<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/crypto/drbg.c, branch linux-4.0.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>Revert "crypto: drbg - use memzero_explicit() for clearing sensitive data"</title>
<updated>2015-01-04T23:44:09+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2015-01-04T23:44:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=1471f09f9b874e3bd6a439cae7fc34261dc6f7dd'/>
<id>1471f09f9b874e3bd6a439cae7fc34261dc6f7dd</id>
<content type='text'>
    
This reverts commit 421d82f5b3e75f94e31875e37d45cdf6a557c120.

None of the data zeroed are on the stack so the compiler cannot
optimise them away.
    
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
    
This reverts commit 421d82f5b3e75f94e31875e37d45cdf6a557c120.

None of the data zeroed are on the stack so the compiler cannot
optimise them away.
    
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: drbg - panic on continuous self test error</title>
<updated>2014-12-22T12:02:37+00:00</updated>
<author>
<name>Stephan Mueller</name>
<email>smueller@chronox.de</email>
</author>
<published>2014-12-05T21:40:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=905b42e559fa4952569b3444bc6c054c0103e5a0'/>
<id>905b42e559fa4952569b3444bc6c054c0103e5a0</id>
<content type='text'>
This patch adds a panic if the FIPS 140-2 self test error failed.
Note, that entire code is only executed with fips_enabled (i.e. when the
kernel is booted with fips=1. It is therefore not executed for 99.9% of
all user base.

As mathematically such failure cannot occur, this panic should never be
triggered. But to comply with NISTs current requirements, an endless
loop must be replaced with the panic.

When the new version of FIPS 140 will be released, this entire
continuous self test function will be ripped out as it will not be
needed any more.

This patch is functionally equivalent as implemented in ansi_cprng.c and drivers/char/random.c.

Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This patch adds a panic if the FIPS 140-2 self test error failed.
Note, that entire code is only executed with fips_enabled (i.e. when the
kernel is booted with fips=1. It is therefore not executed for 99.9% of
all user base.

As mathematically such failure cannot occur, this panic should never be
triggered. But to comply with NISTs current requirements, an endless
loop must be replaced with the panic.

When the new version of FIPS 140 will be released, this entire
continuous self test function will be ripped out as it will not be
needed any more.

This patch is functionally equivalent as implemented in ansi_cprng.c and drivers/char/random.c.

Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: drbg - use memzero_explicit() for clearing sensitive data</title>
<updated>2014-11-27T14:26:18+00:00</updated>
<author>
<name>Nickolaus Woodruff</name>
<email>nickolauswoodruff@gmail.com</email>
</author>
<published>2014-11-26T18:40:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=421d82f5b3e75f94e31875e37d45cdf6a557c120'/>
<id>421d82f5b3e75f94e31875e37d45cdf6a557c120</id>
<content type='text'>
Compiler dead store optimization can sometimes remove final calls
to memset() used to clear sensitive data at the end of a function.
Replace trailing memset() calls with memzero_explicit() to
preclude unwanted removal.

Signed-off-by: Nickolaus Woodruff &lt;nickolauswoodruff@gmail.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Compiler dead store optimization can sometimes remove final calls
to memset() used to clear sensitive data at the end of a function.
Replace trailing memset() calls with memzero_explicit() to
preclude unwanted removal.

Signed-off-by: Nickolaus Woodruff &lt;nickolauswoodruff@gmail.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: drbg - use MODULE_ALIAS_CRYPTO</title>
<updated>2014-11-26T12:06:30+00:00</updated>
<author>
<name>Stephan Mueller</name>
<email>smueller@chronox.de</email>
</author>
<published>2014-11-25T08:28:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=0653a7cf6fa49bc769628b6078c3ea9e1489cb7b'/>
<id>0653a7cf6fa49bc769628b6078c3ea9e1489cb7b</id>
<content type='text'>
Use the crypto- prefix for the DRBG implementations.

Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Use the crypto- prefix for the DRBG implementations.

Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: drbg - add MODULE_ALIAS for all DRBG types</title>
<updated>2014-11-10T14:09:00+00:00</updated>
<author>
<name>Stephan Mueller</name>
<email>smueller@chronox.de</email>
</author>
<published>2014-11-04T02:08:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=62b62b6e5c574c1e70637d9d685b4b194c7ca48f'/>
<id>62b62b6e5c574c1e70637d9d685b4b194c7ca48f</id>
<content type='text'>
The kernel module drbg.ko is currently not loaded automatically when a
DRBG is requested by a consumer. This is due to missing MODULE_ALIAS
flags for each of the implemented DRBG types.

This patch adds aliases for each of the 22 defined DRBGs.

Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The kernel module drbg.ko is currently not loaded automatically when a
DRBG is requested by a consumer. This is due to missing MODULE_ALIAS
flags for each of the implemented DRBG types.

This patch adds aliases for each of the 22 defined DRBGs.

Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: drbg - use crypto_inc</title>
<updated>2014-10-24T14:49:36+00:00</updated>
<author>
<name>Stephan Mueller</name>
<email>smueller@chronox.de</email>
</author>
<published>2014-10-14T19:50:13+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=41a84982a1d728165554be3e2be845f2caf83b55'/>
<id>41a84982a1d728165554be3e2be845f2caf83b55</id>
<content type='text'>
The DRBG internal buffer addition function is replaced with crypto_inc when
a buffer is to be incremented by one.

The function drbg_add_buf is moved to the CONFIG_CRYPTO_DRBG_HASH ifdef
area as it is now only needed for the Hash DRBG.

Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The DRBG internal buffer addition function is replaced with crypto_inc when
a buffer is to be incremented by one.

The function drbg_add_buf is moved to the CONFIG_CRYPTO_DRBG_HASH ifdef
area as it is now only needed for the Hash DRBG.

Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6</title>
<updated>2014-09-05T08:11:43+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2014-09-05T08:11:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=ea2d9fc1af6ebcdf849723ac4f3f91a1c93b5e7c'/>
<id>ea2d9fc1af6ebcdf849723ac4f3f91a1c93b5e7c</id>
<content type='text'>
Merging the crypto tree for 3.17 in order to resolve the conflict
on the 32-bit DRBG overflow fix.
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Merging the crypto tree for 3.17 in order to resolve the conflict
on the 32-bit DRBG overflow fix.
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: drbg - remove check for uninitialized DRBG handle</title>
<updated>2014-09-05T07:56:43+00:00</updated>
<author>
<name>Stephan Mueller</name>
<email>smueller@chronox.de</email>
</author>
<published>2014-09-01T05:11:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=78f543a93473f67a1035949a293b79288e259b6e'/>
<id>78f543a93473f67a1035949a293b79288e259b6e</id>
<content type='text'>
The drbg_healthcheck() contained a test to call the DRBG with an
uninitialized DRBG cipher handle. As this is an inappropriate use of the
kernel crypto API to try to generate random numbers before
initialization, checks verifying for an initialized DRBG have been
removed in previous patches.

Now, the drbg_healthcheck test must also be removed.

Changes V2: Added patch marker to email subject line.

Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The drbg_healthcheck() contained a test to call the DRBG with an
uninitialized DRBG cipher handle. As this is an inappropriate use of the
kernel crypto API to try to generate random numbers before
initialization, checks verifying for an initialized DRBG have been
removed in previous patches.

Now, the drbg_healthcheck test must also be removed.

Changes V2: Added patch marker to email subject line.

Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: drbg - fix sparse warning for cpu_to_be[32|64]</title>
<updated>2014-08-26T07:33:28+00:00</updated>
<author>
<name>Stephan Mueller</name>
<email>smueller@chronox.de</email>
</author>
<published>2014-08-26T07:32:24+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=7c8ae03f41e635813b777a0989d8ac1ff5a8494e'/>
<id>7c8ae03f41e635813b777a0989d8ac1ff5a8494e</id>
<content type='text'>
The sparse tool complained that the cpu_to_be[32|64] functions return
__be[32|64] instead of __u32 or __u64. The patch replaces the __u32 and
__u64 with __be32 and __be64.

Reported-by: kbuild test robot &lt;fengguang.wu@intel.com&gt;
Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The sparse tool complained that the cpu_to_be[32|64] functions return
__be[32|64] instead of __u32 or __u64. The patch replaces the __u32 and
__u64 with __be32 and __be64.

Reported-by: kbuild test robot &lt;fengguang.wu@intel.com&gt;
Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: drbg - remove unnecessary sanity check for shadow state</title>
<updated>2014-08-25T12:34:14+00:00</updated>
<author>
<name>Stephan Mueller</name>
<email>smueller@chronox.de</email>
</author>
<published>2014-08-17T15:41:38+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=84693d87a6d7e84a5183fc871653269880614d92'/>
<id>84693d87a6d7e84a5183fc871653269880614d92</id>
<content type='text'>
During creation of the DRBG shadow state, it is ensured that the DRBG
state structure is already allocated. Thus, a sanity check for verifying
that the structure is allocated is removed.

Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
During creation of the DRBG shadow state, it is ensured that the DRBG
state structure is already allocated. Thus, a sanity check for verifying
that the structure is allocated is removed.

Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
</feed>
