OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/crypto
History
Rabin Vincent 3f62b3ed08 crypto: af_alg - fix backlog handling 
commit 7e77bdebff upstream.

If a request is backlogged, it's complete() handler will get called
twice: once with -EINPROGRESS, and once with the final error code.

af_alg's complete handler, unlike other users, does not handle the
-EINPROGRESS but instead always completes the completion that recvmsg()
is waiting on.  This can lead to a return to user space while the
request is still pending in the driver.  If userspace closes the sockets
before the requests are handled by the driver, this will lead to
use-after-frees (and potential crashes) in the kernel due to the tfm
having been freed.

The crashes can be easily reproduced (for example) by reducing the max
queue length in cryptod.c and running the following (from
http://www.chronox.de/libkcapi.html) on AES-NI capable hardware:

 $ while true; do kcapi -x 1 -e -c '__ecb-aes-aesni' \
    -k 00000000000000000000000000000000 \
    -p 00000000000000000000000000000000 >/dev/null & done

Signed-off-by: Rabin Vincent <rabin.vincent@axis.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2015-01-08 10:00:50 -08:00
..
asymmetric_keys Revert "KEYS: verify a certificate is signed by a 'trusted' key" 2013-11-23 16:38:17 -08:00
async_tx dmaengine: fix xor sources continuation 2014-10-30 09:38:20 -07:00
842.c crypto: 842 - remove .cra_list initialization 2012-09-07 04:17:06 +08:00
Kconfig Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2013-11-23 16:18:25 -08:00
Makefile crypto: more robust crypto_memneq 2013-12-05 21:28:41 +08:00
ablk_helper.c crypto: ablk_helper - Replace memcpy with struct assignment 2013-10-07 14:16:57 +08:00
ablkcipher.c crypto: skcipher - Use eseqiv even on UP machines 2013-10-30 09:51:45 +08:00
aead.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
aes_generic.c crypto: make tables used from assembler __visible 2013-08-14 20:42:03 +10:00
af_alg.c crypto: af_alg - fix backlog handling 2015-01-08 10:00:50 -08:00
ahash.c crypto: ahash - Fully restore ahash request before completing 2014-01-05 20:49:51 +08:00
algapi.c crypto: sanitize argument for format string 2013-07-03 16:07:25 -07:00
algboss.c crypto: algboss - Hold ref count on larval 2013-06-25 19:15:17 +08:00
algif_hash.c net: update consumers of MSG_MORE to recognize MSG_SENDPAGE_NOTLAST 2013-11-29 16:32:54 -05:00
algif_skcipher.c crypto: algif - avoid excessive use of socket buffer in skcipher 2014-11-14 09:00:11 -08:00
ansi_cprng.c crypto: ansi_cprng - Fix off by one error in non-block size request 2013-09-24 06:02:23 +10:00
anubis.c crypto: cleanup - remove unneeded crypto_alg.cra_list initializations 2012-08-01 17:47:27 +08:00
api.c crypto: api - Fix race condition in larval lookup 2013-09-08 14:33:50 +10:00
arc4.c crypto: arc4 - improve performance by using u32 for ctx and variables 2012-06-14 10:07:23 +08:00
authenc.c crypto: authenc - Find proper IV address in ablkcipher callback 2013-11-28 22:16:23 +08:00
authencesn.c crypto: authencesn - Simplify key parsing 2013-10-16 20:56:25 +08:00
blkcipher.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
blowfish_common.c crypto: blowfish - split generic and common c code 2011-09-22 21:25:25 +10:00
blowfish_generic.c crypto: cleanup - remove unneeded crypto_alg.cra_list initializations 2012-08-01 17:47:27 +08:00
