Skip to content

Commit 55f058e

Browse files
torvaldstorvalds
committed
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu: "This fixes the following issues: - Incorrect output buffer size calculation in rsa-pkcs1pad - Uninitialised padding bytes on exported state in ccp driver - Potentially freed pointer used on completion callback in sha1-mb" * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: ccp - Prevent information leakage on export crypto: sha1-mb - use corrcet pointer while completing jobs crypto: rsa-pkcs1pad - fix dst len
2 parents 9a0e3ee + f709b45 commit 55f058e

File tree

4 files changed

+14
-8
lines changed

4 files changed

+14
-8
lines changed

arch/x86/crypto/sha-mb/sha1_mb.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -453,10 +453,10 @@ static int sha_complete_job(struct mcryptd_hash_request_ctx *rctx,
453453

454454
req = cast_mcryptd_ctx_to_req(req_ctx);
455455
if (irqs_disabled())
456-
rctx->complete(&req->base, ret);
456+
req_ctx->complete(&req->base, ret);
457457
else {
458458
local_bh_disable();
459-
rctx->complete(&req->base, ret);
459+
req_ctx->complete(&req->base, ret);
460460
local_bh_enable();
461461
}
462462
}

crypto/rsa-pkcs1pad.c

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -387,16 +387,16 @@ static int pkcs1pad_decrypt(struct akcipher_request *req)
387387
req_ctx->child_req.src = req->src;
388388
req_ctx->child_req.src_len = req->src_len;
389389
req_ctx->child_req.dst = req_ctx->out_sg;
390-
req_ctx->child_req.dst_len = ctx->key_size - 1;
390+
req_ctx->child_req.dst_len = ctx->key_size ;
391391

392-
req_ctx->out_buf = kmalloc(ctx->key_size - 1,
392+
req_ctx->out_buf = kmalloc(ctx->key_size,
393393
(req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
394394
GFP_KERNEL : GFP_ATOMIC);
395395
if (!req_ctx->out_buf)
396396
return -ENOMEM;
397397

398398
pkcs1pad_sg_set_buf(req_ctx->out_sg, req_ctx->out_buf,
399-
ctx->key_size - 1, NULL);
399+
ctx->key_size, NULL);
400400

401401
akcipher_request_set_tfm(&req_ctx->child_req, ctx->child);
402402
akcipher_request_set_callback(&req_ctx->child_req, req->base.flags,
@@ -595,16 +595,16 @@ static int pkcs1pad_verify(struct akcipher_request *req)
595595
req_ctx->child_req.src = req->src;
596596
req_ctx->child_req.src_len = req->src_len;
597597
req_ctx->child_req.dst = req_ctx->out_sg;
598-
req_ctx->child_req.dst_len = ctx->key_size - 1;
598+
req_ctx->child_req.dst_len = ctx->key_size;
599599

600-
req_ctx->out_buf = kmalloc(ctx->key_size - 1,
600+
req_ctx->out_buf = kmalloc(ctx->key_size,
601601
(req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
602602
GFP_KERNEL : GFP_ATOMIC);
603603
if (!req_ctx->out_buf)
604604
return -ENOMEM;
605605

606606
pkcs1pad_sg_set_buf(req_ctx->out_sg, req_ctx->out_buf,
607-
ctx->key_size - 1, NULL);
607+
ctx->key_size, NULL);
608608

609609
akcipher_request_set_tfm(&req_ctx->child_req, ctx->child);
610610
akcipher_request_set_callback(&req_ctx->child_req, req->base.flags,

drivers/crypto/ccp/ccp-crypto-aes-cmac.c

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -225,6 +225,9 @@ static int ccp_aes_cmac_export(struct ahash_request *req, void *out)
225225
struct ccp_aes_cmac_req_ctx *rctx = ahash_request_ctx(req);
226226
struct ccp_aes_cmac_exp_ctx state;
227227

228+
/* Don't let anything leak to 'out' */
229+
memset(&state, 0, sizeof(state));
230+
228231
state.null_msg = rctx->null_msg;
229232
memcpy(state.iv, rctx->iv, sizeof(state.iv));
230233
state.buf_count = rctx->buf_count;

drivers/crypto/ccp/ccp-crypto-sha.c

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -212,6 +212,9 @@ static int ccp_sha_export(struct ahash_request *req, void *out)
212212
struct ccp_sha_req_ctx *rctx = ahash_request_ctx(req);
213213
struct ccp_sha_exp_ctx state;
214214

215+
/* Don't let anything leak to 'out' */
216+
memset(&state, 0, sizeof(state));
217+
215218
state.type = rctx->type;
216219
state.msg_bits = rctx->msg_bits;
217220
state.first = rctx->first;

0 commit comments

Comments
 (0)