1. 07 12月, 2016 2 次提交
    • T
      crypto: mcryptd - Check mcryptd algorithm compatibility · 48a99272
      tim 提交于
      Algorithms not compatible with mcryptd could be spawned by mcryptd
      with a direct crypto_alloc_tfm invocation using a "mcryptd(alg)" name
      construct.  This causes mcryptd to crash the kernel if an arbitrary
      "alg" is incompatible and not intended to be used with mcryptd.  It is
      an issue if AF_ALG tries to spawn mcryptd(alg) to expose it externally.
      But such algorithms must be used internally and not be exposed.
      
      We added a check to enforce that only internal algorithms are allowed
      with mcryptd at the time mcryptd is spawning an algorithm.
      
      Link: http://marc.info/?l=linux-crypto-vger&m=148063683310477&w=2
      Cc: stable@vger.kernel.org
      Reported-by: NMikulas Patocka <mpatocka@redhat.com>
      Signed-off-by: NTim Chen <tim.c.chen@linux.intel.com>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      48a99272
    • S
      crypto: algif_aead - fix AEAD tag memory handling · 0c1e16cd
      Stephan Mueller 提交于
      For encryption, the AEAD ciphers require AAD || PT as input and generate
      AAD || CT || Tag as output and vice versa for decryption. Prior to this
      patch, the AF_ALG interface for AEAD ciphers requires the buffer to be
      present as input for encryption. Similarly, the output buffer for
      decryption required the presence of the tag buffer too. This implies
      that the kernel reads / writes data buffers from/to kernel space
      even though this operation is not required.
      
      This patch changes the AF_ALG AEAD interface to be consistent with the
      in-kernel AEAD cipher requirements.
      
      Due to this handling, he changes are transparent to user space with one
      exception: the return code of recv indicates the mount of output buffer.
      That output buffer has a different size compared to before the patch
      which implies that the return code of recv will also be different.
      For example, a decryption operation uses 16 bytes AAD, 16 bytes CT and
      16 bytes tag, the AF_ALG AEAD interface before showed a recv return
      code of 48 (bytes) whereas after this patch, the return code is 32
      since the tag is not returned any more.
      Reported-by: NMat Martineau <mathew.j.martineau@linux.intel.com>
      Signed-off-by: NStephan Mueller <smueller@chronox.de>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      0c1e16cd
  2. 30 11月, 2016 2 次提交
  3. 22 11月, 2016 2 次提交
  4. 18 11月, 2016 1 次提交
    • H
      crypto: algif_hash - Fix NULL hash crash with shash · a8348bca
      Herbert Xu 提交于
      Recently algif_hash has been changed to allow null hashes.  This
      triggers a bug when used with an shash algorithm whereby it will
      cause a crash during the digest operation.
      
      This patch fixes it by avoiding the digest operation and instead
      doing an init followed by a final which avoids the buggy code in
      shash.
      
      This patch also ensures that the result buffer is freed after an
      error so that it is not returned as a genuine hash result on the
      next recv call.
      
      The shash/ahash wrapper code will be fixed later to handle this
      case correctly.
      
      Fixes: 493b2ed3 ("crypto: algif_hash - Handle NULL hashes correctly")
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      Tested-by: NLaura Abbott <labbott@redhat.com>
      a8348bca
  5. 12 10月, 2016 1 次提交
    • P
      kthread: kthread worker API cleanup · 3989144f
      Petr Mladek 提交于
      A good practice is to prefix the names of functions by the name
      of the subsystem.
      
      The kthread worker API is a mix of classic kthreads and workqueues.  Each
      worker has a dedicated kthread.  It runs a generic function that process
      queued works.  It is implemented as part of the kthread subsystem.
      
      This patch renames the existing kthread worker API to use
      the corresponding name from the workqueues API prefixed by
      kthread_:
      
      __init_kthread_worker()		-> __kthread_init_worker()
      init_kthread_worker()		-> kthread_init_worker()
      init_kthread_work()		-> kthread_init_work()
      insert_kthread_work()		-> kthread_insert_work()
      queue_kthread_work()		-> kthread_queue_work()
      flush_kthread_work()		-> kthread_flush_work()
      flush_kthread_worker()		-> kthread_flush_worker()
      
      Note that the names of DEFINE_KTHREAD_WORK*() macros stay
      as they are. It is common that the "DEFINE_" prefix has
      precedence over the subsystem names.
      
