Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v4.4.162 2018-01-17T08:35:30Z 2018-01-17T08:35:30Z Eric Biggers ebiggers@google.com 2017-12-29T20:30:19Z urn:sha1:68829e75666e85aa2191dfbea6d52e91b7acaa89 commit 9a00674213a3f00394f4e3221b88f2d21fc05789 upstream. syzkaller triggered a NULL pointer dereference in crypto_remove_spawns() via a program that repeatedly and concurrently requests AEADs "authenc(cmac(des3_ede-asm),pcbc-aes-aesni)" and hashes "cmac(des3_ede)" through AF_ALG, where the hashes are requested as "untested" (CRYPTO_ALG_TESTED is set in ->salg_mask but clear in ->salg_feat; this causes the template to be instantiated for every request). Although AF_ALG users really shouldn't be able to request an "untested" algorithm, the NULL pointer dereference is actually caused by a longstanding race condition where crypto_remove_spawns() can encounter an instance which has had spawn(s) "grabbed" but hasn't yet been registered, resulting in ->cra_users still being NULL. We probably should properly initialize ->cra_users earlier, but that would require updating many templates individually. For now just fix the bug in a simple way that can easily be backported: make crypto_remove_spawns() treat a NULL ->cra_users list as empty. Reported-by: syzbot <syzkaller@googlegroups.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2017-02-09T07:02:44Z Salvatore Benedetto salvatore.benedetto@intel.com 2017-01-13T11:54:08Z urn:sha1:ae7d33f53a56c432e2db994df25ed7b2c0410819 commit d6040764adcb5cb6de1489422411d701c158bb69 upstream. Make sure CRYPTO_ALG_DEAD bit is cleared before proceeding with the algorithm registration. This fixes qat-dh registration when driver is restarted Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2015-10-20T13:59:25Z Herbert Xu herbert@gondor.apana.org.au 2015-10-19T10:23:57Z urn:sha1:3fc89adb9fa4beff31374a4bf50b3d099d88ae83 Currently a number of Crypto API operations may fail when a signal occurs. This causes nasty problems as the caller of those operations are often not in a good position to restart the operation. In fact there is currently no need for those operations to be interrupted by user signals at all. All we need is for them to be killable. This patch replaces the relevant calls of signal_pending with fatal_signal_pending, and wait_for_completion_interruptible with wait_for_completion_killable, respectively. Cc: stable@vger.kernel.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-07-14T06:56:45Z Herbert Xu herbert@gondor.apana.org.au 2015-07-08T23:17:15Z urn:sha1:319382a6970899f02f18da4b0083a6e55942456d Currently the task of freeing an instance is given to the crypto template. However, it has no type information on the instance so we have to resort to checking type information at runtime. This patch introduces a free function to crypto_type that will be used to free an instance. This can then be used to free an instance in a type-safe manner. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-07-14T06:56:44Z Herbert Xu herbert@gondor.apana.org.au 2015-07-08T03:55:30Z urn:sha1:31d228cc644034da97394bbadb2dc55ad9bcddb9 The function __crypto_dequeue_request is completely unused. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-06-03T02:48:34Z Herbert Xu herbert@gondor.apana.org.au 2015-05-28T14:07:56Z urn:sha1:c2110f28341cec2ecfd9474db15ac090bce1234c This patch ensures that the tfm context always has enough extra memory to ensure that it is aligned according to cra_alignment. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-05-13T02:31:25Z Herbert Xu herbert@gondor.apana.org.au 2015-05-11T09:47:39Z urn:sha1:d6ef2f198d4c9d95b77ee4918b97fc8a53c8a7b7 This patch adds a new primitive crypto_grab_spawn which is meant to replace crypto_init_spawn and crypto_init_spawn2. Under the new scheme the user no longer has to worry about reference counting the alg object before it is subsumed by the spawn. It is pretty much an exact copy of crypto_grab_aead. Prior to calling this function spawn->frontend and spawn->inst must have been set. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-04-26T06:33:15Z Herbert Xu herbert@gondor.apana.org.au 2015-04-23T06:48:05Z urn:sha1:bd4a7c69aaed79ae1a299db8063fe4daf5e4a2f1 The commit 59afdc7b32143528524455039e7557a46b60e4c8 ("crypto: api - Move module sig ifdef into accessor function") broke the build when modules are completely disabled because we directly dereference module->name. This patch fixes this by using the accessor function module_name. Reported-by: Fengguang Wu <fengguang.wu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-04-23T06:18:08Z Herbert Xu herbert@gondor.apana.org.au 2015-04-22T05:25:53Z urn:sha1:3133d76fc60bce6f3e00efb6c3540f2f449ff569 All users of fips_enabled should include linux/fips.h directly instead of getting it through internal.h. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2015-04-23T06:18:07Z Herbert Xu herbert@gondor.apana.org.au 2015-04-22T03:28:46Z urn:sha1:59afdc7b32143528524455039e7557a46b60e4c8 Currently we're hiding mod->sig_ok under an ifdef in open code. This patch adds a module_sig_ok accessor function and removes that ifdef. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Rusty Russell <rusty@rustcorp.com.au>