Commit dc6fef2c authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 

Pull crypto fixes from Herbert Xu:
 "This fixes the following issues:
   - Zero-length DMA mapping in caam
   - Invalidly mapping stack memory for DMA in talitos
   - Use after free in cavium/nitrox
   - Key parsing in authenc
   - Undefined shift in sm3
   - Bogus completion call in authencesn
   - SHA support detection in caam"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: sm3 - fix undefined shift by >= width of value
  crypto: talitos - fix ablkcipher for CONFIG_VMAP_STACK
  crypto: talitos - reorder code in talitos_edesc_alloc()
  crypto: adiantum - initialize crypto_spawn::inst
  crypto: cavium/nitrox - Use after free in process_response_list()
  crypto: authencesn - Avoid twice completion call in decrypt path
  crypto: caam - fix SHA support detection
  crypto: caam - fix zero-length buffer DMA mapping
  crypto: ccree - convert to use crypto_authenc_extractkeys()
  crypto: bcm - convert to use crypto_authenc_extractkeys()
  crypto: authenc - fix parsing key with misaligned rta_len
parents 6e434bf2 d45a90cb

crypto/adiantum.c

+4 −0
Original line number Diff line number Diff line
@@ -539,6 +539,8 @@ static int adiantum_create(struct crypto_template *tmpl, struct rtattr **tb) 
	ictx = skcipher_instance_ctx(inst);



	/* Stream cipher, e.g. "xchacha12" */

	crypto_set_skcipher_spawn(&ictx->streamcipher_spawn,

				  skcipher_crypto_instance(inst));

	err = crypto_grab_skcipher(&ictx->streamcipher_spawn, streamcipher_name,

				   0, crypto_requires_sync(algt->type,

							   algt->mask));
@@ -547,6 +549,8 @@ static int adiantum_create(struct crypto_template *tmpl, struct rtattr **tb) 
	streamcipher_alg = crypto_spawn_skcipher_alg(&ictx->streamcipher_spawn);



	/* Block cipher, e.g. "aes" */

	crypto_set_spawn(&ictx->blockcipher_spawn,

			 skcipher_crypto_instance(inst));

	err = crypto_grab_spawn(&ictx->blockcipher_spawn, blockcipher_name,

				CRYPTO_ALG_TYPE_CIPHER, CRYPTO_ALG_TYPE_MASK);

	if (err)

crypto/authenc.c

+11 −3
Original line number Diff line number Diff line
@@ -58,14 +58,22 @@ int crypto_authenc_extractkeys(struct crypto_authenc_keys *keys, const u8 *key, 
		return -EINVAL;

	if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM)

		return -EINVAL;

	if (RTA_PAYLOAD(rta) < sizeof(*param))



	/*

	 * RTA_OK() didn't align the rtattr's payload when validating that it

	 * fits in the buffer.  Yet, the keys should start on the next 4-byte

	 * aligned boundary.  To avoid confusion, require that the rtattr

	 * payload be exactly the param struct, which has a 4-byte aligned size.

	 */

	if (RTA_PAYLOAD(rta) != sizeof(*param))

		return -EINVAL;

	BUILD_BUG_ON(sizeof(*param) % RTA_ALIGNTO);



	param = RTA_DATA(rta);

	keys->enckeylen = be32_to_cpu(param->enckeylen);



	key += RTA_ALIGN(rta->rta_len);

	keylen -= RTA_ALIGN(rta->rta_len);

	key += rta->rta_len;

	keylen -= rta->rta_len;



	if (keylen < keys->enckeylen)

		return -EINVAL;

crypto/authencesn.c

+1 −1
Original line number Diff line number Diff line
@@ -279,7 +279,7 @@ static void authenc_esn_verify_ahash_done(struct crypto_async_request *areq, 
	struct aead_request *req = areq->data;



	err = err ?: crypto_authenc_esn_decrypt_tail(req, 0);

	aead_request_complete(req, err);

	authenc_esn_request_complete(req, err);

}



static int crypto_authenc_esn_decrypt(struct aead_request *req)

crypto/sm3_generic.c

+1 −1
Original line number Diff line number Diff line
@@ -100,7 +100,7 @@ static void sm3_compress(u32 *w, u32 *wt, u32 *m) 


	for (i = 0; i <= 63; i++) {



		ss1 = rol32((rol32(a, 12) + e + rol32(t(i), i)), 7);

		ss1 = rol32((rol32(a, 12) + e + rol32(t(i), i & 31)), 7);



		ss2 = ss1 ^ rol32(a, 12);

drivers/crypto/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -692,6 +692,7 @@ config CRYPTO_DEV_BCM_SPU 
	depends on ARCH_BCM_IPROC

	depends on MAILBOX

	default m

	select CRYPTO_AUTHENC

	select CRYPTO_DES

	select CRYPTO_MD5

	select CRYPTO_SHA1