linux-toradex.git/crypto/ablkcipher.c, branch v3.14.57 Linux kernel for Apalis and Colibri modules crypto: api - Only abort operations on fatal signal 2015-11-09T20:50:26+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-10-19T10:23:57+00:00 36ce9978ddfb0db0adf9e4bddcceca19be430801 commit 3fc89adb9fa4beff31374a4bf50b3d099d88ae83 upstream. Currently a number of Crypto API operations may fail when a signal occurs. This causes nasty problems as the caller of those operations are often not in a good position to restart the operation. In fact there is currently no need for those operations to be interrupted by user signals at all. All we need is for them to be killable. This patch replaces the relevant calls of signal_pending with fatal_signal_pending, and wait_for_completion_interruptible with wait_for_completion_killable, respectively. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit 3fc89adb9fa4beff31374a4bf50b3d099d88ae83 upstream.

Currently a number of Crypto API operations may fail when a signal
occurs.  This causes nasty problems as the caller of those operations
are often not in a good position to restart the operation.

In fact there is currently no need for those operations to be
interrupted by user signals at all.  All we need is for them to
be killable.

This patch replaces the relevant calls of signal_pending with
fatal_signal_pending, and wait_for_completion_interruptible with
wait_for_completion_killable, respectively.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
crypto: skcipher - Use eseqiv even on UP machines 2013-10-30T01:51:45+00:00 Herbert Xu herbert@gondor.apana.org.au 2013-10-30T01:51:45+00:00 f3d53ed038944a5e785f04952170f7e239a49ae8 Previously we would use eseqiv on all async ciphers in all cases, and sync ciphers if we have more than one CPU. This meant that chainiv is only used in the case of sync ciphers on a UP machine. As chainiv may aid attackers by making the IV predictable, even though this risk itself is small, the above usage pattern causes it to further leak information about the host. This patch addresses these issues by using eseqiv even if we're on a UP machine. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Steffen Klassert <steffen.klassert@secunet.com> Acked-by: David S. Miller <davem@davemloft.net> 
Previously we would use eseqiv on all async ciphers in all cases,
and sync ciphers if we have more than one CPU.  This meant that
chainiv is only used in the case of sync ciphers on a UP machine.

As chainiv may aid attackers by making the IV predictable, even
though this risk itself is small, the above usage pattern causes
it to further leak information about the host.

This patch addresses these issues by using eseqiv even if we're
on a UP machine.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Acked-by: David S. Miller <davem@davemloft.net>
crypto: user - fix info leaks in report API 2013-02-19T12:27:03+00:00 Mathias Krause minipli@googlemail.com 2013-02-05T17:19:13+00:00 9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6 Three errors resulting in kernel memory disclosure: 1/ The structures used for the netlink based crypto algorithm report API are located on the stack. As snprintf() does not fill the remainder of the buffer with null bytes, those stack bytes will be disclosed to users of the API. Switch to strncpy() to fix this. 2/ crypto_report_one() does not initialize all field of struct crypto_user_alg. Fix this to fix the heap info leak. 3/ For the module name we should copy only as many bytes as module_name() returns -- not as much as the destination buffer could hold. But the current code does not and therefore copies random data from behind the end of the module name, as the module name is always shorter than CRYPTO_MAX_ALG_NAME. Also switch to use strncpy() to copy the algorithm's name and driver_name. They are strings, after all. Signed-off-by: Mathias Krause <minipli@googlemail.com> Cc: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Three errors resulting in kernel memory disclosure:

1/ The structures used for the netlink based crypto algorithm report API
are located on the stack. As snprintf() does not fill the remainder of
the buffer with null bytes, those stack bytes will be disclosed to users
of the API. Switch to strncpy() to fix this.

2/ crypto_report_one() does not initialize all field of struct
crypto_user_alg. Fix this to fix the heap info leak.

3/ For the module name we should copy only as many bytes as
module_name() returns -- not as much as the destination buffer could
hold. But the current code does not and therefore copies random data
from behind the end of the module name, as the module name is always
shorter than CRYPTO_MAX_ALG_NAME.

Also switch to use strncpy() to copy the algorithm's name and
driver_name. They are strings, after all.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-04-10T18:30:45+00:00 David S. Miller davem@davemloft.net 2012-04-10T18:30:45+00:00 06eb4eafbdc0796d741d139a44f1253278da8611 






crypto: Stop using NLA_PUT*().
2012-04-02T08:33:42+00:00

David S. Miller
davem@davemloft.net

2012-04-02T00:19:05+00:00

6662df33f85b87bb29f2ecad124efe7bb2c08e05

These macros contain a hidden goto, and are thus extremely error
prone and make code hard to audit.

Signed-off-by: David S. Miller <davem@davemloft.net>





These macros contain a hidden goto, and are thus extremely error
prone and make code hard to audit.

Signed-off-by: David S. Miller <davem@davemloft.net>







crypto: user - Fix lookup of algorithms with IV generator
2012-03-29T11:52:47+00:00

Steffen Klassert
steffen.klassert@secunet.com

2012-03-29T07:03:47+00:00

1e1229940045a537c61fb69f86010a8774e576d0

We lookup algorithms with crypto_alg_mod_lookup() when instantiating via
crypto_add_alg(). However, algorithms that are wrapped by an IV genearator
(e.g. aead or genicv type algorithms) need special care. The userspace
process hangs until it gets a timeout when we use crypto_alg_mod_lookup()
to lookup these algorithms. So export the lookup functions for these
algorithms and use them in crypto_add_alg().

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>





We lookup algorithms with crypto_alg_mod_lookup() when instantiating via
crypto_add_alg(). However, algorithms that are wrapped by an IV genearator
(e.g. aead or genicv type algorithms) need special care. The userspace
process hangs until it gets a timeout when we use crypto_alg_mod_lookup()
to lookup these algorithms. So export the lookup functions for these
algorithms and use them in crypto_add_alg().

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>







crypto: algapi - Fix build problem with NET disabled
2011-11-10T22:57:06+00:00

Herbert Xu
herbert@gondor.apana.org.au

2011-11-03T12:46:07+00:00

3acc84739dd5d746840f881ad4d60bd2a428f1dd

The report functions use NLA_PUT so we need to ensure that NET
is enabled.

Reported-by: Luis Henriques <henrix@camandro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>





The report functions use NLA_PUT so we need to ensure that NET
is enabled.

Reported-by: Luis Henriques <henrix@camandro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>







crypto: Add userspace report for givcipher type algorithms
2011-10-21T12:24:05+00:00

Steffen Klassert
steffen.klassert@secunet.com

2011-09-27T05:43:24+00:00

3e29c1095a091f606a26c04a6542061c9e5f1d6b

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>





Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>







crypto: Add userspace report for ablkcipher type algorithms
2011-10-21T12:24:05+00:00

Steffen Klassert
steffen.klassert@secunet.com

2011-09-27T05:42:32+00:00

29ffc87640e2a5bf0ab98bfeed8d6fc78b2d848e

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>





Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>







crypto: skcipher - remove redundant NULL check
2011-01-29T04:09:43+00:00

Davidlohr Bueso
dave@gnu.org

2011-01-29T04:09:43+00:00

33c7c0fb20dbbaca67fcf362f875758ba312f58d

Signed-off-by: Davidlohr Bueso <dave@gnu.org>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>





Signed-off-by: Davidlohr Bueso <dave@gnu.org>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>