linux-toradex.git/crypto, branch v4.7 Linux kernel for Apalis and Colibri modules Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2016-07-23T03:20:55+00:00 Linus Torvalds torvalds@linux-foundation.org 2016-07-23T03:20:55+00:00 48d4ca5639507b8c37e3bd5711e70aedb05dee2c Pull crypto fixes from Herbert Xu: "This fixes a sporadic build failure in the qat driver as well as a memory corruption bug in rsa-pkcs1pad" * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: rsa-pkcs1pad - fix rsa-pkcs1pad request struct crypto: qat - make qat_asym_algs.o depend on asn1 headers 
Pull crypto fixes from Herbert Xu:
 "This fixes a sporadic build failure in the qat driver as well as a
  memory corruption bug in rsa-pkcs1pad"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: rsa-pkcs1pad - fix rsa-pkcs1pad request struct
  crypto: qat - make qat_asym_algs.o depend on asn1 headers
crypto: rsa-pkcs1pad - fix rsa-pkcs1pad request struct 2016-07-22T09:58:21+00:00 Herbert Xu herbert@gondor.apana.org.au 2016-07-22T09:58:21+00:00 87dcdebd6beb54f183ae874664ba47bf071ebf95 To allow for child request context the struct akcipher_request child_req needs to be at the end of the structure. Cc: stable@vger.kernel.org Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
To allow for child request context the struct akcipher_request child_req
needs to be at the end of the structure.

Cc: stable@vger.kernel.org
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
KEYS: Fix for erroneous trust of incorrectly signed X.509 certs 2016-07-18T02:19:47+00:00 Mat Martineau mathew.j.martineau@linux.intel.com 2016-07-17T23:10:55+00:00 acddc72015e5bc8f640b02d38b36afd7841c9c14 Arbitrary X.509 certificates without authority key identifiers (AKIs) can be added to "trusted" keyrings, including IMA or EVM certs loaded from the filesystem. Signature verification is currently bypassed for certs without AKIs. Trusted keys were recently refactored, and this bug is not present in 4.6. restrict_link_by_signature should return -ENOKEY (no matching parent certificate found) if the certificate being evaluated has no AKIs, instead of bypassing signature checks and returning 0 (new certificate accepted). Reported-by: Petko Manolov <petkan@mip-labs.com> Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com> 
Arbitrary X.509 certificates without authority key identifiers (AKIs)
can be added to "trusted" keyrings, including IMA or EVM certs loaded
from the filesystem. Signature verification is currently bypassed for
certs without AKIs.

Trusted keys were recently refactored, and this bug is not present in
4.6.

restrict_link_by_signature should return -ENOKEY (no matching parent
certificate found) if the certificate being evaluated has no AKIs,
instead of bypassing signature checks and returning 0 (new certificate
accepted).

Reported-by: Petko Manolov <petkan@mip-labs.com>
Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
pefile: Fix the failure of calculation for digest 2016-07-18T02:19:46+00:00 Lans Zhang jia.zhang@windriver.com 2016-07-17T23:10:47+00:00 d128471a14775cd11abd81c09b2a086997ab3150 Commit e68503bd68 forgot to set digest_len and thus cause the following error reported by kexec when launching a crash kernel: kexec_file_load failed: Bad message Fixes: e68503bd68 (KEYS: Generalise system_verify_data() to provide access to internal content) Signed-off-by: Lans Zhang <jia.zhang@windriver.com> Tested-by: Dave Young <dyoung@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com> Cc: Baoquan He <bhe@redhat.com> Cc: Vivek Goyal <vgoyal@redhat.com> cc: kexec@lists.infradead.org cc: linux-crypto@vger.kernel.org Signed-off-by: James Morris <james.l.morris@oracle.com> 
Commit e68503bd68 forgot to set digest_len and thus cause the following
error reported by kexec when launching a crash kernel:

