9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6 |
|
05-Feb-2013 |
Mathias Krause <minipli@googlemail.com> |
crypto: user - fix info leaks in report API Three errors resulting in kernel memory disclosure: 1/ The structures used for the netlink based crypto algorithm report API are located on the stack. As snprintf() does not fill the remainder of the buffer with null bytes, those stack bytes will be disclosed to users of the API. Switch to strncpy() to fix this. 2/ crypto_report_one() does not initialize all field of struct crypto_user_alg. Fix this to fix the heap info leak. 3/ For the module name we should copy only as many bytes as module_name() returns -- not as much as the destination buffer could hold. But the current code does not and therefore copies random data from behind the end of the module name, as the module name is always shorter than CRYPTO_MAX_ALG_NAME. Also switch to use strncpy() to copy the algorithm's name and driver_name. They are strings, after all. Signed-off-by: Mathias Krause <minipli@googlemail.com> Cc: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
6662df33f85b87bb29f2ecad124efe7bb2c08e05 |
|
02-Apr-2012 |
David S. Miller <davem@davemloft.net> |
crypto: Stop using NLA_PUT*(). These macros contain a hidden goto, and are thus extremely error prone and make code hard to audit. Signed-off-by: David S. Miller <davem@davemloft.net>
|
f0dfc0b0b7f3d961da8a98bcfccc8be9107a848b |
|
25-Nov-2011 |
Cong Wang <amwang@redhat.com> |
crypto: remove the second argument of k[un]map_atomic() Signed-off-by: Cong Wang <amwang@redhat.com>
|
3acc84739dd5d746840f881ad4d60bd2a428f1dd |
|
03-Nov-2011 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: algapi - Fix build problem with NET disabled The report functions use NLA_PUT so we need to ensure that NET is enabled. Reported-by: Luis Henriques <henrix@camandro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
6238cbaec429c98d1a280014839c934107c7c8f6 |
|
27-Sep-2011 |
Steffen Klassert <steffen.klassert@secunet.com> |
crypto: Add userspace report for ahash type algorithms Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
23a75eee070f1370bee803a34f285cf81eb5f331 |
|
06-Aug-2010 |
Szilveszter Ördög <slipszi@gmail.com> |
crypto: hash - Fix handling of small unaligned buffers If a scatterwalk chain contains an entry with an unaligned offset then hash_walk_next() will cut off the next step at the next alignment point. However, if the entry ends before the next alignment point then we a loop, which leads to a kernel oops. Fix this by checking whether the next aligment point is before the end of the current entry. Signed-off-by: Szilveszter Ördög <slipszi@gmail.com> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
cbb9bf65ae25dee772e85589136e7dd1c3e743ae |
|
03-Mar-2010 |
Szilveszter Ördög <slipszi@gmail.com> |
crypto: hash - Fix handling of unaligned buffers The correct way to calculate the start of the aligned part of an unaligned buffer is: offset = ALIGN(offset, alignmask + 1); However, crypto_hash_walk_done() has: offset += alignmask - 1; offset = ALIGN(offset, alignmask + 1); which actually skips a whole block unless offset % (alignmask + 1) == 1. This patch fixes the problem. Signed-off-by: Szilveszter Ördög <slipszi@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
5befbd5a7e9c814d145f15b4281c88da96fb1aa9 |
|
24-Jul-2009 |
Steffen Klassert <steffen.klassert@secunet.com> |
crypto: ahash - Use GFP_KERNEL on allocation if the request can sleep ahash_op_unaligned() and ahash_def_finup() allocate memory atomically, regardless whether the request can sleep or not. This patch changes this to use GFP_KERNEL if the request can sleep. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
a70c522520d967844c01fa01459edc698fc54544 |
|
15-Jul-2009 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: ahash - Fix setkey crash When the alignment check was made unconditional for ahash we may end up crashing on shash algorithms because we're always calling alg->setkey instead of tfm->setkey. This patch fixes it. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
66f6ce5e52f2f209d5bf1f06167cec888f4f4c13 |
|
14-Jul-2009 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: ahash - Add unaligned handling and default operations This patch exports the finup operation where available and adds a default finup operation for ahash. The operations final, finup and digest also will now deal with unaligned result pointers by copying it. Finally export/import operations are will now be exported too. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
093900c2b964da73daf234374225b5ce5d49f941 |
|
14-Jul-2009 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: ahash - Use GFP_KERNEL in unaligned setkey We currently use GFP_ATOMIC in the unaligned setkey function to allocate the temporary aligned buffer. Since setkey must be called in a sleepable context, we can use GFP_KERNEL instead. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
8c32c516eb1c1f9c14d25478442137c698788975 |
|
14-Jul-2009 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: hash - Zap unaligned buffers Some unaligned buffers on the stack weren't zapped properly which may cause secret data to be leaked. This patch fixes them by doing a zero memset. It is also possible for us to place random kernel stack contents in the digest buffer if a digest operation fails. This is fixed by only copying if the operation succeeded. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
