From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Eric Biggers <ebiggers@google.com>,
Herbert Xu <herbert@gondor.apana.org.au>
Subject: [PATCH 4.14 20/59] crypto: bcm - convert to use crypto_authenc_extractkeys()
Date: Mon, 21 Jan 2019 14:43:45 +0100 [thread overview]
Message-ID: <20190121122458.764763223@linuxfoundation.org> (raw)
In-Reply-To: <20190121122456.529172919@linuxfoundation.org>
4.14-stable review patch. If anyone has any objections, please let me know.
------------------
From: Eric Biggers <ebiggers@google.com>
commit ab57b33525c3221afaebd391458fa0cbcd56903d upstream.
Convert the bcm crypto driver to use crypto_authenc_extractkeys() so
that it picks up the fix for broken validation of rtattr::rta_len.
This also fixes the DES weak key check to actually be done on the right
key. (It was checking the authentication key, not the encryption key...)
Fixes: 9d12ba86f818 ("crypto: brcm - Add Broadcom SPU driver")
Cc: <stable@vger.kernel.org> # v4.11+
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/crypto/Kconfig | 1 +
drivers/crypto/bcm/cipher.c | 44 +++++++++++++-------------------------------
2 files changed, 14 insertions(+), 31 deletions(-)
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -679,6 +679,7 @@ config CRYPTO_DEV_BCM_SPU
depends on ARCH_BCM_IPROC
depends on MAILBOX
default m
+ select CRYPTO_AUTHENC
select CRYPTO_DES
select CRYPTO_MD5
select CRYPTO_SHA1
--- a/drivers/crypto/bcm/cipher.c
+++ b/drivers/crypto/bcm/cipher.c
@@ -2846,44 +2846,28 @@ static int aead_authenc_setkey(struct cr
struct spu_hw *spu = &iproc_priv.spu;
struct iproc_ctx_s *ctx = crypto_aead_ctx(cipher);
struct crypto_tfm *tfm = crypto_aead_tfm(cipher);
- struct rtattr *rta = (void *)key;
- struct crypto_authenc_key_param *param;
- const u8 *origkey = key;
- const unsigned int origkeylen = keylen;
-
- int ret = 0;
+ struct crypto_authenc_keys keys;
+ int ret;
flow_log("%s() aead:%p key:%p keylen:%u\n", __func__, cipher, key,
keylen);
flow_dump(" key: ", key, keylen);
- if (!RTA_OK(rta, keylen))
- goto badkey;
- if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM)
+ ret = crypto_authenc_extractkeys(&keys, key, keylen);
+ if (ret)
goto badkey;
- if (RTA_PAYLOAD(rta) < sizeof(*param))
- goto badkey;
-
- param = RTA_DATA(rta);
- ctx->enckeylen = be32_to_cpu(param->enckeylen);
- key += RTA_ALIGN(rta->rta_len);
- keylen -= RTA_ALIGN(rta->rta_len);
-
- if (keylen < ctx->enckeylen)
- goto badkey;
- if (ctx->enckeylen > MAX_KEY_SIZE)
+ if (keys.enckeylen > MAX_KEY_SIZE ||
+ keys.authkeylen > MAX_KEY_SIZE)
goto badkey;
- ctx->authkeylen = keylen - ctx->enckeylen;
-
- if (ctx->authkeylen > MAX_KEY_SIZE)
- goto badkey;
+ ctx->enckeylen = keys.enckeylen;
+ ctx->authkeylen = keys.authkeylen;
- memcpy(ctx->enckey, key + ctx->authkeylen, ctx->enckeylen);
+ memcpy(ctx->enckey, keys.enckey, keys.enckeylen);
/* May end up padding auth key. So make sure it's zeroed. */
memset(ctx->authkey, 0, sizeof(ctx->authkey));
- memcpy(ctx->authkey, key, ctx->authkeylen);
+ memcpy(ctx->authkey, keys.authkey, keys.authkeylen);
switch (ctx->alg->cipher_info.alg) {
case CIPHER_ALG_DES:
@@ -2891,7 +2875,7 @@ static int aead_authenc_setkey(struct cr
u32 tmp[DES_EXPKEY_WORDS];
u32 flags = CRYPTO_TFM_RES_WEAK_KEY;
- if (des_ekey(tmp, key) == 0) {
+ if (des_ekey(tmp, keys.enckey) == 0) {
if (crypto_aead_get_flags(cipher) &
CRYPTO_TFM_REQ_WEAK_KEY) {
crypto_aead_set_flags(cipher, flags);
@@ -2906,7 +2890,7 @@ static int aead_authenc_setkey(struct cr
break;
case CIPHER_ALG_3DES:
if (ctx->enckeylen == (DES_KEY_SIZE * 3)) {
- const u32 *K = (const u32 *)key;
+ const u32 *K = (const u32 *)keys.enckey;
u32 flags = CRYPTO_TFM_RES_BAD_KEY_SCHED;
if (!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
@@ -2957,9 +2941,7 @@ static int aead_authenc_setkey(struct cr
ctx->fallback_cipher->base.crt_flags &= ~CRYPTO_TFM_REQ_MASK;
ctx->fallback_cipher->base.crt_flags |=
tfm->crt_flags & CRYPTO_TFM_REQ_MASK;
- ret =
- crypto_aead_setkey(ctx->fallback_cipher, origkey,
- origkeylen);
+ ret = crypto_aead_setkey(ctx->fallback_cipher, key, keylen);
if (ret) {
flow_log(" fallback setkey() returned:%d\n", ret);
tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK;
next prev parent reply other threads:[~2019-01-21 13:52 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-21 13:43 [PATCH 4.14 00/59] 4.14.95-stable review Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 01/59] tty/ldsem: Wake up readers after timed out down_write() Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 02/59] tty: Hold tty_ldisc_lock() during tty_reopen() Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 03/59] tty: Simplify tty->count math in tty_reopen() Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 04/59] tty: Dont hold ldisc lock in tty_reopen() if ldisc present Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 05/59] can: gw: ensure DLC boundaries after CAN frame modification Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 06/59] mmc: sdhci-msm: Disable CDR function on TX Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 07/59] media: em28xx: Fix misplaced reset of dev->v4l::field_count Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 08/59] sched/fair: Fix bandwidth timer clock drift condition Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 09/59] Revert "scsi: target: iscsi: cxgbit: fix csk leak" Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 10/59] scsi: target: iscsi: cxgbit: fix csk leak Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 11/59] arm64/kvm: consistently handle host HCR_EL2 flags Greg Kroah-Hartman
