linux-stable.git/drivers/crypto/ccree/cc_cipher.c, branch linux-6.2.y Linux kernel stable tree crypto: ccree - Fix use after free in cc_cipher_exit() 2022-03-09T03:12:31+00:00 Jianglei Nie niejianglei2021@163.com 2022-03-03T02:23:37+00:00 3d950c34074ed74d2713c3856ba01264523289e6 kfree_sensitive(ctx_p->user.key) will free the ctx_p->user.key. But ctx_p->user.key is still used in the next line, which will lead to a use after free. We can call kfree_sensitive() after dev_dbg() to avoid the uaf. Fixes: 63ee04c8b491 ("crypto: ccree - add skcipher support") Signed-off-by: Jianglei Nie <niejianglei2021@163.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
kfree_sensitive(ctx_p->user.key) will free the ctx_p->user.key. But
ctx_p->user.key is still used in the next line, which will lead to a
use after free.

We can call kfree_sensitive() after dev_dbg() to avoid the uaf.

Fixes: 63ee04c8b491 ("crypto: ccree - add skcipher support")
Signed-off-by: Jianglei Nie <niejianglei2021@163.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - fix spelling typo of allocated 2021-02-05T03:31:35+00:00 dingsenjie dingsenjie@yulong.com 2021-01-26T03:45:53+00:00 b2cd1d812b955c4a06bb411d3363abf5e9009f9c allocted -> allocated Signed-off-by: dingsenjie <dingsenjie@yulong.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
allocted -> allocated

Signed-off-by: dingsenjie <dingsenjie@yulong.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - Fix fall-through warnings for Clang 2020-11-27T06:13:46+00:00 Gustavo A. R. Silva gustavoars@kernel.org 2020-11-20T18:34:56+00:00 abc6146aba40ea3b8996773e6ad0e60fd70f7a3f In preparation to enable -Wimplicit-fallthrough for Clang, fix multiple warnings by explicitly adding multiple break statements instead of letting the code fall through to the next case. Link: https://github.com/KSPP/linux/issues/115 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Acked-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
In preparation to enable -Wimplicit-fallthrough for Clang, fix multiple
warnings by explicitly adding multiple break statements instead of
letting the code fall through to the next case.

Link: https://github.com/KSPP/linux/issues/115
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Acked-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - remove bitlocker cipher 2020-08-21T04:45:28+00:00 Gilad Ben-Yossef gilad@benyossef.com 2020-08-05T06:23:01+00:00 1d8b41ff6991bcff5864c42807f811d2304f4355 Remove the bitlocker cipher which is not supported by the kernel. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Remove the bitlocker cipher which is not supported by
the kernel.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - remove data unit size support 2020-08-21T04:45:28+00:00 Gilad Ben-Yossef gilad@benyossef.com 2020-08-05T06:23:00+00:00 a93492cae30a07bacfe869fcc96724d7911b4671 Remove the implementaion of automatic advancement of sector size in IV for storage ciphers as its use is not supproted by the kernel. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Remove the implementaion of automatic advancement of sector size in IV for
storage ciphers as its use is not supproted by the kernel.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07T18:33:22+00:00 Waiman Long longman@redhat.com 2020-08-07T06:18:13+00:00 453431a54934d917153c65211b2dabf45562ca88 As said by Linus: A symmetric naming is only helpful if it implies symmetries in use. Otherwise it's actively misleading. In "kzalloc()", the z is meaningful and an important part of what the caller wants. In "kzfree()", the z is actively detrimental, because maybe in the future we really _might_ want to use that "memfill(0xdeadbeef)" or something. The "zero" part of the interface isn't even _relevant_. The main reason that kzfree() exists is to clear sensitive information that should not be leaked to other future users of the same memory objects. Rename kzfree() to kfree_sensitive() to follow the example of the recently added kvfree_sensitive() and make the intention of the API more explicit. In addition, memzero_explicit() is used to clear the memory to make sure that it won't get optimized away by the compiler. The renaming is done by using the command sequence: git grep -w --name-only kzfree |\ xargs sed -i 's/kzfree/kfree_sensitive/' followed by some editing of the kfree_sensitive() kerneldoc and adding a kzfree backward compatibility macro in slab.h. [akpm@linux-foundation.org: fs/crypto/inline_crypt.c needs linux/slab.h] [akpm@linux-foundation.org: fix fs/crypto/inline_crypt.c some more] Suggested-by: Joe Perches <joe@perches.com> Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Acked-by: David Howells <dhowells@redhat.com> Acked-by: Michal Hocko <mhocko@suse.com> Acked-by: Johannes Weiner <hannes@cmpxchg.org> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Cc: James Morris <jmorris@namei.org> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Joe Perches <joe@perches.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: David Rientjes <rientjes@google.com> Cc: Dan Carpenter <dan.carpenter@oracle.com> Cc: "Jason A . Donenfeld" <Jason@zx2c4.com> Link: http://lkml.kernel.org/r/20200616154311.12314-3-longman@redhat.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
As said by Linus:

  A symmetric naming is only helpful if it implies symmetries in use.
  Otherwise it's actively misleading.

