mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/crypto
History
Robbie Harwood e9424e5234 verify_pefile: relax wrapper length check 
[ Upstream commit 4fc5c74dde ]

The PE Format Specification (section "The Attribute Certificate Table
(Image Only)") states that `dwLength` is to be rounded up to 8-byte
alignment when used for traversal.  Therefore, the field is not required
to be an 8-byte multiple in the first place.

Accordingly, pesign has not performed this alignment since version
0.110.  This causes kexec failure on pesign'd binaries with "PEFILE:
Signature wrapper len wrong".  Update the comment and relax the check.

Signed-off-by: Robbie Harwood <rharwood@redhat.com>
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Jarkko Sakkinen <jarkko@kernel.org>
cc: Eric Biederman <ebiederm@xmission.com>
cc: Herbert Xu <herbert@gondor.apana.org.au>
cc: keyrings@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: kexec@lists.infradead.org
Link: https://learn.microsoft.com/en-us/windows/win32/debug/pe-format#the-attribute-certificate-table-image-only
Link: https://github.com/rhboot/pesign
Link: https://lore.kernel.org/r/20230220171254.592347-2-rharwood@redhat.com/ # v2
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2023-04-20 12:02:12 +02:00
..
asymmetric_keys verify_pefile: relax wrapper length check 2023-04-20 12:02:12 +02:00
async_tx License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
.gitignore crypto: rsa - add .gitignore for crypto/*.-asn1.[ch] files 2015-06-25 23:29:24 +08:00
842.c crypto: acomp - add support for 842 via scomp 2016-10-25 11:08:33 +08:00
Kconfig crypto: aes_ti - disable interrupts while accessing S-box 2019-02-12 19:45:57 +01:00
Makefile crypto: aes-generic - fix aes-generic regression on powerpc 2018-09-19 22:43:37 +02:00
ablk_helper.c crypto: ablk_helper - Fix cryptd reordering 2016-06-23 18:29:53 +08:00
ablkcipher.c crypto: skcipher - Fix -Wstringop-truncation warnings 2018-10-03 17:00:45 -07:00
acompress.c crypto: acomp - allow registration of multiple acomps 2017-04-21 20:30:50 +08:00
aead.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
aes_generic.c crypto: aes-generic - drop alignment requirement 2017-02-11 17:50:43 +08:00
aes_ti.c crypto: aes_ti - disable interrupts while accessing S-box 2019-02-12 19:45:57 +01:00
af_alg.c crypto: af_alg - avoid undefined behavior accessing salg_name 2020-12-29 13:46:50 +01:00
ahash.c crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails 2019-03-23 14:35:18 +01:00
akcipher.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
algapi.c crypto: api - Fix race condition in crypto_spawn_alg 2020-02-14 16:32:14 -05:00
algboss.c crypto: algboss - don't wait during notifier callback 2020-06-25 15:42:01 +02:00
algif_aead.c crypto: algif_aead - Do not set MAY_BACKLOG on the async path 2020-10-29 09:07:00 +01:00
algif_hash.c crypto: af_alg - fix use-after-free in af_alg_accept() due to bh_lock_sock() 2020-07-09 09:36:30 +02:00
algif_rng.c crypto: algif_rng - Remove obsolete const-removal cast 2015-04-22 09:30:21 +08:00
algif_skcipher.c crypto: algif_skcipher - EBUSY on aio should be an error 2020-10-29 09:07:01 +01:00
ansi_cprng.c crypto: ansi_cprng - Convert to new rng interface 2015-04-22 09:30:18 +08:00
anubis.c
api.c crypto: api - check for ERR pointers in crypto_destroy_tfm() 2021-05-22 10:57:16 +02:00
arc4.c
authenc.c crypto: authenc - Fix sleep in atomic context in decrypt_tail 2022-04-20 09:08:12 +02:00
authencesn.c crypto: authencesn - Avoid twice completion call in decrypt path 2019-01-23 08:09:47 +01:00
blkcipher.c crypto: skcipher - Fix -Wstringop-truncation warnings 2018-10-03 17:00:45 -07:00
