mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/crypto
History
Eric Biggers 654a509d8e crypto: ccm - fix incompatibility between "ccm" and "ccm_base" 
commit 6a1faa4a43 upstream.

CCM instances can be created by either the "ccm" template, which only
allows choosing the block cipher, e.g. "ccm(aes)"; or by "ccm_base",
which allows choosing the ctr and cbcmac implementations, e.g.
"ccm_base(ctr(aes-generic),cbcmac(aes-generic))".

However, a "ccm_base" instance prevents a "ccm" instance from being
registered using the same implementations.  Nor will the instance be
found by lookups of "ccm".  This can be used as a denial of service.
Moreover, "ccm_base" instances are never tested by the crypto
self-tests, even if there are compatible "ccm" tests.

The root cause of these problems is that instances of the two templates
use different cra_names.  Therefore, fix these problems by making
"ccm_base" instances set the same cra_name as "ccm" instances, e.g.
"ccm(aes)" instead of "ccm_base(ctr(aes-generic),cbcmac(aes-generic))".

This requires extracting the block cipher name from the name of the ctr
and cbcmac algorithms.  It also requires starting to verify that the
algorithms are really ctr and cbcmac using the same block cipher, not
something else entirely.  But it would be bizarre if anyone were
actually using non-ccm-compatible algorithms with ccm_base, so this
shouldn't break anyone in practice.

