<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/crypto/ahash.c, branch v3.11</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>crypto: user - fix info leaks in report API</title>
<updated>2013-02-19T12:27:03+00:00</updated>
<author>
<name>Mathias Krause</name>
<email>minipli@googlemail.com</email>
</author>
<published>2013-02-05T17:19:13+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6'/>
<id>9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6</id>
<content type='text'>
Three errors resulting in kernel memory disclosure:

1/ The structures used for the netlink based crypto algorithm report API
are located on the stack. As snprintf() does not fill the remainder of
the buffer with null bytes, those stack bytes will be disclosed to users
of the API. Switch to strncpy() to fix this.

2/ crypto_report_one() does not initialize all field of struct
crypto_user_alg. Fix this to fix the heap info leak.

3/ For the module name we should copy only as many bytes as
module_name() returns -- not as much as the destination buffer could
hold. But the current code does not and therefore copies random data
from behind the end of the module name, as the module name is always
shorter than CRYPTO_MAX_ALG_NAME.

Also switch to use strncpy() to copy the algorithm's name and
driver_name. They are strings, after all.

Signed-off-by: Mathias Krause &lt;minipli@googlemail.com&gt;
Cc: Steffen Klassert &lt;steffen.klassert@secunet.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Three errors resulting in kernel memory disclosure:

1/ The structures used for the netlink based crypto algorithm report API
are located on the stack. As snprintf() does not fill the remainder of
the buffer with null bytes, those stack bytes will be disclosed to users
of the API. Switch to strncpy() to fix this.

2/ crypto_report_one() does not initialize all field of struct
crypto_user_alg. Fix this to fix the heap info leak.

3/ For the module name we should copy only as many bytes as
module_name() returns -- not as much as the destination buffer could
hold. But the current code does not and therefore copies random data
from behind the end of the module name, as the module name is always
shorter than CRYPTO_MAX_ALG_NAME.

Also switch to use strncpy() to copy the algorithm's name and
driver_name. They are strings, after all.

Signed-off-by: Mathias Krause &lt;minipli@googlemail.com&gt;
Cc: Steffen Klassert &lt;steffen.klassert@secunet.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: Stop using NLA_PUT*().</title>
<updated>2012-04-02T08:33:42+00:00</updated>
<author>
<name>David S. Miller</name>
<email>davem@davemloft.net</email>
</author>
<published>2012-04-02T00:19:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=6662df33f85b87bb29f2ecad124efe7bb2c08e05'/>
<id>6662df33f85b87bb29f2ecad124efe7bb2c08e05</id>
<content type='text'>
These macros contain a hidden goto, and are thus extremely error
prone and make code hard to audit.

Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
These macros contain a hidden goto, and are thus extremely error
prone and make code hard to audit.

Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: remove the second argument of k[un]map_atomic()</title>
<updated>2012-03-20T13:48:16+00:00</updated>
<author>
<name>Cong Wang</name>
<email>amwang@redhat.com</email>
</author>
<published>2011-11-25T15:14:17+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=f0dfc0b0b7f3d961da8a98bcfccc8be9107a848b'/>
<id>f0dfc0b0b7f3d961da8a98bcfccc8be9107a848b</id>
<content type='text'>
Signed-off-by: Cong Wang &lt;amwang@redhat.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Signed-off-by: Cong Wang &lt;amwang@redhat.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: algapi - Fix build problem with NET disabled</title>
<updated>2011-11-10T22:57:06+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2011-11-03T12:46:07+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=3acc84739dd5d746840f881ad4d60bd2a428f1dd'/>
<id>3acc84739dd5d746840f881ad4d60bd2a428f1dd</id>
<content type='text'>
The report functions use NLA_PUT so we need to ensure that NET
is enabled.

Reported-by: Luis Henriques &lt;henrix@camandro.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The report functions use NLA_PUT so we need to ensure that NET
is enabled.

Reported-by: Luis Henriques &lt;henrix@camandro.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: Add userspace report for ahash type algorithms</title>
<updated>2011-10-21T12:24:04+00:00</updated>
<author>
<name>Steffen Klassert</name>
<email>steffen.klassert@secunet.com</email>
</author>
<published>2011-09-27T05:41:07+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=6238cbaec429c98d1a280014839c934107c7c8f6'/>
<id>6238cbaec429c98d1a280014839c934107c7c8f6</id>
<content type='text'>
Signed-off-by: Steffen Klassert &lt;steffen.klassert@secunet.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Signed-off-by: Steffen Klassert &lt;steffen.klassert@secunet.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: hash - Fix handling of small unaligned buffers</title>
<updated>2010-08-06T01:26:38+00:00</updated>
<author>
<name>Szilveszter Ördög</name>
<email>slipszi@gmail.com</email>
</author>
<published>2010-08-06T01:26:38+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=23a75eee070f1370bee803a34f285cf81eb5f331'/>
<id>23a75eee070f1370bee803a34f285cf81eb5f331</id>
<content type='text'>
If a scatterwalk chain contains an entry with an unaligned offset then
hash_walk_next() will cut off the next step at the next alignment point.

