Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v3.18.29 2015-11-15T17:51:52Z 2015-11-15T17:51:52Z Herbert Xu herbert@gondor.apana.org.au 2015-10-19T10:23:57Z urn:sha1:90a7b3b32dcbe54a40eea29a8c1308475ac9d7ab [ Upstream commit 3fc89adb9fa4beff31374a4bf50b3d099d88ae83 ] Currently a number of Crypto API operations may fail when a signal occurs. This causes nasty problems as the caller of those operations are often not in a good position to restart the operation. In fact there is currently no need for those operations to be interrupted by user signals at all. All we need is for them to be killable. This patch replaces the relevant calls of signal_pending with fatal_signal_pending, and wait_for_completion_interruptible with wait_for_completion_killable, respectively. Cc: stable@vger.kernel.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> 2015-01-30T01:40:46Z Kees Cook keescook@chromium.org 2014-11-21T01:05:53Z urn:sha1:f2efa8653bb59eeaa47036222bf4dd9acc83aabf commit 5d26a105b5a73e5635eae0629b42fa0a90e07b7b upstream. This prefixes all crypto module loading with "crypto-" so we never run the risk of exposing module auto-loading to userspace via a crypto API, as demonstrated by Mathias Krause: https://lkml.org/lkml/2013/3/4/70 Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2013-09-08T04:33:50Z Herbert Xu herbert@gondor.apana.org.au 2013-09-08T04:33:50Z urn:sha1:77dbd7a95e4a4f15264c333a9e9ab97ee27dc2aa crypto_larval_lookup should only return a larval if it created one. Any larval created by another entity must be processed through crypto_larval_wait before being returned. Otherwise this will lead to a larval being killed twice, which will most likely lead to a crash. Cc: stable@vger.kernel.org Reported-by: Kees Cook <keescook@chromium.org> Tested-by: Kees Cook <keescook@chromium.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2013-08-20T10:39:34Z Cristian Stoica cristian.stoica@freescale.com 2013-06-28T12:56:20Z urn:sha1:fd1a190029cc29fadf14bb9a1e82767e80c6ebdb Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> Signed-off-by: Jiri Kosina <jkosina@suse.cz> 2013-06-25T11:15:17Z Herbert Xu herbert@gondor.apana.org.au 2013-06-25T11:15:17Z urn:sha1:939e17799619e31331d2433041196529515a86a6 On Thu, Jun 20, 2013 at 10:00:21AM +0200, Daniel Borkmann wrote: > After having fixed a NULL pointer dereference in SCTP 1abd165e ("net: > sctp: fix NULL pointer dereference in socket destruction"), I ran into > the following NULL pointer dereference in the crypto subsystem with > the same reproducer, easily hit each time: > > BUG: unable to handle kernel NULL pointer dereference at (null) > IP: [<ffffffff81070321>] __wake_up_common+0x31/0x90 > PGD 0 > Oops: 0000 [#1] SMP > Modules linked in: padlock_sha(F-) sha256_generic(F) sctp(F) libcrc32c(F) [..] > CPU: 6 PID: 3326 Comm: cryptomgr_probe Tainted: GF 3.10.0-rc5+ #1 > Hardware name: Dell Inc. PowerEdge T410/0H19HD, BIOS 1.6.3 02/01/2011 > task: ffff88007b6cf4e0 ti: ffff88007b7cc000 task.ti: ffff88007b7cc000 > RIP: 0010:[<ffffffff81070321>] [<ffffffff81070321>] __wake_up_common+0x31/0x90 > RSP: 0018:ffff88007b7cde08 EFLAGS: 00010082 > RAX: ffffffffffffffe8 RBX: ffff88003756c130 RCX: 0000000000000000 > RDX: 0000000000000000 RSI: 0000000000000003 RDI: ffff88003756c130 > RBP: ffff88007b7cde48 R08: 0000000000000000 R09: ffff88012b173200 > R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000282 > R13: ffff88003756c138 R14: 0000000000000000 R15: 0000000000000000 > FS: 0000000000000000(0000) GS:ffff88012fc60000(0000) knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b > CR2: 0000000000000000 CR3: 0000000001a0b000 CR4: 00000000000007e0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 > Stack: > ffff88007b7cde28 0000000300000000 ffff88007b7cde28 ffff88003756c130 > 0000000000000282 ffff88003756c128 ffffffff81227670 0000000000000000 > ffff88007b7cde78 ffffffff810722b7 ffff88007cdcf000 ffffffff81a90540 > Call Trace: > [<ffffffff81227670>] ? crypto_alloc_pcomp+0x20/0x20 > [<ffffffff810722b7>] complete_all+0x47/0x60 > [<ffffffff81227708>] cryptomgr_probe+0x98/0xc0 > [<ffffffff81227670>] ? crypto_alloc_pcomp+0x20/0x20 > [<ffffffff8106760e>] kthread+0xce/0xe0 > [<ffffffff81067540>] ? kthread_freezable_should_stop+0x70/0x70 > [<ffffffff815450dc>] ret_from_fork+0x7c/0xb0 > [<ffffffff81067540>] ? kthread_freezable_should_stop+0x70/0x70 > Code: 41 56 41 55 41 54 53 48 83 ec 18 66 66 66 66 90 89 75 cc 89 55 c8 > 4c 8d 6f 08 48 8b 57 08 41 89 cf 4d 89 c6 48 8d 42 e > RIP [<ffffffff81070321>] __wake_up_common+0x31/0x90 > RSP <ffff88007b7cde08> > CR2: 0000000000000000 > ---[ end trace b495b19270a4d37e ]--- > > My assumption is that the following is happening: the minimal SCTP > tool runs under ``echo 1 > /proc/sys/net/sctp/auth_enable'', hence > it's making use of crypto_alloc_hash() via sctp_auth_init_hmacs(). > It forks itself, heavily allocates, binds, listens and waits in > accept on sctp sockets, and then randomly kills some of them (no > need for an actual client in this case to hit this). Then, again, > allocating, binding, etc, and then killing child processes. > > The problem that might be happening here is that cryptomgr requests > the module to probe/load through cryptomgr_schedule_probe(), but > before the thread handler cryptomgr_probe() returns, we return from > the wait_for_completion_interruptible() function and probably already > have cleared up larval, thus we run into a NULL pointer dereference > when in cryptomgr_probe() complete_all() is being called. > > If we wait with wait_for_completion() instead, this panic will not > occur anymore. This is valid, because in case a signal is pending, > cryptomgr_probe() returns from probing anyway with properly calling > complete_all(). The use of wait_for_completion_interruptible is intentional so that we don't lock up the thread if a bug causes us to never wake up. This bug is caused by the helper thread using the larval without holding a reference count on it. If the helper thread completes after the original thread requesting for help has gone away and destroyed the larval, then we get the crash above. So the fix is to hold a reference count on the larval. Cc: <stable@vger.kernel.org> # 3.6+ Reported-by: Daniel Borkmann <dborkman@redhat.com> Tested-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2010-02-16T12:26:46Z Richard Hartmann richih.mailinglist@gmail.com 2010-02-16T12:26:46Z urn:sha1:3d01a33b77b120f8b11d8757c346442ed7961b11 Signed-off-by: Richard Hartmann <richih.mailinglist@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2009-07-14T04:58:15Z Herbert Xu herbert@gondor.apana.org.au 2009-07-13T12:46:25Z urn:sha1:2ca33da1dea3ba53d1425226a6bac073c5e8568c As the extsize and init_tfm functions belong to the frontend the frontend argument is superfluous. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2009-07-14T04:58:07Z Herbert Xu herbert@gondor.apana.org.au 2009-07-12T05:58:04Z urn:sha1:6941c3a0aabb6ad4167827360f384e9daed7dd7f This patch removes the implementation of hash and digest now that no algorithms use them anymore. The interface though will remain until the users are converted across. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2009-07-08T10:58:29Z Herbert Xu herbert@gondor.apana.org.au 2009-07-08T09:53:16Z urn:sha1:d06854f0243d91badabaab14503f7f3bb770061d This patch adds the helper crypto_attr_alg2 which is similar to crypto_attr_alg but takes an extra frontend argument. This is intended to be used by new style algorithm types such as shash. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 2009-06-02T04:13:14Z Alex Riesen raa.lkml@gmail.com 2009-06-02T04:13:14Z urn:sha1:aa07a6990f4b6a8ef9fc538dea55bac6f92255f2 Besdies, for the old code, gcc-4.3.3 produced this warning: "format not a string literal and no format arguments" Signed-off-by: Alex Riesen <raa.lkml@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>