Fixes: 4a49b499df ("[CRYPTO] ccm: Added CCM mode")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2019-05-21 18:50:20 +02:00
..
asymmetric_keys Replace magic for trusting the secondary keyring with #define 2018-09-09 19:55:54 +02:00
async_tx License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
.gitignore crypto: rsa - add .gitignore for crypto/*.-asn1.[ch] files 2015-06-25 23:29:24 +08:00
842.c crypto: acomp - add support for 842 via scomp 2016-10-25 11:08:33 +08:00
Kconfig crypto: aes_ti - disable interrupts while accessing S-box 2019-02-12 19:45:57 +01:00
Makefile crypto: aes-generic - fix aes-generic regression on powerpc 2018-09-19 22:43:37 +02:00
ablk_helper.c crypto: ablk_helper - Fix cryptd reordering 2016-06-23 18:29:53 +08:00
ablkcipher.c crypto: skcipher - Fix -Wstringop-truncation warnings 2018-10-03 17:00:45 -07:00
acompress.c crypto: acomp - allow registration of multiple acomps 2017-04-21 20:30:50 +08:00
aead.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
aes_generic.c crypto: aes-generic - drop alignment requirement 2017-02-11 17:50:43 +08:00
aes_ti.c crypto: aes_ti - disable interrupts while accessing S-box 2019-02-12 19:45:57 +01:00
af_alg.c net: crypto set sk to NULL when af_alg_release. 2019-02-23 09:06:42 +01:00
ahash.c crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails 2019-03-23 14:35:18 +01:00
akcipher.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
algapi.c crypto: algapi - fix NULL dereference in crypto_remove_spawns() 2018-01-17 09:45:23 +01:00
algboss.c sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
algif_aead.c crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t 2018-03-03 10:24:29 +01:00
algif_hash.c crypto: hash - prevent using keyed hashes without setting key 2018-02-16 20:23:00 +01:00
algif_rng.c crypto: algif_rng - Remove obsolete const-removal cast 2015-04-22 09:30:21 +08:00
algif_skcipher.c crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t 2018-03-03 10:24:29 +01:00
ansi_cprng.c crypto: ansi_cprng - Convert to new rng interface 2015-04-22 09:30:18 +08:00
anubis.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
api.c evm: Don't deadlock if a crypto algorithm is unavailable 2018-09-26 08:38:09 +02:00
arc4.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
authenc.c crypto: authenc - fix parsing key with misaligned rta_len 2019-01-23 08:09:48 +01:00
authencesn.c crypto: authencesn - Avoid twice completion call in decrypt path 2019-01-23 08:09:47 +01:00
blkcipher.c crypto: skcipher - Fix -Wstringop-truncation warnings 2018-10-03 17:00:45 -07:00
blowfish_common.c
blowfish_generic.c crypto: add missing crypto module aliases 2015-01-13 22:29:11 +11:00
camellia_generic.c crypto: add missing crypto module aliases 2015-01-13 22:29:11 +11:00
cast5_generic.c crypto: add missing crypto module aliases 2015-01-13 22:29:11 +11:00
cast6_generic.c crypto: add missing crypto module aliases 2015-01-13 22:29:11 +11:00
cast_common.c
cbc.c crypto: cbc - Propagate NEED_FALLBACK bit 2017-03-09 18:34:39 +08:00
ccm.c crypto: ccm - fix incompatibility between "ccm" and "ccm_base" 2019-05-21 18:50:20 +02:00
chacha20_generic.c crypto: chacha20 - fix handling of chunked input 2017-08-22 14:45:47 +08:00
chacha20poly1305.c crypto: chacha20poly1305 - set cra_name correctly 2019-05-21 18:50:14 +02:00
cipher.c crypto: api - Remove no-op exit_ops code 2016-10-21 11:03:42 +08:00
cmac.c crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic 2017-02-11 17:52:28 +08:00
compress.c crypto: api - Remove no-op exit_ops code 2016-10-21 11:03:42 +08:00
crc32_generic.c crypto: hash - annotate algorithms taking optional key 2018-02-16 20:23:00 +01:00
crc32c_generic.c crypto: hash - annotate algorithms taking optional key 2018-02-16 20:23:00 +01:00
crct10dif_common.c crypto: crct10dif - Add fallback for broken initrds 2013-09-12 15:31:34 +10:00
crct10dif_generic.c crypto: crct10dif-generic - fix use via crypto_shash_digest() 2019-05-21 18:50:15 +02:00
cryptd.c crypto: hash - annotate algorithms taking optional key 2018-02-16 20:23:00 +01:00
crypto_engine.c crypto: engine - replace pr_xxx by dev_xxx 2017-06-19 14:19:54 +08:00
crypto_null.c crypto: null - Remove default null blkcipher 2016-07-18 17:35:44 +08:00
crypto_user.c crypto: user - fix leaking uninitialized memory to userspace 2018-11-21 09:24:15 +01:00
crypto_wq.c crypto: crypto_wq - Fix late crypto work queue initialization 2014-03-21 21:54:28 +08:00
ctr.c crypto: algapi - make crypto_xor() take separate dst and src arguments 2017-08-04 09:27:15 +08:00
cts.c crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic 2017-02-11 17:52:28 +08:00
deflate.c crypto: scomp - add support for deflate rfc1950 (zlib) 2017-04-24 18:11:08 +08:00
des_generic.c crypto: add missing crypto module aliases 2015-01-13 22:29:11 +11:00
dh.c crypto: dh - Fix double free of ctx->p 2017-11-21 09:49:20 +01:00
dh_helper.c crypto: dh - Don't permit 'key' or 'g' size longer than 'p' 2017-11-21 09:49:21 +01:00
drbg.c crypto: drbg - set freed buffers to NULL 2018-05-01 12:58:23 -07:00
ecb.c crypto: include crypto- module prefix in template 2014-11-26 20:06:30 +08:00
ecc.c crypto: ecc - Fix NULL pointer deref. on no default_rng 2018-03-19 08:42:49 +01:00
ecc.h crypto: ecdh - add privkey generation support 2017-06-10 12:04:35 +08:00
ecc_curve_defs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ecdh.c crypto: ecdh - fix concurrency on shared secret and pubkey 2017-08-03 13:47:22 +08:00
ecdh_helper.c crypto: kpp, (ec)dh - fix typos 2017-06-10 12:04:25 +08:00
