Patch "crypto: af_alg - Add nokey compatibility path" has been added to the 4.3-stable tree

All of lore.kernel.org
 help / color / mirror / Atom feed

From: <gregkh@linuxfoundation.org>
To: herbert@gondor.apana.org.au, gregkh@linuxfoundation.org
Cc: <stable@vger.kernel.org>, <stable-commits@vger.kernel.org>
Subject: Patch "crypto: af_alg - Add nokey compatibility path" has been added to the 4.3-stable tree
Date: Sun, 14 Feb 2016 13:30:38 -0800	[thread overview]
Message-ID: <145548543823546@kroah.com> (raw)


This is a note to let you know that I've just added the patch titled

    crypto: af_alg - Add nokey compatibility path

to the 4.3-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     crypto-af_alg-add-nokey-compatibility-path.patch
and it can be found in the queue-4.3 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.


>From 37766586c965d63758ad542325a96d5384f4a8c9 Mon Sep 17 00:00:00 2001
From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Mon, 4 Jan 2016 13:35:18 +0900
Subject: crypto: af_alg - Add nokey compatibility path

From: Herbert Xu <herbert@gondor.apana.org.au>

commit 37766586c965d63758ad542325a96d5384f4a8c9 upstream.

This patch adds a compatibility path to support old applications
that do acept(2) before setkey.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 crypto/af_alg.c         |   13 ++++++++++++-
 include/crypto/if_alg.h |    2 ++
 2 files changed, 14 insertions(+), 1 deletion(-)

--- a/crypto/af_alg.c
+++ b/crypto/af_alg.c
@@ -76,6 +76,8 @@ int af_alg_register_type(const struct af
 		goto unlock;
 
 	type->ops->owner = THIS_MODULE;
+	if (type->ops_nokey)
+		type->ops_nokey->owner = THIS_MODULE;
 	node->type = type;
 	list_add(&node->list, &alg_types);
 	err = 0;
@@ -267,6 +269,7 @@ int af_alg_accept(struct sock *sk, struc
 	const struct af_alg_type *type;
 	struct sock *sk2;
 	int err;
+	bool nokey;
 
 	lock_sock(sk);
 	type = ask->type;
@@ -285,12 +288,17 @@ int af_alg_accept(struct sock *sk, struc
 	security_sk_clone(sk, sk2);
 
 	err = type->accept(ask->private, sk2);
+
+	nokey = err == -ENOKEY;
+	if (nokey && type->accept_nokey)
+		err = type->accept_nokey(ask->private, sk2);
+
 	if (err)
 		goto unlock;
 
 	sk2->sk_family = PF_ALG;
 
-	if (!ask->refcnt++)
+	if (nokey || !ask->refcnt++)
 		sock_hold(sk);
 	alg_sk(sk2)->parent = sk;
 	alg_sk(sk2)->type = type;
@@ -298,6 +306,9 @@ int af_alg_accept(struct sock *sk, struc
 	newsock->ops = type->ops;
 	newsock->state = SS_CONNECTED;
 
+	if (nokey)
+		newsock->ops = type->ops_nokey;
+
 	err = 0;
 
 unlock:
--- a/include/crypto/if_alg.h
+++ b/include/crypto/if_alg.h
@@ -52,9 +52,11 @@ struct af_alg_type {
 	void (*release)(void *private);
 	int (*setkey)(void *private, const u8 *key, unsigned int keylen);
 	int (*accept)(void *private, struct sock *sk);
+	int (*accept_nokey)(void *private, struct sock *sk);
 	int (*setauthsize)(void *private, unsigned int authsize);
 
 	struct proto_ops *ops;
+	struct proto_ops *ops_nokey;
 	struct module *owner;
 	char name[14];
 };


Patches currently in stable-queue which might be from herbert@gondor.apana.org.au are

queue-4.3/crypto-fix-test-vector-for-rsa.patch
queue-4.3/crypto-algif_skcipher-use-new-skcipher-interface.patch
queue-4.3/crypto-af_alg-disallow-bind-setkey-...-after-accept-2.patch
queue-4.3/crypto-crc32c-pclmul-use-.rodata-instead-of-.rotata.patch
queue-4.3/crypto-caam-fix-non-block-aligned-hash-calculation.patch
queue-4.3/crypto-nx-fix-timing-leak-in-gcm-and-ccm-decryption.patch
queue-4.3/crypto-skcipher-copy-iv-from-desc-even-for-0-len-walks.patch
queue-4.3/crypto-skcipher-add-crypto_skcipher_has_setkey.patch
queue-4.3/crypto-algif_skcipher-add-key-check-exception-for-cipher_null.patch
queue-4.3/crypto-algif_skcipher-require-setkey-before-accept-2.patch
queue-4.3/crypto-algif_skcipher-add-nokey-compatibility-path.patch
queue-4.3/crypto-hash-add-crypto_ahash_has_setkey.patch
queue-4.3/crypto-af_alg-add-nokey-compatibility-path.patch
queue-4.3/crypto-sun4i-ss-add-missing-statesize.patch
queue-4.3/crypto-algif_hash-require-setkey-before-accept-2.patch
queue-4.3/crypto-qat-don-t-use-userspace-pointer.patch
queue-4.3/crypto-talitos-fix-timing-leak-in-esp-icv-verification.patch
queue-4.3/crypto-algif_hash-only-export-and-import-on-sockets-with-data.patch
queue-4.3/crypto-af_alg-fix-socket-double-free-when-accept-fails.patch

                 reply	other threads:[~2016-02-14 21:30 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=145548543823546@kroah.com \
    --to=gregkh@linuxfoundation.org \
    --cc=herbert@gondor.apana.org.au \
    --cc=stable-commits@vger.kernel.org \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.