However, if the entry ends before the next alignment point then we a loop,
which leads to a kernel oops.

Fix this by checking whether the next aligment point is before the end of the
current entry.

Signed-off-by: Szilveszter Ördög &lt;slipszi@gmail.com&gt;
Acked-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
If a scatterwalk chain contains an entry with an unaligned offset then
hash_walk_next() will cut off the next step at the next alignment point.

However, if the entry ends before the next alignment point then we a loop,
which leads to a kernel oops.

Fix this by checking whether the next aligment point is before the end of the
current entry.

Signed-off-by: Szilveszter Ördög &lt;slipszi@gmail.com&gt;
Acked-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: hash - Fix handling of unaligned buffers</title>
<updated>2010-03-03T00:03:23+00:00</updated>
<author>
<name>Szilveszter Ördög</name>
<email>slipszi@gmail.com</email>
</author>
<published>2010-03-03T00:03:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=cbb9bf65ae25dee772e85589136e7dd1c3e743ae'/>
<id>cbb9bf65ae25dee772e85589136e7dd1c3e743ae</id>
<content type='text'>
The correct way to calculate the start of the aligned part of an
unaligned buffer is:

  offset = ALIGN(offset, alignmask + 1);

However, crypto_hash_walk_done() has:

  offset += alignmask - 1;
  offset = ALIGN(offset, alignmask + 1);

which actually skips a whole block unless offset % (alignmask + 1) == 1.

This patch fixes the problem.

Signed-off-by: Szilveszter Ördög &lt;slipszi@gmail.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The correct way to calculate the start of the aligned part of an
unaligned buffer is:

  offset = ALIGN(offset, alignmask + 1);

However, crypto_hash_walk_done() has:

  offset += alignmask - 1;
  offset = ALIGN(offset, alignmask + 1);

which actually skips a whole block unless offset % (alignmask + 1) == 1.

This patch fixes the problem.

Signed-off-by: Szilveszter Ördög &lt;slipszi@gmail.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: ahash - Use GFP_KERNEL on allocation if the request can sleep</title>
<updated>2009-07-24T05:56:31+00:00</updated>
<author>
<name>Steffen Klassert</name>
<email>steffen.klassert@secunet.com</email>
</author>
<published>2009-07-24T05:56:31+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=5befbd5a7e9c814d145f15b4281c88da96fb1aa9'/>
<id>5befbd5a7e9c814d145f15b4281c88da96fb1aa9</id>
<content type='text'>
ahash_op_unaligned() and ahash_def_finup() allocate memory atomically,
regardless whether the request can sleep or not. This patch changes
this to use GFP_KERNEL if the request can sleep.

Signed-off-by: Steffen Klassert &lt;steffen.klassert@secunet.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
ahash_op_unaligned() and ahash_def_finup() allocate memory atomically,
regardless whether the request can sleep or not. This patch changes
this to use GFP_KERNEL if the request can sleep.

Signed-off-by: Steffen Klassert &lt;steffen.klassert@secunet.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: ahash - Fix setkey crash</title>
<updated>2009-07-15T12:39:05+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2009-07-15T12:39:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=a70c522520d967844c01fa01459edc698fc54544'/>
<id>a70c522520d967844c01fa01459edc698fc54544</id>
<content type='text'>
When the alignment check was made unconditional for ahash we
may end up crashing on shash algorithms because we're always
calling alg-&gt;setkey instead of tfm-&gt;setkey.

This patch fixes it.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
When the alignment check was made unconditional for ahash we
may end up crashing on shash algorithms because we're always
calling alg-&gt;setkey instead of tfm-&gt;setkey.

This patch fixes it.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: ahash - Add unaligned handling and default operations</title>
<updated>2009-07-15T04:40:40+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2009-07-15T04:40:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=66f6ce5e52f2f209d5bf1f06167cec888f4f4c13'/>
<id>66f6ce5e52f2f209d5bf1f06167cec888f4f4c13</id>
<content type='text'>
This patch exports the finup operation where available and adds
a default finup operation for ahash.  The operations final, finup
and digest also will now deal with unaligned result pointers by
copying it.  Finally export/import operations are will now be
exported too.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This patch exports the finup operation where available and adds
a default finup operation for ahash.  The operations final, finup
and digest also will now deal with unaligned result pointers by
copying it.  Finally export/import operations are will now be
exported too.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
</feed>