echainiv.c crypto: echainiv - Replace chaining with multiplication 2016-09-13 18:44:57 +08:00
fcrypt.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
fips.c crypto: fips - Move fips_enabled sysctl into fips.c 2015-04-23 14:18:09 +08:00
gcm.c crypto: gcm - fix incompatibility between "gcm" and "gcm_base" 2019-05-21 18:50:15 +02:00
gf128mul.c crypto: gf128mul - define gf128mul_x_* in gf128mul.h 2017-04-05 21:58:35 +08:00
ghash-generic.c crypto: ghash-generic - move common definitions to a new header file 2016-10-02 22:26:40 +08:00
hash_info.c keys, trusted: select hash algorithm for TPM2 chips 2015-12-20 15:27:12 +02:00
hmac.c crypto: hmac - require that the underlying hash algorithm is unkeyed 2017-12-20 10:10:17 +01:00
internal.h crypto: api - Remove no-op exit_ops code 2016-10-21 11:03:42 +08:00
jitterentropy-kcapi.c crypto: jitterentropy - drop duplicate header module.h 2016-11-17 23:34:52 +08:00
jitterentropy.c crypto: jitterentropy - Delete unnecessary checks before the function call "kzfree" 2015-06-25 23:18:33 +08:00
keywrap.c crypto: keywrap - memzero the correct memory 2016-02-01 22:27:05 +08:00
khazad.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
kpp.c crypto: Replaced gcc specific attributes with macros from compiler.h 2017-01-13 00:24:39 +08:00
lrw.c crypto: lrw - Fix out-of bounds access on counter overflow 2018-11-13 11:15:07 -08:00
lz4.c crypto: lz4 - fixed decompress function to return error code 2017-04-10 19:17:27 +08:00
lz4hc.c crypto: lz4 - fixed decompress function to return error code 2017-04-10 19:17:27 +08:00
lzo.c treewide: use kv[mz]alloc* rather than opencoded variants 2017-05-08 17:15:13 -07:00
mcryptd.c crypto: hash - annotate algorithms taking optional key 2018-02-16 20:23:00 +01:00
md4.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
md5.c md5: remove from lib and only live in crypto 2017-03-24 22:02:56 +08:00
memneq.c crypto: memneq - fix for archs without efficient unaligned access 2013-12-09 20:09:12 +08:00
michael_mic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
pcbc.c crypto: pcbc - remove bogus memcpy()s with src == dest 2019-03-23 14:35:21 +01:00
pcrypt.c crypto: pcrypt - fix freeing pcrypt instances 2018-01-10 09:31:18 +01:00
poly1305_generic.c crypto: poly1305 - remove ->setkey() method 2018-02-16 20:23:00 +01:00
proc.c crypto: fips - Move fips_enabled sysctl into fips.c 2015-04-23 14:18:09 +08:00
ripemd.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rmd128.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
rmd160.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
rmd256.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
rmd320.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
rng.c crypto: rng - ensure that the RNG is ready before using 2017-07-28 17:56:00 +08:00
rsa-pkcs1pad.c crypto: rsa-pkcs1pad - use constant time memory comparison for MACs 2017-06-20 11:21:19 +08:00
rsa.c crypto: rsa - comply with crypto_akcipher_maxsize() 2017-06-10 12:04:30 +08:00
rsa_helper.c crypto: rsa - fix buffer overread when stripping leading zeroes 2017-12-20 10:10:17 +01:00
rsaprivkey.asn1 crypto: rsa - Store rest of the private key components 2016-07-05 23:05:26 +08:00
rsapubkey.asn1 crypto: akcipher - Changes to asymmetric key API 2015-10-14 22:23:16 +08:00
salsa20_generic.c crypto: salsa20 - don't access already-freed walk.iv 2019-05-21 18:50:19 +02:00
scatterwalk.c crypto: scatterwalk - Remove unnecessary aliasing check in map_and_copy 2016-11-22 15:02:25 +08:00
scompress.c crypto: scompress - defer allocation of scratch buffer to first use 2017-08-03 13:52:44 +08:00
seed.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
seqiv.c crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic 2017-02-11 17:52:28 +08:00
serpent_generic.c crypto: serpent - improve __serpent_setkey with UBSAN 2017-08-09 20:17:54 +08:00
sha1_generic.c crypto: hash - add zero length message hash for shax and md5 2015-12-22 20:43:35 +08:00
sha3_generic.c crypto: sha3-generic - fixes for alignment and big endian operation 2018-02-03 17:38:51 +01:00
sha256_generic.c crypto: hash - add zero length message hash for shax and md5 2015-12-22 20:43:35 +08:00
sha512_generic.c crypto: sha512-generic - move to generic glue implementation 2015-04-10 21:39:41 +08:00
shash.c crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails 2019-03-23 14:35:18 +01:00
simd.c crypto: simd - correctly take reqsize of wrapped skcipher into account 2018-12-01 09:42:53 +01:00
skcipher.c crypto: skcipher - don't WARN on unprocessed data after slow walk step 2019-05-21 18:50:14 +02:00
tcrypt.c crypto: tcrypt - fix ghash-generic speed test 2018-11-13 11:15:07 -08:00
tcrypt.h crypto: tcrypt - Add ChaCha20/Poly1305 speed tests 2015-07-17 21:20:20 +08:00
tea.c crypto: add missing crypto module aliases 2015-01-13 22:29:11 +11:00
testmgr.c crypto: testmgr - skip crc32c context test for ahash algorithms 2019-03-23 14:35:18 +01:00
testmgr.h crypto: x86/poly1305 - fix overflow during partial reduction 2019-04-27 09:35:37 +02:00
tgr192.c crypto: add missing crypto module aliases 2015-01-13 22:29:11 +11:00
twofish_common.c
twofish_generic.c crypto: add missing crypto module aliases 2015-01-13 22:29:11 +11:00
vmac.c crypto: vmac - separate tfm and request context 2018-08-17 21:01:10 +02:00
wp512.c crypto: add missing crypto module aliases 2015-01-13 22:29:11 +11:00
xcbc.c crypto: include crypto- module prefix in template 2014-11-26 20:06:30 +08:00
xor.c kmemcheck: stop using GFP_NOTRACK and SLAB_NOTRACK 2018-02-22 15:42:23 +01:00
xts.c crypto: xts - Fix an error handling path in 'create()' 2017-10-07 12:04:31 +08:00