kernel/crypto, branch linux-4.2.y

crypto: api - Only abort operations on fatal signal

2015-11-09T22:37:38Z

commit 3fc89adb9fa4beff31374a4bf50b3d099d88ae83 upstream. Currently a number of Crypto API operations may fail when a signal occurs. This causes nasty problems as the caller of those operations are often not in a good position to restart the operation. In fact there is currently no need for those operations to be interrupted by user signals at all. All we need is for them to be killable. This patch replaces the relevant calls of signal_pending with fatal_signal_pending, and wait_for_completion_interruptible with wait_for_completion_killable, respectively. Signed-off-by: Herbert Xu Signed-off-by: Greg Kroah-Hartman

crypto: ahash - ensure statesize is non-zero

2015-10-27T00:53:38Z

commit 8996eafdcbad149ac0f772fb1649fbb75c482a6a upstream. Unlike shash algorithms, ahash drivers must implement export and import as their descriptors may contain hardware state and cannot be exported as is. Unfortunately some ahash drivers did not provide them and end up causing crashes with algif_hash. This patch adds a check to prevent these drivers from registering ahash algorithms until they are fixed. Signed-off-by: Russell King Signed-off-by: Herbert Xu Signed-off-by: Greg Kroah-Hartman

crypto: authencesn - Fix breakage with new ESP code

2015-08-10T15:13:51Z

The ESP code has been updated to generate a completely linear AD SG list. This unfortunately broke authencesn which expects the AD to be divided into at least three parts. This patch fixes it to cope with the new format. Later we will fix it properly to accept arbitrary input and not rely on the input being linear as part of the AEAD conversion. Fixes: 7021b2e1cddd ("esp4: Switch to new AEAD interface") Signed-off-by: Herbert Xu

Merge tag 'module-implicit-v4.1-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux

2015-07-02T17:25:22Z

Pull implicit module.h fixes from Paul Gortmaker: "Fix up implicit users that will break later. The files changed here are simply modular source files that are implicitly relying on being present. We fix them up now, so that we can decouple some of the module related init code from the core init code in the future. The addition of the module.h include to several files here is also a no-op from a code generation point of view, else there would already be compile issues with these files today. There may be lots more implicit includes of in tree, but these are the ones that extensive build test coverage has shown that must be fixed in order to avoid build breakage fallout for the pending module.h <---> init.h code relocation we desire to complete" * tag 'module-implicit-v4.1-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux: frv: add module.h to mb93090-mb00/flash.c to avoid compile fail drivers/cpufreq: include for modular exynos-cpufreq.c code drivers/staging: include for modular android tegra_ion code crypto/asymmetric_keys: pkcs7_key_type needs module.h sh: mach-highlander/psw.c is tristate and should use module.h drivers/regulator: include for modular max77802 code drivers/pcmcia: include for modular xxs1500_ss code drivers/hsi: include for modular omap_ssi code drivers/gpu: include for modular rockchip code drivers/gpio: include for modular crystalcove code drivers/clk: include for clk-max77xxx modular code

Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

2015-06-27T20:26:03Z

Pull security subsystem updates from James Morris: "The main change in this kernel is Casey's generalized LSM stacking work, which removes the hard-coding of Capabilities and Yama stacking, allowing multiple arbitrary "small" LSMs to be stacked with a default monolithic module (e.g. SELinux, Smack, AppArmor). See https://lwn.net/Articles/636056/ This will allow smaller, simpler LSMs to be incorporated into the mainline kernel and arbitrarily stacked by users. Also, this is a useful cleanup of the LSM code in its own right" * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (38 commits) tpm, tpm_crb: fix le64_to_cpu conversions in crb_acpi_add() vTPM: set virtual device before passing to ibmvtpm_reset_crq tpm_ibmvtpm: remove unneccessary message level. ima: update builtin policies ima: extend "mask" policy matching support ima: add support for new "euid" policy condition ima: fix ima_show_template_data_ascii() Smack: freeing an error pointer in smk_write_revoke_subj() selinux: fix setting of security labels on NFS selinux: Remove unused permission definitions selinux: enable genfscon labeling for sysfs and pstore files selinux: enable per-file labeling for debugfs files. selinux: update netlink socket classes signals: don't abuse __flush_signals() in selinux_bprm_committed_creds() selinux: Print 'sclass' as string when unrecognized netlink message occurs Smack: allow multiple labels in onlycap Smack: fix seq operations in smackfs ima: pass iint to ima_add_violation() ima: wrap event related data to the new ima_event_data structure integrity: add validity checks for 'path' parameter ...

crypto: rsa - add .gitignore for crypto/*.-asn1.[ch] files

2015-06-25T15:29:24Z

There are two generated files: crypto/rsakey-asn1.c and crypto/raskey-asn1.h, after the cfc2bb32b31371d6bffc6bf2da3548f20ad48c83 commit. Let's add .gitignore to ignore *-asn1.[ch] files. Signed-off-by: Alexander Kuleshov Signed-off-by: Herbert Xu

crypto: asymmetric_keys/rsa - Use non-conflicting variable name

2015-06-25T15:18:33Z

arm64:allmodconfig fails to build as follows. In file included from include/acpi/platform/aclinux.h:74:0, from include/acpi/platform/acenv.h:173, from include/acpi/acpi.h:56, from include/linux/acpi.h:37, from ./arch/arm64/include/asm/dma-mapping.h:21, from include/linux/dma-mapping.h:86, from include/linux/skbuff.h:34, from include/crypto/algapi.h:18, from crypto/asymmetric_keys/rsa.c:16: include/linux/ctype.h:15:12: error: expected ‘;’, ‘,’ or ‘)’ before numeric constant #define _X 0x40 /* hex digit */ ^ crypto/asymmetric_keys/rsa.c:123:47: note: in expansion of macro ‘_X’ static int RSA_I2OSP(MPI x, size_t xLen, u8 **_X) ^ crypto/asymmetric_keys/rsa.c: In function ‘RSA_verify_signature’: crypto/asymmetric_keys/rsa.c:256:2: error: implicit declaration of function ‘RSA_I2OSP’ The problem is caused by an unrelated include file change, resulting in the inclusion of ctype.h on arm64. This in turn causes the local variable _X to conflict with macro _X used in ctype.h. Fixes: b6197b93fa4b ("arm64 : Introduce support for ACPI _CCA object") Cc: Suthikulpanit, Suravee Signed-off-by: Guenter Roeck Signed-off-by: Herbert Xu

crypto: testmgr - don't print info about missing test for gcm-aes-aesni

2015-06-25T15:18:33Z

Don't print info about missing test for the internal helper __driver-gcm-aes-aesni changes in v2: - marked test as fips allowed Signed-off-by: Tadeusz Struk Signed-off-by: Herbert Xu

crypto: jitterentropy - Delete unnecessary checks before the function call "kzfree"

2015-06-25T15:18:33Z

The kzfree() function tests whether its argument is NULL and then returns immediately. Thus the test around the call is not needed. This issue was detected by using the Coccinelle software. Signed-off-by: Markus Elfring Signed-off-by: Herbert Xu

crypto: akcipher - fix spelling cihper -> cipher

2015-06-25T15:18:32Z

Signed-off-by: Tadeusz Struk Signed-off-by: Herbert Xu