camellia_generic.c crypto: camellia_generic - replace commas by semicolons and adjust code alignment 2013-08-21 21:08:33 +10:00
cast5_generic.c crypto: cast5/cast6 - move lookup tables to shared module 2012-12-06 17:16:26 +08:00
cast6_generic.c crypto: cast5/cast6 - move lookup tables to shared module 2012-12-06 17:16:26 +08:00
cast_common.c crypto: make tables used from assembler __visible 2013-08-14 20:42:03 +10:00
cbc.c Convert ERR_PTR(PTR_ERR(p)) instances to ERR_CAST(p) 2008-02-07 08:42:26 -08:00
ccm.c crypto: ccm - Fix handling of zero plaintext when computing mac 2013-11-28 22:25:17 +08:00
chainiv.c crypto: use ERR_CAST 2013-02-04 21:16:53 +08:00
cipher.c crypto: cipher - Fix checkpatch errors 2010-02-16 20:31:37 +08:00
cmac.c crypto: add CMAC support to CryptoAPI 2013-04-25 21:01:47 +08:00
compress.c crypto: compress - Fix checkpatch errors 2010-02-16 20:31:04 +08:00
crc32.c crypto: crc32 - add crc32 pclmulqdq implementation and wrappers for table implementation 2013-01-20 10:16:45 +11:00
crc32c.c crypto: crc32c should use library implementation 2012-03-23 16:58:38 -07:00
crct10dif_common.c crypto: crct10dif - Add fallback for broken initrds 2013-09-12 15:31:34 +10:00
crct10dif_generic.c crypto: crct10dif - Add fallback for broken initrds 2013-09-12 15:31:34 +10:00
cryptd.c crypto: cryptd - disable softirqs in cryptd_queue_worker to prevent data corruption 2012-10-24 21:21:18 +08:00
crypto_null.c crypto: crypto_null - use crypto_[un]register_algs 2012-08-01 17:47:24 +08:00
crypto_user.c net: Use netlink_ns_capable to verify the permisions of netlink messages 2014-06-26 15:15:38 -04:00
crypto_wq.c crypto: crypto_wq - Fix late crypto work queue initialization 2014-06-07 10:28:19 -07:00
ctr.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2013-02-25 15:56:15 -08:00
cts.c crypto: use ERR_CAST 2013-02-04 21:16:53 +08:00
deflate.c crypto: cleanup - remove unneeded crypto_alg.cra_list initializations 2012-08-01 17:47:27 +08:00
des_generic.c crypto: des - use crypto_[un]register_algs 2012-08-01 17:47:24 +08:00
ecb.c crypto: ecb - Fix checkpatch errors 2010-02-16 20:33:49 +08:00
eseqiv.c crypto: Use scatterwalk_crypto_chain 2010-12-02 14:47:16 +08:00
fcrypt.c crypto: fcrypt - Fix bitoperation for compilation with clang 2013-09-02 20:32:58 +10:00
fips.c crypto: api - Add fips_enable flag 2008-08-29 15:50:02 +10:00
gcm.c crypto: crypto_memneq - add equality testing of memory regions w/o timing leaks 2013-10-07 14:17:06 +08:00
gf128mul.c crypto: gf128mul - fix call to memset() 2011-07-08 17:21:21 +08:00
ghash-generic.c crypto: cleanup - remove unneeded crypto_alg.cra_list initializations 2012-08-01 17:47:27 +08:00
hash_info.c crypto: provide single place for hash algo information 2013-10-25 17:14:03 -04:00
hmac.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
internal.h crypto: algboss - Hold ref count on larval 2013-06-25 19:15:17 +08:00
khazad.c crypto: cleanup - remove unneeded crypto_alg.cra_list initializations 2012-08-01 17:47:27 +08:00
krng.c crypto: cleanup - remove unneeded crypto_alg.cra_list initializations 2012-08-01 17:47:27 +08:00
lrw.c crypto: lrw - add interface for parallelized cipher implementions 2011-11-09 11:50:31 +08:00
lz4.c crypto: add lz4 Cryptographic API 2013-07-09 10:33:30 -07:00
lz4hc.c crypto: add lz4 Cryptographic API 2013-07-09 10:33:30 -07:00
lzo.c crypto: cleanup - remove unneeded crypto_alg.cra_list initializations 2012-08-01 17:47:27 +08:00