  In "kzalloc()", the z is meaningful and an important part of what the
  caller wants.

  In "kzfree()", the z is actively detrimental, because maybe in the
  future we really _might_ want to use that "memfill(0xdeadbeef)" or
  something. The "zero" part of the interface isn't even _relevant_.

The main reason that kzfree() exists is to clear sensitive information
that should not be leaked to other future users of the same memory
objects.

Rename kzfree() to kfree_sensitive() to follow the example of the recently
added kvfree_sensitive() and make the intention of the API more explicit.
In addition, memzero_explicit() is used to clear the memory to make sure
that it won't get optimized away by the compiler.

The renaming is done by using the command sequence:

  git grep -w --name-only kzfree |\
  xargs sed -i 's/kzfree/kfree_sensitive/'

followed by some editing of the kfree_sensitive() kerneldoc and adding
a kzfree backward compatibility macro in slab.h.

[akpm@linux-foundation.org: fs/crypto/inline_crypt.c needs linux/slab.h]
[akpm@linux-foundation.org: fix fs/crypto/inline_crypt.c some more]

Suggested-by: Joe Perches <joe@perches.com>
Signed-off-by: Waiman Long <longman@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Acked-by: David Howells <dhowells@redhat.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: James Morris <jmorris@namei.org>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: Joe Perches <joe@perches.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: David Rientjes <rientjes@google.com>
Cc: Dan Carpenter <dan.carpenter@oracle.com>
Cc: "Jason A . Donenfeld" <Jason@zx2c4.com>
Link: http://lkml.kernel.org/r/20200616154311.12314-3-longman@redhat.com
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
crypto: ccree - remove unused field 2020-06-26T04:49:53+00:00 Gilad Ben-Yossef gilad@benyossef.com 2020-06-21T11:19:59+00:00 f94907085d5f73e87578130deeef4c744ca60ab1 Remove yet another unused field left over from times gone by. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Remove yet another unused field left over from times gone by.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - adapt ccree essiv support to kcapi 2020-06-26T04:49:53+00:00 Gilad Ben-Yossef gilad@benyossef.com 2020-06-21T11:19:58+00:00 520f325a597b0277dc617691267d47420334cdf4 The ESSIV support in ccree was added before the kernel generic support and using a slightly different API. Brings the ccree essiv interface into compliance with kernel crypto api one. Since CryptoCell only support 256 bit AES key for ESSIV, also use a fallback if requested a smaller key size. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Libo Wang <libo.wang@arm.com> Cc: Markus Elfring <Markus.Elfring@web.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
The ESSIV support in ccree was added before the kernel
generic support and using a slightly different API.

Brings the ccree essiv interface into compliance with
kernel crypto api one.

Since CryptoCell only support 256 bit AES key for ESSIV,
also use a fallback if requested a smaller key size.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Libo Wang <libo.wang@arm.com>
Cc: Markus Elfring <Markus.Elfring@web.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - fix resource leak on error path 2020-06-26T04:46:43+00:00 Gilad Ben-Yossef gilad@benyossef.com 2020-06-21T11:19:57+00:00 9bc6165d608d676f05d8bf156a2c9923ee38d05b Fix a small resource leak on the error path of cipher processing. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Fixes: 63ee04c8b491e ("crypto: ccree - add skcipher support") Cc: Markus Elfring <Markus.Elfring@web.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Fix a small resource leak on the error path of cipher processing.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Fixes: 63ee04c8b491e ("crypto: ccree - add skcipher support")
Cc: Markus Elfring <Markus.Elfring@web.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: ccree - use crypto_shash_tfm_digest() 2020-05-08T05:32:13+00:00 Eric Biggers ebiggers@google.com 2020-05-02T05:31:08+00:00 8cbb809794b14703c960b5e2941c9e7fd97b765a Instead of manually allocating a 'struct shash_desc' on the stack and calling crypto_shash_digest(), switch to using the new helper function crypto_shash_tfm_digest() which does this for us. Cc: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Instead of manually allocating a 'struct shash_desc' on the stack and
calling crypto_shash_digest(), switch to using the new helper function
crypto_shash_tfm_digest() which does this for us.

Cc: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Acked-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>