	kexec_file_load failed: Bad message

Fixes: e68503bd68 (KEYS: Generalise system_verify_data() to provide access to internal content)
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
Tested-by: Dave Young <dyoung@redhat.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Cc: Baoquan He <bhe@redhat.com>
Cc: Vivek Goyal <vgoyal@redhat.com>
cc: kexec@lists.infradead.org
cc: linux-crypto@vger.kernel.org
Signed-off-by: James Morris <james.l.morris@oracle.com>
PKCS#7: Fix panic when referring to the empty AKID when DEBUG defined 2016-07-18T02:19:44+00:00 Lans Zhang jia.zhang@windriver.com 2016-07-17T23:10:39+00:00 a46e667887448da10e26e46442bda01d1f311aaf This fix resolves the following kernel panic if an empty or missing AuthorityKeyIdentifier is encountered and DEBUG is defined in pkcs7_verify.c. [ 459.041989] PKEY: <==public_key_verify_signature() = 0 [ 459.041993] PKCS7: Verified signature 1 [ 459.041995] PKCS7: ==> pkcs7_verify_sig_chain() [ 459.041999] PKCS7: verify Sample DB Certificate for SCP: 01 [ 459.042002] PKCS7: - issuer Sample KEK Certificate for SCP [ 459.042014] BUG: unable to handle kernel NULL pointer dereference at (null) [ 459.042135] IP: [<ffffffff813e7b4c>] pkcs7_verify+0x72c/0x7f0 [ 459.042217] PGD 739e6067 PUD 77719067 PMD 0 [ 459.042286] Oops: 0000 [#1] PREEMPT SMP [ 459.042328] Modules linked in: [ 459.042368] CPU: 0 PID: 474 Comm: kexec Not tainted 4.7.0-rc7-WR8.0.0.0_standard+ #18 [ 459.042462] Hardware name: To be filled by O.E.M. To be filled by O.E.M./Aptio CRB, BIOS 5.6.5 10/09/2014 [ 459.042586] task: ffff880073a50000 ti: ffff8800738e8000 task.ti: ffff8800738e8000 [ 459.042675] RIP: 0010:[<ffffffff813e7b4c>] [<ffffffff813e7b4c>] pkcs7_verify+0x72c/0x7f0 [ 459.042784] RSP: 0018:ffff8800738ebd58 EFLAGS: 00010246 [ 459.042845] RAX: 0000000000000000 RBX: ffff880076b7da80 RCX: 0000000000000006 [ 459.042929] RDX: 0000000000000001 RSI: ffffffff81c85001 RDI: ffffffff81ca00a9 [ 459.043014] RBP: ffff8800738ebd98 R08: 0000000000000400 R09: ffff8800788a304c [ 459.043098] R10: 0000000000000000 R11: 00000000000060ca R12: ffff8800769a2bc0 [ 459.043182] R13: ffff880077358300 R14: 0000000000000000 R15: ffff8800769a2dc0 [ 459.043268] FS: 00007f24cc741700(0000) GS:ffff880074e00000(0000) knlGS:0000000000000000 [ 459.043365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 459.043431] CR2: 0000000000000000 CR3: 0000000073a36000 CR4: 00000000001006f0 [ 459.043514] Stack: [ 459.043530] 0000000000000000 ffffffbf00000020 31ffffff813e68b0 0000000000000002 [ 459.043644] ffff8800769a2bc0 0000000000000000 00000000007197b8 0000000000000002 [ 459.043756] ffff8800738ebdd8 ffffffff81153fb1 0000000000000000 0000000000000000 [ 459.043869] Call Trace: [ 459.043898] [<ffffffff81153fb1>] verify_pkcs7_signature+0x61/0x140 [ 459.043974] [<ffffffff813e7f0b>] verify_pefile_signature+0x2cb/0x830 [ 459.044052] [<ffffffff813e8470>] ? verify_pefile_signature+0x830/0x830 [ 459.044134] [<ffffffff81048e25>] bzImage64_verify_sig+0x15/0x20 [ 459.046332] [<ffffffff81046e09>] arch_kexec_kernel_verify_sig+0x29/0x40 [ 459.048552] [<ffffffff810f10e4>] SyS_kexec_file_load+0x1f4/0x6c0 [ 459.050768] [<ffffffff81050e36>] ? __do_page_fault+0x1b6/0x550 [ 459.052996] [<ffffffff8199241f>] entry_SYSCALL_64_fastpath+0x17/0x93 [ 459.055242] Code: e8 0a d6 ff ff 85 c0 0f 88 7a fb ff ff 4d 39 fd 4d 89 7d 08 74 45 4d 89 fd e9 14 fe ff ff 4d 8b 76 08 31 c0 48 c7 c7 a9 00 ca 81 <41> 0f b7 36 49 8d 56 02 e8 d0 91 d6 ff 4d 8b 3c 24 4d 85 ff 0f [ 459.060535] RIP [<ffffffff813e7b4c>] pkcs7_verify+0x72c/0x7f0 [ 459.063040] RSP <ffff8800738ebd58> [ 459.065456] CR2: 0000000000000000 [ 459.075998] ---[ end trace c15f0e897cda28dc ]--- Signed-off-by: Lans Zhang <jia.zhang@windriver.com> Signed-off-by: David Howells <dhowells@redhat.com> Cc: Dave Young <dyoung@redhat.com> Cc: Baoquan He <bhe@redhat.com> Cc: Vivek Goyal <vgoyal@redhat.com> cc: linux-crypto@vger.kernel.org cc: kexec@lists.infradead.org Signed-off-by: James Morris <james.l.morris@oracle.com> 
This fix resolves the following kernel panic if an empty or missing
AuthorityKeyIdentifier is encountered and DEBUG is defined in
pkcs7_verify.c.

