diff options
author | tim <tim.c.chen@linux.intel.com> | 2016-12-05 11:46:31 -0800 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2016-12-15 08:49:22 -0800 |
commit | 9a3baed9103bc413a5e98e13e31cd8ae7c0b5563 (patch) | |
tree | 0d1384756b6d81a69014758c0e2a5e18effad9e1 /crypto/chainiv.c | |
parent | c4db8a7d1e0c16287642414fe16d85d1eaeb8923 (diff) |
crypto: mcryptd - Check mcryptd algorithm compatibility
commit 48a992727d82cb7db076fa15d372178743b1f4cd upstream.
Algorithms not compatible with mcryptd could be spawned by mcryptd
with a direct crypto_alloc_tfm invocation using a "mcryptd(alg)" name
construct. This causes mcryptd to crash the kernel if an arbitrary
"alg" is incompatible and not intended to be used with mcryptd. It is
an issue if AF_ALG tries to spawn mcryptd(alg) to expose it externally.
But such algorithms must be used internally and not be exposed.
We added a check to enforce that only internal algorithms are allowed
with mcryptd at the time mcryptd is spawning an algorithm.
Link: http://marc.info/?l=linux-crypto-vger&m=148063683310477&w=2
Reported-by: Mikulas Patocka <mpatocka@redhat.com>
Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'crypto/chainiv.c')
0 files changed, 0 insertions, 0 deletions