Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 64648a5f authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 

Pull crypto fixes from Herbert Xu:
 "This fixes the following issues:

   - racy use of ctx->rcvused in af_alg

   - algif_aead crash in chacha20poly1305

   - freeing bogus pointer in pcrypt

   - build error on MIPS in mpi

   - memory leak in inside-secure

   - memory overwrite in inside-secure

   - NULL pointer dereference in inside-secure

   - state corruption in inside-secure

   - build error without CRYPTO_GF128MUL in chelsio

   - use after free in n2"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: inside-secure - do not use areq->result for partial results
  crypto: inside-secure - fix request allocations in invalidation path
  crypto: inside-secure - free requests even if their handling failed
  crypto: inside-secure - per request invalidation
  lib/mpi: Fix umul_ppmm() for MIPS64r6
  crypto: pcrypt - fix freeing pcrypt instances
  crypto: n2 - cure use after free
  crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t
  crypto: chacha20poly1305 - validate the digest size
  crypto: chelsio - select CRYPTO_GF128MUL
parents d8887f1c 2973633e

crypto/af_alg.c

+2 −2
Original line number Diff line number Diff line
@@ -664,7 +664,7 @@ void af_alg_free_areq_sgls(struct af_alg_async_req *areq) 
	unsigned int i;



	list_for_each_entry_safe(rsgl, tmp, &areq->rsgl_list, list) {

		ctx->rcvused -= rsgl->sg_num_bytes;

		atomic_sub(rsgl->sg_num_bytes, &ctx->rcvused);

		af_alg_free_sg(&rsgl->sgl);

		list_del(&rsgl->list);

		if (rsgl != &areq->first_rsgl)
@@ -1163,7 +1163,7 @@ int af_alg_get_rsgl(struct sock *sk, struct msghdr *msg, int flags, 


		areq->last_rsgl = rsgl;

		len += err;

		ctx->rcvused += err;

		atomic_add(err, &ctx->rcvused);

		rsgl->sg_num_bytes = err;

		iov_iter_advance(&msg->msg_iter, err);

	}

crypto/algif_aead.c

+1 −1
Original line number Diff line number Diff line
@@ -571,7 +571,7 @@ static int aead_accept_parent_nokey(void *private, struct sock *sk) 
	INIT_LIST_HEAD(&ctx->tsgl_list);

	ctx->len = len;

	ctx->used = 0;

	ctx->rcvused = 0;

	atomic_set(&ctx->rcvused, 0);

	ctx->more = 0;

	ctx->merge = 0;

	ctx->enc = 0;

crypto/algif_skcipher.c

+1 −1
Original line number Diff line number Diff line
@@ -390,7 +390,7 @@ static int skcipher_accept_parent_nokey(void *private, struct sock *sk) 
	INIT_LIST_HEAD(&ctx->tsgl_list);

	ctx->len = len;

	ctx->used = 0;

	ctx->rcvused = 0;

	atomic_set(&ctx->rcvused, 0);

	ctx->more = 0;

	ctx->merge = 0;

	ctx->enc = 0;

crypto/chacha20poly1305.c

+5 −1
Original line number Diff line number Diff line
@@ -610,6 +610,11 @@ static int chachapoly_create(struct crypto_template *tmpl, struct rtattr **tb, 
						    algt->mask));

	if (IS_ERR(poly))

		return PTR_ERR(poly);

	poly_hash = __crypto_hash_alg_common(poly);



	err = -EINVAL;

	if (poly_hash->digestsize != POLY1305_DIGEST_SIZE)

		goto out_put_poly;



	err = -ENOMEM;

	inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL);
@@ -618,7 +623,6 @@ static int chachapoly_create(struct crypto_template *tmpl, struct rtattr **tb, 


	ctx = aead_instance_ctx(inst);

	ctx->saltlen = CHACHAPOLY_IV_SIZE - ivsize;

	poly_hash = __crypto_hash_alg_common(poly);

	err = crypto_init_ahash_spawn(&ctx->poly, poly_hash,

				      aead_crypto_instance(inst));

	if (err)

crypto/pcrypt.c

+10 −9
Original line number Diff line number Diff line
@@ -254,6 +254,14 @@ static void pcrypt_aead_exit_tfm(struct crypto_aead *tfm) 
	crypto_free_aead(ctx->child);

}



static void pcrypt_free(struct aead_instance *inst)

{

	struct pcrypt_instance_ctx *ctx = aead_instance_ctx(inst);



	crypto_drop_aead(&ctx->spawn);

	kfree(inst);

}



static int pcrypt_init_instance(struct crypto_instance *inst,

				struct crypto_alg *alg)

{
@@ -319,6 +327,8 @@ static int pcrypt_create_aead(struct crypto_template *tmpl, struct rtattr **tb, 
	inst->alg.encrypt = pcrypt_aead_encrypt;

	inst->alg.decrypt = pcrypt_aead_decrypt;



	inst->free = pcrypt_free;



	err = aead_register_instance(tmpl, inst);

	if (err)

		goto out_drop_aead;
@@ -349,14 +359,6 @@ static int pcrypt_create(struct crypto_template *tmpl, struct rtattr **tb) 
	return -EINVAL;

}



static void pcrypt_free(struct crypto_instance *inst)

{

	struct pcrypt_instance_ctx *ctx = crypto_instance_ctx(inst);



	crypto_drop_aead(&ctx->spawn);

	kfree(inst);

}



static int pcrypt_cpumask_change_notify(struct notifier_block *self,

					unsigned long val, void *data)

{
@@ -469,7 +471,6 @@ static void pcrypt_fini_padata(struct padata_pcrypt *pcrypt) 
static struct crypto_template pcrypt_tmpl = {

	.name = "pcrypt",

	.create = pcrypt_create,

	.free = pcrypt_free,

	.module = THIS_MODULE,

};