[  459.041989] PKEY: <==public_key_verify_signature() = 0
[  459.041993] PKCS7: Verified signature 1
[  459.041995] PKCS7: ==> pkcs7_verify_sig_chain()
[  459.041999] PKCS7: verify Sample DB Certificate for SCP: 01
[  459.042002] PKCS7: - issuer Sample KEK Certificate for SCP
[  459.042014] BUG: unable to handle kernel NULL pointer dereference at           (null)
[  459.042135] IP: [<ffffffff813e7b4c>] pkcs7_verify+0x72c/0x7f0
[  459.042217] PGD 739e6067 PUD 77719067 PMD 0
[  459.042286] Oops: 0000 [#1] PREEMPT SMP
[  459.042328] Modules linked in:
[  459.042368] CPU: 0 PID: 474 Comm: kexec Not tainted 4.7.0-rc7-WR8.0.0.0_standard+ #18
[  459.042462] Hardware name: To be filled by O.E.M. To be filled by O.E.M./Aptio CRB, BIOS 5.6.5 10/09/2014
[  459.042586] task: ffff880073a50000 ti: ffff8800738e8000 task.ti: ffff8800738e8000
[  459.042675] RIP: 0010:[<ffffffff813e7b4c>]  [<ffffffff813e7b4c>] pkcs7_verify+0x72c/0x7f0
[  459.042784] RSP: 0018:ffff8800738ebd58  EFLAGS: 00010246
[  459.042845] RAX: 0000000000000000 RBX: ffff880076b7da80 RCX: 0000000000000006
[  459.042929] RDX: 0000000000000001 RSI: ffffffff81c85001 RDI: ffffffff81ca00a9
[  459.043014] RBP: ffff8800738ebd98 R08: 0000000000000400 R09: ffff8800788a304c
[  459.043098] R10: 0000000000000000 R11: 00000000000060ca R12: ffff8800769a2bc0
[  459.043182] R13: ffff880077358300 R14: 0000000000000000 R15: ffff8800769a2dc0
[  459.043268] FS:  00007f24cc741700(0000) GS:ffff880074e00000(0000) knlGS:0000000000000000
[  459.043365] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  459.043431] CR2: 0000000000000000 CR3: 0000000073a36000 CR4: 00000000001006f0
[  459.043514] Stack:
[  459.043530]  0000000000000000 ffffffbf00000020 31ffffff813e68b0 0000000000000002
[  459.043644]  ffff8800769a2bc0 0000000000000000 00000000007197b8 0000000000000002
[  459.043756]  ffff8800738ebdd8 ffffffff81153fb1 0000000000000000 0000000000000000
[  459.043869] Call Trace:
[  459.043898]  [<ffffffff81153fb1>] verify_pkcs7_signature+0x61/0x140
[  459.043974]  [<ffffffff813e7f0b>] verify_pefile_signature+0x2cb/0x830
[  459.044052]  [<ffffffff813e8470>] ? verify_pefile_signature+0x830/0x830
[  459.044134]  [<ffffffff81048e25>] bzImage64_verify_sig+0x15/0x20
[  459.046332]  [<ffffffff81046e09>] arch_kexec_kernel_verify_sig+0x29/0x40
[  459.048552]  [<ffffffff810f10e4>] SyS_kexec_file_load+0x1f4/0x6c0
[  459.050768]  [<ffffffff81050e36>] ? __do_page_fault+0x1b6/0x550
[  459.052996]  [<ffffffff8199241f>] entry_SYSCALL_64_fastpath+0x17/0x93
[  459.055242] Code: e8 0a d6 ff ff 85 c0 0f 88 7a fb ff ff 4d 39 fd 4d 89 7d 08 74 45 4d 89 fd e9 14 fe ff ff 4d 8b 76 08 31 c0 48 c7 c7 a9 00 ca 81 <41> 0f b7 36 49 8d 56 02 e8 d0 91 d6 ff 4d 8b 3c 24 4d 85 ff 0f
[  459.060535] RIP  [<ffffffff813e7b4c>] pkcs7_verify+0x72c/0x7f0
[  459.063040]  RSP <ffff8800738ebd58>
[  459.065456] CR2: 0000000000000000
[  459.075998] ---[ end trace c15f0e897cda28dc ]---

Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Baoquan He <bhe@redhat.com>
Cc: Vivek Goyal <vgoyal@redhat.com>
cc: linux-crypto@vger.kernel.org
cc: kexec@lists.infradead.org
Signed-off-by: James Morris <james.l.morris@oracle.com>
crypto: user - re-add size check for CRYPTO_MSG_GETALG 2016-06-23T09:39:25+00:00 Mathias Krause minipli@googlemail.com 2016-06-22T18:29:37+00:00 055ddaace03580455a7b7dbea8e93d62acee61fc Commit 9aa867e46565 ("crypto: user - Add CRYPTO_MSG_DELRNG") accidentally removed the minimum size check for CRYPTO_MSG_GETALG netlink messages. This allows userland to send a truncated CRYPTO_MSG_GETALG message as short as a netlink header only making crypto_report() operate on uninitialized memory by accessing data beyond the end of the netlink message. Fix this be re-adding the minimum required size of CRYPTO_MSG_GETALG messages to the crypto_msg_min[] array. Fixes: 9aa867e46565 ("crypto: user - Add CRYPTO_MSG_DELRNG") Cc: stable@vger.kernel.org # v4.2 Signed-off-by: Mathias Krause <minipli@googlemail.com> Cc: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Commit 9aa867e46565 ("crypto: user - Add CRYPTO_MSG_DELRNG")
accidentally removed the minimum size check for CRYPTO_MSG_GETALG
netlink messages. This allows userland to send a truncated
CRYPTO_MSG_GETALG message as short as a netlink header only making
crypto_report() operate on uninitialized memory by accessing data
beyond the end of the netlink message.

Fix this be re-adding the minimum required size of CRYPTO_MSG_GETALG
messages to the crypto_msg_min[] array.

Fixes: 9aa867e46565 ("crypto: user - Add CRYPTO_MSG_DELRNG")
Cc: stable@vger.kernel.org	# v4.2
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2016-05-30T22:20:18+00:00 Linus Torvalds torvalds@linux-foundation.org 2016-05-30T22:20:18+00:00 446985428d2cd10efd5d139c33de16c50ee771ba Pull crypto fixes from Herbert Xu: "This fixes the following issues: - missing selection in public_key that may result in a build failure - Potential crash in error path in omap-sham - ccp AES XTS bug that affects requests larger than 4096" * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: ccp - Fix AES XTS error for request sizes above 4096 crypto: public_key: select CRYPTO_AKCIPHER crypto: omap-sham - potential Oops on error in probe 
Pull crypto fixes from Herbert Xu:
 "This fixes the following issues:

   - missing selection in public_key that may result in a build failure

   - Potential crash in error path in omap-sham

   - ccp AES XTS bug that affects requests larger than 4096"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: ccp - Fix AES XTS error for request sizes above 4096
  crypto: public_key: select CRYPTO_AKCIPHER
  crypto: omap-sham - potential Oops on error in probe
Merge tag 'keys-next-20160511' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs into for-linus 2016-05-23T11:23:47+00:00 James Morris james.l.morris@oracle.com 2016-05-23T11:23:47+00:00 653bd4568ba083dfd5a06a83de3f0dc1e53dd42b 






Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
2016-05-19T16:21:36+00:00

Linus Torvalds
torvalds@linux-foundation.org

2016-05-19T16:21:36+00:00

f4f27d0028aabce57e44c16c2fdefccd6310d2f3

Pull security subsystem updates from James Morris:
 "Highlights:

   - A new LSM, "LoadPin", from Kees Cook is added, which allows forcing
     of modules and firmware to be loaded from a specific device (this
     is from ChromeOS, where the device as a whole is verified
     cryptographically via dm-verity).

