Merge tag 'v5.4.89' into 5.4-2.3.x-imx

This is the 5.4.89 stable release Signed-off-by: Andrey Zhizhikin <andrey.zhizhikin@leica-geosystems.com>
author: Andrey Zhizhikin <andrey.zhizhikin@leica-geosystems.com> 2021-01-12 21:50:48 +0000
committer: Andrey Zhizhikin <andrey.zhizhikin@leica-geosystems.com> 2021-01-12 21:50:48 +0000
commit: a8a2b9ee4bec0b29d031324160b7f11af42a563a (patch)
tree: baf164b7da460973b2ec916d6a3f7b39d5b76d9a /crypto
parent: b598b85172f7df91090abe0f200f89a458ca4cc5 (diff)
parent: a829146c3fdcf6d0b76d9c54556a223820f1f73b (diff)
2 files changed, 3 insertions, 2 deletions
diff --git a/crypto/asymmetric_keys/asym_tpm.c b/crypto/asymmetric_keys/asym_tpm.c
index 5154e280ada2..08baa10a254b 100644
--- a/crypto/asymmetric_keys/asym_tpm.c
+++ b/crypto/asymmetric_keys/asym_tpm.c
@@ -370,7 +370,7 @@ static uint32_t derive_pub_key(const void *pub_key, uint32_t len, uint8_t *buf)
 	memcpy(cur, e, sizeof(e));
 	cur += sizeof(e);
 	/* Zero parameters to satisfy set_pub_key ABI. */
-	memset(cur, 0, SETKEY_PARAMS_SIZE);
+	memzero_explicit(cur, SETKEY_PARAMS_SIZE);
 
 	return cur - buf;
 }
diff --git a/crypto/ecdh.c b/crypto/ecdh.c
index efa4ee72301f..46570b517175 100644
--- a/crypto/ecdh.c
+++ b/crypto/ecdh.c
@@ -39,7 +39,8 @@ static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf,
 	struct ecdh params;
 	unsigned int ndigits;
 
-	if (crypto_ecdh_decode_key(buf, len, &params) < 0)
+	if (crypto_ecdh_decode_key(buf, len, &params) < 0 ||
+	    params.key_size > sizeof(ctx->private_key))
 		return -EINVAL;
 
 	ndigits = ecdh_supported_curve(params.curve_id);
author	Andrey Zhizhikin <andrey.zhizhikin@leica-geosystems.com>	2021-01-12 21:50:48 +0000
committer	Andrey Zhizhikin <andrey.zhizhikin@leica-geosystems.com>	2021-01-12 21:50:48 +0000
commit	a8a2b9ee4bec0b29d031324160b7f11af42a563a (patch)
tree	baf164b7da460973b2ec916d6a3f7b39d5b76d9a /crypto
parent	b598b85172f7df91090abe0f200f89a458ca4cc5 (diff)
parent	a829146c3fdcf6d0b76d9c54556a223820f1f73b (diff)