On Thu, Dec 01, 2016 at 05:47:02PM -0800, Tim Chen wrote:
> On Thu, 2016-12-01 at 19:00 -0500, Mikulas Patocka wrote:
> > Hi
> > 
> > There is a bug in mcryptd initialization.
> > 
> > This is a test module that tries various hash algorithms. When you load 
> > the module with "insmod test.ko 'alg=mcryptd(md5)'", the machine crashes.
> I don't think your test setup is right.  The mcryptd supports only 
> multi-buffer
> algorithm.  I don't think there is such an implementation for md5.
> Please refer to arch/x86/crypto/sha1-mb 
> multi-buffer implementation of sha1 to see the proper
> setup and usage with mcryptd.  You can also run tcrypt test to
> exercise this code.
> Tim

No, mcryptd must not crash the kernel if it's passed the wrong algorithm.
Users can try to instantiate it with any algorithm using AF_ALG, for example:

        struct sockaddr_alg addr = {
                .salg_type = "hash",
                .salg_name = "mcryptd(md5)",
        int fd = socket(AF_ALG, SOCK_SEQPACKET, 0);

        bind(fd, (struct sockaddr *)&addr, sizeof(addr));

Currently, this instantly crashes the kernel.


dm-devel mailing list

Reply via email to