     This is disabled by default but can be configured to be enabled by
     default (don't do this if you don't know what you're doing).

   - Keys: allow authentication data to be stored in an asymmetric key.
     Lots of general fixes and updates.

   - SELinux: add restrictions for loading of kernel modules via
     finit_module().  Distinguish non-init user namespace capability
     checks.  Apply execstack check on thread stacks"

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (48 commits)
  LSM: LoadPin: provide enablement CONFIG
  Yama: use atomic allocations when reporting
  seccomp: Fix comment typo
  ima: add support for creating files using the mknodat syscall
  ima: fix ima_inode_post_setattr
  vfs: forbid write access when reading a file into memory
  fs: fix over-zealous use of "const"
  selinux: apply execstack check on thread stacks
  selinux: distinguish non-init user namespace capability checks
  LSM: LoadPin for kernel file loading restrictions
  fs: define a string representation of the kernel_read_file_id enumeration
  Yama: consolidate error reporting
  string_helpers: add kstrdup_quotable_file
  string_helpers: add kstrdup_quotable_cmdline
  string_helpers: add kstrdup_quotable
  selinux: check ss_initialized before revalidating an inode label
  selinux: delay inode label lookup as long as possible
  selinux: don't revalidate an inode's label when explicitly setting it
  selinux: Change bool variable name to index.
  KEYS: Add KEYCTL_DH_COMPUTE command
  ...





Pull security subsystem updates from James Morris:
 "Highlights:

   - A new LSM, "LoadPin", from Kees Cook is added, which allows forcing
     of modules and firmware to be loaded from a specific device (this
     is from ChromeOS, where the device as a whole is verified
     cryptographically via dm-verity).

     This is disabled by default but can be configured to be enabled by
     default (don't do this if you don't know what you're doing).

   - Keys: allow authentication data to be stored in an asymmetric key.
     Lots of general fixes and updates.

   - SELinux: add restrictions for loading of kernel modules via
     finit_module().  Distinguish non-init user namespace capability
     checks.  Apply execstack check on thread stacks"

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (48 commits)
  LSM: LoadPin: provide enablement CONFIG
  Yama: use atomic allocations when reporting
  seccomp: Fix comment typo
  ima: add support for creating files using the mknodat syscall
  ima: fix ima_inode_post_setattr
  vfs: forbid write access when reading a file into memory
  fs: fix over-zealous use of "const"
  selinux: apply execstack check on thread stacks
  selinux: distinguish non-init user namespace capability checks
  LSM: LoadPin for kernel file loading restrictions
  fs: define a string representation of the kernel_read_file_id enumeration
  Yama: consolidate error reporting
  string_helpers: add kstrdup_quotable_file
  string_helpers: add kstrdup_quotable_cmdline
  string_helpers: add kstrdup_quotable
  selinux: check ss_initialized before revalidating an inode label
  selinux: delay inode label lookup as long as possible
  selinux: don't revalidate an inode's label when explicitly setting it
  selinux: Change bool variable name to index.
  KEYS: Add KEYCTL_DH_COMPUTE command
  ...







crypto: public_key: select CRYPTO_AKCIPHER
2016-05-19T10:03:01+00:00

Arnd Bergmann
arnd@arndb.de

2016-05-18T14:55:56+00:00

bad6a185b4d6f81d0ed2b6e4c16307969f160b95

In some rare randconfig builds, we can end up with
ASYMMETRIC_PUBLIC_KEY_SUBTYPE enabled but CRYPTO_AKCIPHER disabled,
which fails to link because of the reference to crypto_alloc_akcipher:

crypto/built-in.o: In function `public_key_verify_signature':
:(.text+0x110e4): undefined reference to `crypto_alloc_akcipher'

This adds a Kconfig 'select' statement to ensure the dependency
is always there.

Cc: <stable@vger.kernel.org>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>





In some rare randconfig builds, we can end up with
ASYMMETRIC_PUBLIC_KEY_SUBTYPE enabled but CRYPTO_AKCIPHER disabled,
which fails to link because of the reference to crypto_alloc_akcipher:

crypto/built-in.o: In function `public_key_verify_signature':
:(.text+0x110e4): undefined reference to `crypto_alloc_akcipher'

This adds a Kconfig 'select' statement to ensure the dependency
is always there.

Cc: <stable@vger.kernel.org>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>