Am Montag, 9. Oktober 2017, 16:19:25 CEST schrieb Herbert Xu:
Hi Herbert,
> On Sat, Oct 07, 2017 at 02:56:24PM +0200, Stephan Müller wrote:
> > Though, this opens up the shash issue I tried to fix.
>
> Does this patch fix the crash?
I get the following during boot:
[1.042673]
On Sat, Oct 07, 2017 at 02:56:24PM +0200, Stephan Müller wrote:
>
> Though, this opens up the shash issue I tried to fix.
Does this patch fix the crash?
---8<---
Subject: crypto: shash - Fix zero-length shash ahash digest crash
The shash ahash digest adaptor function may crash if given a
Am Samstag, 7. Oktober 2017, 05:29:48 CEST schrieb Herbert Xu:
Hi Herbert,
> I see the problem now. This was introduced with the skcipher walk
> interface. The blkcipher walk interface didn't have this issue.
>
> I guess we should add a zero test vector once this is fixed.
Thank you.
This
On Sat, Oct 07, 2017 at 05:21:38AM +0200, Stephan Müller wrote:
>
> The bug happens with the following invocation sequence:
>
> setsockopt(3, SOL_ALG, 5, NULL, 1) = -1 EBUSY (Device or resource busy)
> sendmsg(6, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0,
>
Am Samstag, 7. Oktober 2017, 05:07:52 CEST schrieb Herbert Xu:
Hi Herbert,
> On Sat, Oct 07, 2017 at 04:53:46AM +0200, Stephan Müller wrote:
> > I use authenc(hmac(sha256),cbc(aes)) which in turn uses cbc-aes-aesni on
> > my
> > system.
>
> So where exactly is it crashing in cbc-aes-aesni?
On Sat, Oct 07, 2017 at 04:53:46AM +0200, Stephan Müller wrote:
>
> I use authenc(hmac(sha256),cbc(aes)) which in turn uses cbc-aes-aesni on my
> system.
So where exactly is it crashing in cbc-aes-aesni? AFAICS it should
handle the zero case just fine. Or is it hmac that's crashing as
your
Am Samstag, 7. Oktober 2017, 04:46:35 CEST schrieb Herbert Xu:
Hi Herbert,
> Hmm this just papers over bugs in the underlying code. Which
> algorithm is causing the crash with a zero input? They're supposed
> to handle this case.
The bug happens with authenc. It is surely possible to modify
On Sun, Sep 24, 2017 at 08:24:58AM +0200, Stephan Müller wrote:
> The encryption / decryption operation is a noop in case the caller
> provides zero input data. As this noop is a "valid" operation, the API
> calls will return no error, but simply skip any processing.
>
> This fixes a kernel crash