blowfish_common.c
blowfish_generic.c
camellia_generic.c
cast5_generic.c
cast6_generic.c
cast_common.c
cbc.c crypto: cbc - Propagate NEED_FALLBACK bit 2017-03-09 18:34:39 +08:00
ccm.c crypto: ccm - fix incompatibility between "ccm" and "ccm_base" 2019-05-21 18:50:20 +02:00
chacha20_generic.c crypto: chacha20 - Fix chacha20_block() keystream alignment (again) 2022-06-25 11:46:31 +02:00
chacha20poly1305.c crypto: chacha20poly1305 - fix atomic sleep when using async algorithm 2019-07-31 07:28:35 +02:00
cipher.c crypto: api - Remove no-op exit_ops code 2016-10-21 11:03:42 +08:00
cmac.c crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic 2017-02-11 17:52:28 +08:00
compress.c crypto: api - Remove no-op exit_ops code 2016-10-21 11:03:42 +08:00
crc32_generic.c crypto: hash - annotate algorithms taking optional key 2018-02-16 20:23:00 +01:00
crc32c_generic.c crypto: hash - annotate algorithms taking optional key 2018-02-16 20:23:00 +01:00
crct10dif_common.c
crct10dif_generic.c crypto: crct10dif-generic - fix use via crypto_shash_digest() 2019-05-21 18:50:15 +02:00
cryptd.c crypto: cryptd - Fix skcipher instance memory leak 2019-07-10 09:54:38 +02:00
crypto_engine.c crypto: engine - replace pr_xxx by dev_xxx 2017-06-19 14:19:54 +08:00
crypto_null.c crypto: null - Remove default null blkcipher 2016-07-18 17:35:44 +08:00
crypto_user.c crypto: user - fix memory leak in crypto_report 2019-12-17 20:38:55 +01:00
crypto_wq.c
ctr.c crypto: algapi - make crypto_xor() take separate dst and src arguments 2017-08-04 09:27:15 +08:00
cts.c crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic 2017-02-11 17:52:28 +08:00
deflate.c crypto: scomp - add support for deflate rfc1950 (zlib) 2017-04-24 18:11:08 +08:00
des_generic.c
dh.c crypto: dh - Fix double free of ctx->p 2017-11-21 09:49:20 +01:00
dh_helper.c crypto: dh - Don't permit 'key' or 'g' size longer than 'p' 2017-11-21 09:49:21 +01:00
drbg.c crypto: drbg - make reseeding from get_random_bytes() synchronous 2022-06-25 11:46:41 +02:00
ecb.c
ecc.c crypto: ecdh - fix big endian bug in ECC library 2019-12-17 20:38:55 +01:00
ecc.h crypto: ecdh - add privkey generation support 2017-06-10 12:04:35 +08:00
ecc_curve_defs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ecdh.c crypto: ecdh - avoid buffer overflow in ecdh_set_secret() 2021-01-12 20:09:09 +01:00
ecdh_helper.c crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key() 2021-03-03 18:22:43 +01:00
echainiv.c crypto: echainiv - Replace chaining with multiplication 2016-09-13 18:44:57 +08:00
fcrypt.c
fips.c crypto: fips - Move fips_enabled sysctl into fips.c 2015-04-23 14:18:09 +08:00
gcm.c crypto: gcm - fix incompatibility between "gcm" and "gcm_base" 2019-05-21 18:50:15 +02:00
gf128mul.c crypto: gf128mul - define gf128mul_x_* in gf128mul.h 2017-04-05 21:58:35 +08:00
ghash-generic.c crypto: ghash - fix unaligned memory access in ghash_setkey() 2019-07-31 07:28:35 +02:00
hash_info.c keys, trusted: select hash algorithm for TPM2 chips 2015-12-20 15:27:12 +02:00
hmac.c crypto: hmac - require that the underlying hash algorithm is unkeyed 2017-12-20 10:10:17 +01:00
internal.h crypto: api - Fix race condition in crypto_spawn_alg 2020-02-14 16:32:14 -05:00
jitterentropy-kcapi.c crypto: jitterentropy - drop duplicate header module.h 2016-11-17 23:34:52 +08:00
jitterentropy.c crypto: jitterentropy - Delete unnecessary checks before the function call "kzfree" 2015-06-25 23:18:33 +08:00
keywrap.c crypto: keywrap - memzero the correct memory 2016-02-01 22:27:05 +08:00
khazad.c
kpp.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