500b3e3c3dc8e4845b77ae81e5b7b085ab183ce6 |
|
14-Jul-2009 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: ahash - Remove old_ahash_alg Now that all ahash implementations have been converted to the new ahash type, we can remove old_ahash_alg and its associated support. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
01c2dece4316dadc0f9fad1ad0b56d493980e492 |
|
14-Jul-2009 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: ahash - Add instance/spawn support This patch adds support for creating ahash instances and using ahash as spawns. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
88056ec346ccf41f63dbc7080b24b5fd19d1358d |
|
13-Jul-2009 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: ahash - Convert to new style algorithms This patch converts crypto_ahash to the new style. The old ahash algorithm type is retained until the existing ahash implementations are also converted. All ahash users will automatically get the new crypto_ahash type. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
d315a0e09f1c8b833cacd5e72f3edea419978138 |
|
31-May-2009 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: hash - Fix handling of sg entry that crosses page boundary A quirk that we've always supported is having an sg entry that's bigger than a page, or more generally an sg entry that crosses page boundaries. Even though it would be better to explicitly have to sg entries for this, we need to support it for the existing users, in particular, IPsec. The new ahash sg walking code did try to handle this, but there was a bug where we didn't increment the page so kept on walking on the first page over an dover again. This patch fixes it. Tested-by: Martin Willi <martin@strongswan.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
bb402f16ecf9bcdb944b8fa730f0e43cae519673 |
|
19-Feb-2009 |
Lee Nipper <lee.nipper@freescale.com> |
crypto: ahash - Fix digest size in /proc/crypto crypto_ahash_show changed to use cra_ahash for digestsize reference. Signed-off-by: Lee Nipper <lee.nipper@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
3751f402e099893c34089ed303dca6f5f92dbfd1 |
|
08-Nov-2008 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: hash - Make setkey optional Since most cryptographic hash algorithms have no keys, this patch makes the setkey function optional for ahash and shash. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
5f7082ed4f482f05db01d84dbf58190492ebf0ad |
|
31-Aug-2008 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: hash - Export shash through hash This patch allows shash algorithms to be used through the old hash interface. This is a transitional measure so we can convert the underlying algorithms to shash before converting the users across. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
dec8b78606ebd5f309c38f2fb10196ce996dd18d |
|
02-Nov-2008 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: hash - Add import/export interface It is often useful to save the partial state of a hash function so that it can be used as a base for two or more computations. The most prominent example is HMAC where all hashes start from a base determined by the key. Having an import/export interface means that we only have to compute that base once rather than for each message. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
20036252fc61c624a49770fb89684ea5cfdfa05e |
|
07-Jul-2008 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: hash - Added scatter list walking helper This patch adds the walking helpers for hash algorithms akin to those of block ciphers. This is a necessary step before we can reimplement existing hash algorithms using the new ahash interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
166247f46a9c866e6f7f7d2212be875fb82212a1 |
|
07-Jul-2008 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: hash - Removed vestigial ahash fields The base field in ahash_tfm appears to have been cut-n-pasted from ablkcipher. It isn't needed here at all. Similarly, the info field in ahash_request also appears to have originated from its cipher counter-part and is vestigial. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
ca786dc738f4f583b57b1bba7a335b5e8233f4b0 |
|
07-Jul-2008 |
Herbert Xu <herbert@gondor.apana.org.au> |
crypto: hash - Fixed digest size check The digest size check on hash algorithms is incorrect. It's perfectly valid for hash algorithms to have a digest length longer than their block size. For example crc32c has a block size of 1 and a digest size of 4. Rather than having it lie about its block size, this patch fixes the checks to do what they really should which is to bound the digest size so that code placing the digest on the stack continue to work. HMAC however still needs to check this as it's only defined for such algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
004a403c2e954734090a69aedc7f4f822bdcc142 |
|
14-May-2008 |
Loc Ho <lho@amcc.com> |
[CRYPTO] hash: Add asynchronous hash support This patch adds asynchronous hash and digest support. Signed-off-by: Loc Ho <lho@amcc.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|