mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-11 02:59:12 +00:00
Code Issues Releases Wiki Activity
linux-stable/arch/arm64
History
Eric Biggers d42d342022 crypto: arm64/aes-neonbs - don't access already-freed walk.iv 
commit 4a8108b705 upstream.

If the user-provided IV needs to be aligned to the algorithm's
alignmask, then skcipher_walk_virt() copies the IV into a new aligned
buffer walk.iv.  But skcipher_walk_virt() can fail afterwards, and then
if the caller unconditionally accesses walk.iv, it's a use-after-free.

xts-aes-neonbs doesn't set an alignmask, so currently it isn't affected
by this despite unconditionally accessing walk.iv.  However this is more
subtle than desired, and unconditionally accessing walk.iv has caused a
real problem in other algorithms.  Thus, update xts-aes-neonbs to start
checking the return value of skcipher_walk_virt().

Fixes: 1abee99eaf ("crypto: arm64/aes - reimplement bit-sliced ARM/NEON implementation for arm64")
Cc: <stable@vger.kernel.org> # v4.11+
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-05-22 07:37:37 +02:00
..
boot arm64: dts: rockchip: Disable DCMDs on RK3399's eMMC controller. 2019-05-22 07:37:35 +02:00
configs arm64: defconfig: Enable TI's AM6 SoC platform 2018-08-29 11:51:26 -07:00
crypto crypto: arm64/aes-neonbs - don't access already-freed walk.iv 2019-05-22 07:37:37 +02:00
include arm64: compat: Reduce address limit 2019-05-22 07:37:36 +02:00
kernel arm64: Clear OSDLR_EL1 on CPU boot 2019-05-22 07:37:36 +02:00
kvm KVM: arm64: Reset the PMU in preemptible context 2019-05-04 09:20:13 +02:00
lib arm64: lse: remove -fcall-used-x0 flag 2018-11-13 11:08:54 -08:00
mm arm64: Save and restore OSDLR_EL1 across suspend/resume 2019-05-22 07:37:36 +02:00
net bpf, arm64: save 4 bytes in prologue when ebpf insns came from cbpf 2018-05-14 19:11:45 -07:00
xen arm64: mm: Add additional parameter to uaccess_ttbr0_disable 2018-01-17 13:57:49 +01:00
Kconfig arm64: mm: always enable CONFIG_HOLES_IN_ZONE 2018-08-31 11:06:45 +01:00
Kconfig.debug Kconfig: consolidate the "Kernel hacking" menu 2018-08-02 08:06:48 +09:00
Kconfig.platforms ARM: SoC: late updates 2018-08-25 14:12:36 -07:00
Makefile arm64: relocatable: fix inconsistencies in linker script and options 2019-01-13 09:51:08 +01:00