user/sven/linux.git/crypto, branch v3.16.40

async_pq_val: fix DMA memory leak

2017-02-23T03:54:09Z

commit c84750906b4818d4929fbf73a4ae6c113b94f52b upstream. Add missing dmaengine_unmap_put(), so we don't OOM during RAID6 sync. Fixes: 1786b943dad0 ("async_pq_val: convert to dmaengine_unmap_data") Signed-off-by: Justin Maggard Reviewed-by: Dan Williams Signed-off-by: Vinod Koul Signed-off-by: Ben Hutchings

crypto: gcm - Fix IV buffer size in crypto_gcm_setkey

2017-02-23T03:54:07Z

commit 50d2e6dc1f83db0563c7d6603967bf9585ce934b upstream. The cipher block size for GCM is 16 bytes, and thus the CTR transform used in crypto_gcm_setkey() will also expect a 16-byte IV. However, the code currently reserves only 8 bytes for the IV, causing an out-of-bounds access in the CTR transform. This patch fixes the issue by setting the size of the IV buffer to 16 bytes. Fixes: 84c911523020 ("[CRYPTO] gcm: Add support for async ciphers") Signed-off-by: Ondrej Mosnacek Signed-off-by: Herbert Xu Signed-off-by: Ben Hutchings

crypto: skcipher - Fix blkcipher walk OOM crash

2016-11-20T01:17:26Z

commit acdb04d0b36769b3e05990c488dc74d8b7ac8060 upstream. When we need to allocate a temporary blkcipher_walk_next and it fails, the code is supposed to take the slow path of processing the data block by block. However, due to an unrelated change we instead end up dereferencing the NULL pointer. This patch fixes it by moving the unrelated bsize setting out of the way so that we enter the slow path as inteded. Fixes: 7607bd8ff03b ("[CRYPTO] blkcipher: Added blkcipher_walk_virt_block") Reported-by: xiakaixu Reported-by: Ard Biesheuvel Signed-off-by: Herbert Xu Tested-by: Ard Biesheuvel Signed-off-by: Ben Hutchings

crypto: cryptd - initialize child shash_desc on import

2016-11-20T01:17:24Z

commit 0bd2223594a4dcddc1e34b15774a3a4776f7749e upstream. When calling .import() on a cryptd ahash_request, the structure members that describe the child transform in the shash_desc need to be initialized like they are when calling .init() Signed-off-by: Ard Biesheuvel Signed-off-by: Herbert Xu Signed-off-by: Ben Hutchings

crypto: scatterwalk - Fix test in scatterwalk_done

2016-11-20T01:16:53Z

commit 5f070e81bee35f1b7bd1477bb223a873ff657803 upstream. When there is more data to be processed, the current test in scatterwalk_done may prevent us from calling pagedone even when we should. In particular, if we're on an SG entry spanning multiple pages where the last page is not a full page, we will incorrectly skip calling pagedone on the second last page. This patch fixes this by adding a separate test for whether we've reached the end of a page. Signed-off-by: Herbert Xu Signed-off-by: Ben Hutchings

crypto: gcm - Filter out async ghash if necessary

2016-11-20T01:16:41Z

commit b30bdfa86431afbafe15284a3ad5ac19b49b88e3 upstream. As it is if you ask for a sync gcm you may actually end up with an async one because it does not filter out async implementations of ghash. This patch fixes this by adding the necessary filter when looking for ghash. Signed-off-by: Herbert Xu [bwh: Backported to 3.16: adjust context] Signed-off-by: Ben Hutchings

crypto: public_key: select CRYPTO_AKCIPHER

2016-08-22T21:38:02Z

commit bad6a185b4d6f81d0ed2b6e4c16307969f160b95 upstream. In some rare randconfig builds, we can end up with ASYMMETRIC_PUBLIC_KEY_SUBTYPE enabled but CRYPTO_AKCIPHER disabled, which fails to link because of the reference to crypto_alloc_akcipher: crypto/built-in.o: In function `public_key_verify_signature': :(.text+0x110e4): undefined reference to `crypto_alloc_akcipher' This adds a Kconfig 'select' statement to ensure the dependency is always there. Signed-off-by: Arnd Bergmann Signed-off-by: Herbert Xu Signed-off-by: Ben Hutchings

crypto: hash - Fix page length clamping in hash walk

2016-06-15T20:29:30Z

commit 13f4bb78cf6a312bbdec367ba3da044b09bf0e29 upstream. The crypto hash walk code is broken when supplied with an offset greater than or equal to PAGE_SIZE. This patch fixes it by adjusting walk->pg and walk->offset when this happens. Reported-by: Steffen Klassert Signed-off-by: Herbert Xu Signed-off-by: Ben Hutchings

crypto: gcm - Fix rfc4543 decryption crash

2016-04-30T22:06:15Z

This bug has already bee fixed upstream since 4.2. However, it was fixed during the AEAD conversion so no fix was backported to the older kernels. [bwh: The upstream commit was adcbc688fe2f ("crypto: gcm - Convert to new AEAD interface")] When we do an RFC 4543 decryption, we will end up writing the ICV beyond the end of the dst buffer. This should lead to a crash but for some reason it was never noticed. This patch fixes it by only writing back the ICV for encryption. Fixes: d733ac90f9fe ("crypto: gcm - fix rfc4543 to handle async...") Reported-by: Patrick Meyer Signed-off-by: Herbert Xu

crypto: {blk,giv}cipher: Set has_setkey

2016-03-08T12:15:18Z

Commit a1383cd86a06 ("crypto: skcipher - Add crypto_skcipher_has_setkey") was incorrectly backported to the 3.2.y and 3.16.y stable branches. We need to set ablkcipher_tfm::has_setkey in the crypto_init_blkcipher_ops_async() and crypto_init_givcipher_ops() functions as well as crypto_init_ablkcipher_ops(). Signed-off-by: Ben Hutchings Signed-off-by: Luis Henriques