提交 dc0f2f87 编写于 作者: L Linus Torvalds

Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Pull crypto fix from Herbert Xu:
 "This fixes a bug in the RSA self-test that may cause crashes on some
  architectures such as SPARC"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: testmgr - Use kmalloc memory for RSA input
...@@ -1776,6 +1776,7 @@ static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver, ...@@ -1776,6 +1776,7 @@ static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver,
static int do_test_rsa(struct crypto_akcipher *tfm, static int do_test_rsa(struct crypto_akcipher *tfm,
struct akcipher_testvec *vecs) struct akcipher_testvec *vecs)
{ {
char *xbuf[XBUFSIZE];
struct akcipher_request *req; struct akcipher_request *req;
void *outbuf_enc = NULL; void *outbuf_enc = NULL;
void *outbuf_dec = NULL; void *outbuf_dec = NULL;
...@@ -1784,9 +1785,12 @@ static int do_test_rsa(struct crypto_akcipher *tfm, ...@@ -1784,9 +1785,12 @@ static int do_test_rsa(struct crypto_akcipher *tfm,
int err = -ENOMEM; int err = -ENOMEM;
struct scatterlist src, dst, src_tab[2]; struct scatterlist src, dst, src_tab[2];
if (testmgr_alloc_buf(xbuf))
return err;
req = akcipher_request_alloc(tfm, GFP_KERNEL); req = akcipher_request_alloc(tfm, GFP_KERNEL);
if (!req) if (!req)
return err; goto free_xbuf;
init_completion(&result.completion); init_completion(&result.completion);
...@@ -1804,9 +1808,14 @@ static int do_test_rsa(struct crypto_akcipher *tfm, ...@@ -1804,9 +1808,14 @@ static int do_test_rsa(struct crypto_akcipher *tfm,
if (!outbuf_enc) if (!outbuf_enc)
goto free_req; goto free_req;
if (WARN_ON(vecs->m_size > PAGE_SIZE))
goto free_all;
memcpy(xbuf[0], vecs->m, vecs->m_size);
sg_init_table(src_tab, 2); sg_init_table(src_tab, 2);
sg_set_buf(&src_tab[0], vecs->m, 8); sg_set_buf(&src_tab[0], xbuf[0], 8);
sg_set_buf(&src_tab[1], vecs->m + 8, vecs->m_size - 8); sg_set_buf(&src_tab[1], xbuf[0] + 8, vecs->m_size - 8);
sg_init_one(&dst, outbuf_enc, out_len_max); sg_init_one(&dst, outbuf_enc, out_len_max);
akcipher_request_set_crypt(req, src_tab, &dst, vecs->m_size, akcipher_request_set_crypt(req, src_tab, &dst, vecs->m_size,
out_len_max); out_len_max);
...@@ -1825,7 +1834,7 @@ static int do_test_rsa(struct crypto_akcipher *tfm, ...@@ -1825,7 +1834,7 @@ static int do_test_rsa(struct crypto_akcipher *tfm,
goto free_all; goto free_all;
} }
/* verify that encrypted message is equal to expected */ /* verify that encrypted message is equal to expected */
if (memcmp(vecs->c, sg_virt(req->dst), vecs->c_size)) { if (memcmp(vecs->c, outbuf_enc, vecs->c_size)) {
pr_err("alg: rsa: encrypt test failed. Invalid output\n"); pr_err("alg: rsa: encrypt test failed. Invalid output\n");
err = -EINVAL; err = -EINVAL;
goto free_all; goto free_all;
...@@ -1840,7 +1849,13 @@ static int do_test_rsa(struct crypto_akcipher *tfm, ...@@ -1840,7 +1849,13 @@ static int do_test_rsa(struct crypto_akcipher *tfm,
err = -ENOMEM; err = -ENOMEM;
goto free_all; goto free_all;
} }
sg_init_one(&src, vecs->c, vecs->c_size);
if (WARN_ON(vecs->c_size > PAGE_SIZE))
goto free_all;
memcpy(xbuf[0], vecs->c, vecs->c_size);
sg_init_one(&src, xbuf[0], vecs->c_size);
sg_init_one(&dst, outbuf_dec, out_len_max); sg_init_one(&dst, outbuf_dec, out_len_max);
init_completion(&result.completion); init_completion(&result.completion);
akcipher_request_set_crypt(req, &src, &dst, vecs->c_size, out_len_max); akcipher_request_set_crypt(req, &src, &dst, vecs->c_size, out_len_max);
...@@ -1867,6 +1882,8 @@ static int do_test_rsa(struct crypto_akcipher *tfm, ...@@ -1867,6 +1882,8 @@ static int do_test_rsa(struct crypto_akcipher *tfm,
kfree(outbuf_enc); kfree(outbuf_enc);
free_req: free_req:
akcipher_request_free(req); akcipher_request_free(req);
free_xbuf:
testmgr_free_buf(xbuf);
return err; return err;
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册