kernel/crypto/algapi.c, branch linux-3.2.y

crypto: algapi - fix NULL dereference in crypto_remove_spawns()

2018-03-03T15:50:55Z

commit 9a00674213a3f00394f4e3221b88f2d21fc05789 upstream. syzkaller triggered a NULL pointer dereference in crypto_remove_spawns() via a program that repeatedly and concurrently requests AEADs "authenc(cmac(des3_ede-asm),pcbc-aes-aesni)" and hashes "cmac(des3_ede)" through AF_ALG, where the hashes are requested as "untested" (CRYPTO_ALG_TESTED is set in ->salg_mask but clear in ->salg_feat; this causes the template to be instantiated for every request). Although AF_ALG users really shouldn't be able to request an "untested" algorithm, the NULL pointer dereference is actually caused by a longstanding race condition where crypto_remove_spawns() can encounter an instance which has had spawn(s) "grabbed" but hasn't yet been registered, resulting in ->cra_users still being NULL. We probably should properly initialize ->cra_users earlier, but that would require updating many templates individually. For now just fix the bug in a simple way that can easily be backported: make crypto_remove_spawns() treat a NULL ->cra_users list as empty. Reported-by: syzbot Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu Signed-off-by: Ben Hutchings

crypto: api - Clear CRYPTO_ALG_DEAD bit before registering an alg

2017-03-16T02:18:46Z

commit d6040764adcb5cb6de1489422411d701c158bb69 upstream. Make sure CRYPTO_ALG_DEAD bit is cleared before proceeding with the algorithm registration. This fixes qat-dh registration when driver is restarted Signed-off-by: Salvatore Benedetto Signed-off-by: Herbert Xu Signed-off-by: Ben Hutchings

crypto: api - Only abort operations on fatal signal

2015-11-17T15:54:44Z

commit 3fc89adb9fa4beff31374a4bf50b3d099d88ae83 upstream. Currently a number of Crypto API operations may fail when a signal occurs. This causes nasty problems as the caller of those operations are often not in a good position to restart the operation. In fact there is currently no need for those operations to be interrupted by user signals at all. All we need is for them to be killable. This patch replaces the relevant calls of signal_pending with fatal_signal_pending, and wait_for_completion_interruptible with wait_for_completion_killable, respectively. Signed-off-by: Herbert Xu [bwh: Backported to 3.2: drop change to crypto_user_skcipher_alg(), which we don't have] Signed-off-by: Ben Hutchings

crypto: include crypto- module prefix in template

2015-02-20T00:49:36Z

commit 4943ba16bbc2db05115707b3ff7b4874e9e3c560 upstream. This adds the module loading prefix "crypto-" to the template lookup as well. For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly includes the "crypto-" prefix at every level, correctly rejecting "vfat": net-pf-38 algif-hash crypto-vfat(blowfish) crypto-vfat(blowfish)-all crypto-vfat Reported-by: Mathias Krause Signed-off-by: Kees Cook Acked-by: Mathias Krause Signed-off-by: Herbert Xu [bwh: Backported to 3.2: drop changes to cmac and mcryptd which we don't have] Signed-off-by: Ben Hutchings

crypto: sanitize argument for format string

2013-07-27T04:34:28Z

commit 1c8fca1d92e14859159a82b8a380d220139b7344 upstream. The template lookup interface does not provide a way to use format strings, so make sure that the interface cannot be abused accidentally. Signed-off-by: Kees Cook Cc: Herbert Xu Cc: "David S. Miller" Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Ben Hutchings

crypto: Export crypto_remove_final

2011-10-21T12:24:03Z

The upcomming crypto usrerspace configuration api needs to remove the spawns on top on an algorithm, so export crypto_remove_final. Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu

crypto: Export crypto_remove_spawns

2011-10-21T12:24:03Z

The upcomming crypto usrerspace configuration api needs to remove the spawns on top on an algorithm, so export crypto_remove_spawns. Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu

crypto: Add a flag to identify crypto instances

2011-10-21T12:24:01Z

The upcomming crypto user configuration api needs to identify crypto instances. This patch adds a flag that is set if the algorithm is an instance that is build from templates. Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu

Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6

2010-05-03T03:28:58Z

crypto: algapi - Remove unneeded null check

2010-05-03T03:08:15Z

We don't check "frontend" consistently in crypto_init_spawn2(). We check it at the start of the function but then we dereference it unconditionally in the parameter list when we call crypto_init_spawn(). I looked at the places that call crypto_init_spawn2() and "frontend" is always a valid pointer so I removed the check for null. Signed-off-by: Dan Carpenter Signed-off-by: Herbert Xu