user/sven/linux.git/crypto/algapi.c, branch v4.9.139Linux Kernel
https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v4.9.1392018-01-17T08:38:54Zcrypto: algapi - fix NULL dereference in crypto_remove_spawns()2018-01-17T08:38:54ZEric Biggersebiggers@google.com2017-12-29T20:30:19Zurn:sha1:3752d2fb9a6d3356ce2386e94a69ff40296272ce
commit 9a00674213a3f00394f4e3221b88f2d21fc05789 upstream.
syzkaller triggered a NULL pointer dereference in crypto_remove_spawns()
via a program that repeatedly and concurrently requests AEADs
"authenc(cmac(des3_ede-asm),pcbc-aes-aesni)" and hashes "cmac(des3_ede)"
through AF_ALG, where the hashes are requested as "untested"
(CRYPTO_ALG_TESTED is set in ->salg_mask but clear in ->salg_feat; this
causes the template to be instantiated for every request).
Although AF_ALG users really shouldn't be able to request an "untested"
algorithm, the NULL pointer dereference is actually caused by a
longstanding race condition where crypto_remove_spawns() can encounter
an instance which has had spawn(s) "grabbed" but hasn't yet been
registered, resulting in ->cra_users still being NULL.
We probably should properly initialize ->cra_users earlier, but that
would require updating many templates individually. For now just fix
the bug in a simple way that can easily be backported: make
crypto_remove_spawns() treat a NULL ->cra_users list as empty.
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
crypto: api - Clear CRYPTO_ALG_DEAD bit before registering an alg2017-02-09T07:08:26ZSalvatore Benedettosalvatore.benedetto@intel.com2017-01-13T11:54:08Zurn:sha1:b04a39f88cedc1bce345b458e8a9309ce8a2d1ba
commit d6040764adcb5cb6de1489422411d701c158bb69 upstream.
Make sure CRYPTO_ALG_DEAD bit is cleared before proceeding with
the algorithm registration. This fixes qat-dh registration when
driver is restarted
Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
crypto: api - Add crypto_inst_setname2016-07-01T15:45:11ZHerbert Xuherbert@gondor.apana.org.au2016-06-29T10:04:13Zurn:sha1:32f27c745c26ff4b6351bce265cba049a2c74de5
This patch adds the helper crypto_inst_setname because the current
helper crypto_alloc_instance2 is no longer useful given that we
now look up the algorithm after we allocate the instance object.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: api - Add crypto_type_has_alg helper2016-01-25T14:42:12ZHerbert Xuherbert@gondor.apana.org.au2016-01-23T05:51:01Zurn:sha1:f2aefdab5dff83d3c801449051be1ba72c7e933a
This patch adds the helper crypto_type_has_alg which is meant
to replace crypto_has_alg for new-style crypto types. Rather
than hard-coding type/mask information they're now retrieved
from the crypto_type object.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: api - use list_first_entry_or_null and list_next_entry2015-11-23T12:55:50ZGeliang Tanggeliangtang@163.com2015-11-16T14:37:14Zurn:sha1:304e4818d4a45e83019ea30e4cfcb3ac2a8ce09a
Simplify crypto_more_spawns() with list_first_entry_or_null()
and list_next_entry().
Signed-off-by: Geliang Tang <geliangtang@163.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: api - Only abort operations on fatal signal2015-10-20T13:59:25ZHerbert Xuherbert@gondor.apana.org.au2015-10-19T10:23:57Zurn:sha1:3fc89adb9fa4beff31374a4bf50b3d099d88ae83
Currently a number of Crypto API operations may fail when a signal
occurs. This causes nasty problems as the caller of those operations
are often not in a good position to restart the operation.
In fact there is currently no need for those operations to be
interrupted by user signals at all. All we need is for them to
be killable.
This patch replaces the relevant calls of signal_pending with
fatal_signal_pending, and wait_for_completion_interruptible with
wait_for_completion_killable, respectively.
Cc: stable@vger.kernel.org
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: api - Add instance free function to crypto_type2015-07-14T06:56:45ZHerbert Xuherbert@gondor.apana.org.au2015-07-08T23:17:15Zurn:sha1:319382a6970899f02f18da4b0083a6e55942456d
Currently the task of freeing an instance is given to the crypto
template. However, it has no type information on the instance so
we have to resort to checking type information at runtime.
This patch introduces a free function to crypto_type that will be
used to free an instance. This can then be used to free an instance
in a type-safe manner.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: api - Remove unused __crypto_dequeue_request2015-07-14T06:56:44ZHerbert Xuherbert@gondor.apana.org.au2015-07-08T03:55:30Zurn:sha1:31d228cc644034da97394bbadb2dc55ad9bcddb9
The function __crypto_dequeue_request is completely unused.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: api - Include alignment in crypto_alg_extsize2015-06-03T02:48:34ZHerbert Xuherbert@gondor.apana.org.au2015-05-28T14:07:56Zurn:sha1:c2110f28341cec2ecfd9474db15ac090bce1234c
This patch ensures that the tfm context always has enough extra
memory to ensure that it is aligned according to cra_alignment.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: api - Add crypto_grab_spawn primitive2015-05-13T02:31:25ZHerbert Xuherbert@gondor.apana.org.au2015-05-11T09:47:39Zurn:sha1:d6ef2f198d4c9d95b77ee4918b97fc8a53c8a7b7
This patch adds a new primitive crypto_grab_spawn which is meant
to replace crypto_init_spawn and crypto_init_spawn2. Under the
new scheme the user no longer has to worry about reference counting
the alg object before it is subsumed by the spawn.
It is pretty much an exact copy of crypto_grab_aead.
Prior to calling this function spawn->frontend and spawn->inst
must have been set.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>