      Note that INIT() macros and init() functions use different
      naming scheme. There is no good solution. There are several
      reasons for this solution:
      
        + "init" in the function names stands for the verb "initialize"
          aka "initialize worker". While "INIT" in the macro names
          stands for the noun "INITIALIZER" aka "worker initializer".
      
        + INIT() macros are used only in DEFINE() macros
      
        + init() functions are used close to the other kthread()
          functions. It looks much better if all the functions
          use the same scheme.
      
        + There will be also kthread_destroy_worker() that will
          be used close to kthread_cancel_work(). It is related
          to the init() function. Again it looks better if all
          functions use the same naming scheme.
      
        + there are several precedents for such init() function
          names, e.g. amd_iommu_init_device(), free_area_init_node(),
          jump_label_init_type(),  regmap_init_mmio_clk(),
      
        + It is not an argument but it was inconsistent even before.
      
      [arnd@arndb.de: fix linux-next merge conflict]
       Link: http://lkml.kernel.org/r/20160908135724.1311726-1-arnd@arndb.de
      Link: http://lkml.kernel.org/r/1470754545-17632-3-git-send-email-pmladek@suse.comSuggested-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NPetr Mladek <pmladek@suse.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Tejun Heo <tj@kernel.org>
      Cc: Ingo Molnar <mingo@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
      Cc: Josh Triplett <josh@joshtriplett.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Jiri Kosina <jkosina@suse.cz>
      Cc: Borislav Petkov <bp@suse.de>
      Cc: Michal Hocko <mhocko@suse.cz>
      Cc: Vlastimil Babka <vbabka@suse.cz>
      Signed-off-by: NArnd Bergmann <arnd@arndb.de>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      3989144f
  6. 05 10月, 2016 1 次提交
  7. 02 10月, 2016 3 次提交
  8. 22 9月, 2016 1 次提交
  9. 13 9月, 2016 3 次提交
  10. 07 9月, 2016 4 次提交
  11. 31 8月, 2016 3 次提交
  12. 24 8月, 2016 3 次提交
  13. 16 8月, 2016 2 次提交
  14. 09 8月, 2016 2 次提交
  15. 08 8月, 2016 1 次提交
    • G
      crypto: sha3 - Add missing ULL suffixes for 64-bit constants · f743e70e
      Geert Uytterhoeven 提交于
      On 32-bit (e.g. with m68k-linux-gnu-gcc-4.1):
      
          crypto/sha3_generic.c:27: warning: integer constant is too large for ‘long’ type
          crypto/sha3_generic.c:28: warning: integer constant is too large for ‘long’ type
          crypto/sha3_generic.c:29: warning: integer constant is too large for ‘long’ type
          crypto/sha3_generic.c:29: warning: integer constant is too large for ‘long’ type
          crypto/sha3_generic.c:31: warning: integer constant is too large for ‘long’ type
          crypto/sha3_generic.c:31: warning: integer constant is too large for ‘long’ type
          crypto/sha3_generic.c:32: warning: integer constant is too large for ‘long’ type
          crypto/sha3_generic.c:32: warning: integer constant is too large for ‘long’ type
          crypto/sha3_generic.c:32: warning: integer constant is too large for ‘long’ type
          crypto/sha3_generic.c:33: warning: integer constant is too large for ‘long’ type
          crypto/sha3_generic.c:33: warning: integer constant is too large for ‘long’ type
          crypto/sha3_generic.c:34: warning: integer constant is too large for ‘long’ type
          crypto/sha3_generic.c:34: warning: integer constant is too large for ‘long’ type
      
      Fixes: 53964b9e ("crypto: sha3 - Add SHA-3 hash algorithm")
      Signed-off-by: NGeert Uytterhoeven <geert@linux-m68k.org>
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      f743e70e
  16. 22 7月, 2016 1 次提交
  17. 19 7月, 2016 2 次提交
  18. 18 7月, 2016 6 次提交