lrw.c gcc-10: avoid shadowing standard library 'free()' in crypto 2020-05-20 08:17:11 +02:00
lz4.c crypto: lz4 - fixed decompress function to return error code 2017-04-10 19:17:27 +08:00
lz4hc.c crypto: lz4 - fixed decompress function to return error code 2017-04-10 19:17:27 +08:00
lzo.c treewide: use kv[mz]alloc* rather than opencoded variants 2017-05-08 17:15:13 -07:00
mcryptd.c crypto: hash - annotate algorithms taking optional key 2018-02-16 20:23:00 +01:00
md4.c crypto: Deduplicate le32_to_cpu_array() and cpu_to_le32_array() 2022-06-25 11:46:26 +02:00
md5.c crypto: Deduplicate le32_to_cpu_array() and cpu_to_le32_array() 2022-06-25 11:46:26 +02:00
memneq.c
michael_mic.c
pcbc.c crypto: pcbc - remove bogus memcpy()s with src == dest 2019-03-23 14:35:21 +01:00
pcrypt.c crypto: pcrypt - Delay write to padata->info 2021-11-26 11:40:32 +01:00
poly1305_generic.c crypto: poly1305 - remove ->setkey() method 2018-02-16 20:23:00 +01:00
proc.c crypto: fips - Move fips_enabled sysctl into fips.c 2015-04-23 14:18:09 +08:00
ripemd.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rmd128.c
rmd160.c
rmd256.c
rmd320.c
rng.c crypto: rng - ensure that the RNG is ready before using 2017-07-28 17:56:00 +08:00
rsa-pkcs1pad.c crypto: rsa-pkcs1pad - Use akcipher_request_complete 2023-03-11 16:26:37 +01:00
rsa.c crypto: rsa - comply with crypto_akcipher_maxsize() 2017-06-10 12:04:30 +08:00
rsa_helper.c crypto: rsa - fix buffer overread when stripping leading zeroes 2017-12-20 10:10:17 +01:00
rsaprivkey.asn1 crypto: rsa - Store rest of the private key components 2016-07-05 23:05:26 +08:00
rsapubkey.asn1 crypto: akcipher - Changes to asymmetric key API 2015-10-14 22:23:16 +08:00
salsa20_generic.c crypto: salsa20 - don't access already-freed walk.iv 2019-05-21 18:50:19 +02:00
scatterwalk.c crypto: scatterwalk - Remove unnecessary aliasing check in map_and_copy 2016-11-22 15:02:25 +08:00
scompress.c crypto: scompress - defer allocation of scratch buffer to first use 2017-08-03 13:52:44 +08:00
seed.c
seqiv.c crypto: seqiv - Handle EBUSY correctly 2023-03-11 16:26:37 +01:00
serpent_generic.c crypto: serpent - mark __serpent_setkey_sbox noinline 2019-07-31 07:28:30 +02:00
sha1_generic.c crypto: hash - add zero length message hash for shax and md5 2015-12-22 20:43:35 +08:00
sha3_generic.c crypto: sha3-generic - fixes for alignment and big endian operation 2018-02-03 17:38:51 +01:00
sha256_generic.c crypto: hash - add zero length message hash for shax and md5 2015-12-22 20:43:35 +08:00
sha512_generic.c crypto: sha512-generic - move to generic glue implementation 2015-04-10 21:39:41 +08:00
shash.c crypto: shash - avoid comparing pointers to exported functions under CFI 2021-07-20 16:17:32 +02:00
simd.c crypto: simd - correctly take reqsize of wrapped skcipher into account 2018-12-01 09:42:53 +01:00
skcipher.c crypto: skcipher - Unmap pages after an external error 2019-10-11 18:18:32 +02:00
tcrypt.c crypto: tcrypt - fix ghash-generic speed test 2018-11-13 11:15:07 -08:00
tcrypt.h crypto: tcrypt - Add ChaCha20/Poly1305 speed tests 2015-07-17 21:20:20 +08:00
tea.c
testmgr.c crypto: testmgr - skip crc32c context test for ahash algorithms 2019-03-23 14:35:18 +01:00
testmgr.h crypto: x86/poly1305 - fix overflow during partial reduction 2019-04-27 09:35:37 +02:00
tgr192.c crypto: tgr192 - fix unaligned memory access 2020-01-27 14:46:13 +01:00
twofish_common.c
twofish_generic.c
vmac.c crypto: vmac - separate tfm and request context 2018-08-17 21:01:10 +02:00
wp512.c
xcbc.c
xor.c kmemcheck: stop using GFP_NOTRACK and SLAB_NOTRACK 2018-02-22 15:42:23 +01:00
xts.c gcc-10: avoid shadowing standard library 'free()' in crypto 2020-05-20 08:17:11 +02:00