2019-01-21 13:43 ` Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 12/59] arm64: Dont trap host pointer auth use to EL2 Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 13/59] ipv6: fix kernel-infoleak in ipv6_local_error() Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 14/59] net: bridge: fix a bug on using a neighbour cache entry without checking its state Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 15/59] packet: Do not leak dev refcounts on error exit Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 16/59] bonding: update nest level on unlink Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 17/59] ip: on queued skb use skb_header_pointer instead of pskb_may_pull Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 18/59] crypto: caam - fix zero-length buffer DMA mapping Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 19/59] crypto: authencesn - Avoid twice completion call in decrypt path Greg Kroah-Hartman
2019-01-21 13:43 ` Greg Kroah-Hartman [this message]
2019-01-21 13:43 ` [PATCH 4.14 21/59] crypto: authenc - fix parsing key with misaligned rta_len Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 22/59] Revert "btrfs: balance dirty metadata pages in btrfs_finish_ordered_io" Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 23/59] btrfs: wait on ordered extents on abort cleanup Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 24/59] Yama: Check for pid death before checking ancestry Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 25/59] scsi: core: Synchronize request queue PM status only on successful resume Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 26/59] scsi: sd: Fix cache_type_store() Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 27/59] crypto: talitos - reorder code in talitos_edesc_alloc() Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 28/59] crypto: talitos - fix ablkcipher for CONFIG_VMAP_STACK Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 29/59] mips: fix n32 compat_ipc_parse_version Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 30/59] MIPS: lantiq: Fix IPI interrupt handling Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 31/59] OF: properties: add missing of_node_put Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 32/59] mfd: tps6586x: Handle interrupts on suspend Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 33/59] media: v4l: ioctl: Validate num_planes for debug messages Greg Kroah-Hartman
2019-01-21 13:43 ` [PATCH 4.14 34/59] pstore/ram: Avoid allocation and leak of platform data Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 35/59] arm64: kaslr: ensure randomized quantities are clean to the PoC Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 36/59] Disable MSI also when pcie-octeon.pcie_disable on Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 37/59] omap2fb: Fix stack memory disclosure Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 38/59] media: vivid: fix error handling of kthread_run Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 39/59] media: vivid: set min width/height to a value > 0 Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 40/59] bpf: in __bpf_redirect_no_mac pull mac only if present Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 41/59] LSM: Check for NULL cred-security on free Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 42/59] media: vb2: vb2_mmap: move lock up Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 43/59] sunrpc: handle ENOMEM in rpcb_getport_async Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 44/59] netfilter: ebtables: account ebt_table_info to kmemcg Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 45/59] selinux: fix GPF on invalid policy Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 46/59] blockdev: Fix livelocks on loop device Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 47/59] sctp: allocate sctp_sockaddr_entry with kzalloc Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 48/59] tipc: fix uninit-value in tipc_nl_compat_link_reset_stats Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 49/59] tipc: fix uninit-value in tipc_nl_compat_bearer_enable Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 50/59] tipc: fix uninit-value in tipc_nl_compat_link_set Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 51/59] tipc: fix uninit-value in tipc_nl_compat_name_table_dump Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 52/59] tipc: fix uninit-value in tipc_nl_compat_doit Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 53/59] block/loop: Dont grab "struct file" for vfs_getattr() operation Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 54/59] block/loop: Use global lock for ioctl() operation Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 55/59] loop: Fold __loop_release into loop_release Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 56/59] loop: Get rid of loop_index_mutex Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 57/59] loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl() Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 58/59] loop: drop caches if offset or block_size are changed Greg Kroah-Hartman
2019-01-21 13:44 ` [PATCH 4.14 59/59] drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock Greg Kroah-Hartman
2019-01-22 3:07 ` [PATCH 4.14 00/59] 4.14.95-stable review Naresh Kamboju
2019-01-22 19:23 ` Guenter Roeck
2019-01-22 22:31 ` shuah
2019-01-23 9:07 ` Jon Hunter
2019-01-23 12:55 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190121122458.764763223@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=ebiggers@google.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.