md4.c crypto: add module.h to those files that are explicitly using it 2011-10-31 19:31:11 -04:00
md5.c crypto: Move md5_transform to lib/md5.c 2011-08-06 18:32:45 -07:00
memneq.c crypto: memneq - fix for archs without efficient unaligned access 2013-12-09 20:09:12 +08:00
michael_mic.c crypto: michael_mic - Switch to shash 2008-12-25 11:02:24 +11:00
pcbc.c Convert ERR_PTR(PTR_ERR(p)) instances to ERR_CAST(p) 2008-02-07 08:42:26 -08:00
pcompress.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
pcrypt.c crypto: pcrypt - Fix wrong usage of rcu_dereference() 2013-12-05 21:28:42 +08:00
proc.c crypto: add module.h to those files that are explicitly using it 2011-10-31 19:31:11 -04:00
ripemd.h [CRYPTO] ripemd: Put all common RIPEMD values in header file 2008-07-10 20:35:12 +08:00
rmd128.c crypto: ripemd - Set module author and update email address 2011-01-04 23:34:03 +11:00
rmd160.c crypto: ripemd - Set module author and update email address 2011-01-04 23:34:03 +11:00
rmd256.c crypto: ripemd - Set module author and update email address 2011-01-04 23:34:03 +11:00
rmd320.c crypto: ripemd - Set module author and update email address 2011-01-04 23:34:03 +11:00
rng.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
salsa20_generic.c crypto: cleanup - remove unneeded crypto_alg.cra_list initializations 2012-08-01 17:47:27 +08:00
scatterwalk.c crypto: scatterwalk - Add support for calculating number of SG elements 2013-08-21 21:27:58 +10:00
seed.c crypto: cleanup - remove unneeded crypto_alg.cra_list initializations 2012-08-01 17:47:27 +08:00
seqiv.c crypto: use ERR_CAST 2013-02-04 21:16:53 +08:00
serpent_generic.c crypto: serpent - use crypto_[un]register_algs 2012-08-01 17:47:25 +08:00
sha1_generic.c crypto: sha1 - export sha1_update for reuse 2011-08-10 19:00:28 +08:00
sha256_generic.c crypto: sha256 - Expose SHA256 generic routine to be callable externally. 2013-04-03 09:06:31 +08:00
sha512_generic.c crypto: sha512_generic - set cra_driver_name 2013-05-28 15:43:04 +08:00
shash.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
tcrypt.c crypto: tcrypt - Added speed tests for AEAD crypto alogrithms in tcrypt test suite 2013-12-20 20:06:25 +08:00
tcrypt.h crypto: tcrypt - Added speed tests for AEAD crypto alogrithms in tcrypt test suite 2013-12-20 20:06:25 +08:00
tea.c crypto: tea - use crypto_[un]register_algs 2012-08-01 17:47:24 +08:00
testmgr.c crypto: testmgr - fix sglen in test_aead for case 'dst != src' 2013-11-28 22:25:17 +08:00
testmgr.h Reinstate "crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework" 2013-09-07 12:56:26 +10:00
tgr192.c crypto: tiger - use crypto_[un]register_shashes 2012-08-01 17:47:26 +08:00
twofish_common.c crypto: twofish-x86_64-3way - add lrw support 2011-11-09 11:53:32 +08:00
twofish_generic.c crypto: cleanup - remove unneeded crypto_alg.cra_list initializations 2012-08-01 17:47:27 +08:00
vmac.c crypto: vmac - Make VMAC work when blocks aren't aligned 2012-10-15 22:33:20 +08:00
wp512.c crypto: whirlpool - use crypto_[un]register_shashes 2012-08-01 17:47:27 +08:00
xcbc.c crypto: add module.h to those files that are explicitly using it 2011-10-31 19:31:11 -04:00
xor.c add further __init annotations to crypto/xor.c 2012-10-11 13:42:32 +11:00
xts.c crypto: xts: add interface for parallelized cipher implementations 2011-11-09 11:56:06 +08:00
zlib.c net+crypto: Use vmalloc for zlib inflate buffers. 2011-06-29 05:48:41 -07:00