +0200
commit	f2133b849ff273abddb6da622daddd8f6f6fa448 (patch)
tree	27dee2d64ef081eb6c2e573cb031d4ff87c551cf /scripts/patch-kernel
parent	59923d508bd28163b7f318faf470af5477566687 (diff)

crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP()

commit b16510a530d1e6ab9683f04f8fb34f2e0f538275 upstream. Herbert notes that DIV_ROUND_UP() may overflow unnecessarily if an ecdsa implementation's ->key_size() callback returns an unusually large value. Herbert instead suggests (for a division by 8): X / 8 + !!(X & 7) Based on this formula, introduce a generic DIV_ROUND_UP_POW2() macro and use it in lieu of DIV_ROUND_UP() for ->key_size() return values. Additionally, use the macro in ecc_digits_from_bytes(), whose "nbytes" parameter is a ->key_size() return value in some instances, or a user-specified ASN.1 length in the case of ecdsa_get_signature_rs(). Link: https://lore.kernel.org/r/Z3iElsILmoSu6FuC@gondor.apana.org.au/ Signed-off-by: Lukas Wunner <lukas@wunner.de> Signed-off-by: Lukas Wunner <lukas@wunner.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'scripts/patch-kernel')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: