[PATCH] crypto: include crypto- module prefix in template

2014-11-24 Thread Kees Cook 
This adds the module loading prefix crypto- to the template lookup
as well.

For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly
includes the crypto- prefix at every level, correctly rejecting vfat:

net-pf-38
algif-hash
crypto-vfat(blowfish)
crypto-vfat(blowfish)-all
crypto-vfat

Reported-by: Mathias Krause mini...@googlemail.com
Signed-off-by: Kees Cook keesc...@chromium.org
---
 crypto/algapi.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/algapi.c b/crypto/algapi.c
index e8d3a7dca8c4..71a8143e23b1 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -509,8 +509,8 @@ static struct crypto_template 
*__crypto_lookup_template(const char *name)
 
 struct crypto_template *crypto_lookup_template(const char *name)
 {
-   return try_then_request_module(__crypto_lookup_template(name), %s,
-  name);
+   return try_then_request_module(__crypto_lookup_template(name),
+  crypto-%s, name);
 }
 EXPORT_SYMBOL_GPL(crypto_lookup_template);
 
-- 
1.9.1


-- 
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: include crypto- module prefix in template

2014-11-24 Thread Mathias Krause 
On 24 November 2014 at 20:17, Kees Cook keesc...@chromium.org wrote:
 This adds the module loading prefix crypto- to the template lookup
 as well.

 For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly
 includes the crypto- prefix at every level, correctly rejecting vfat:

 net-pf-38
 algif-hash
 crypto-vfat(blowfish)
 crypto-vfat(blowfish)-all
 crypto-vfat

 Reported-by: Mathias Krause mini...@googlemail.com
 Signed-off-by: Kees Cook keesc...@chromium.org
 ---
  crypto/algapi.c | 4 ++--
  1 file changed, 2 insertions(+), 2 deletions(-)

That commit will break the user API again as ciphers like 'cbc(aes)'
won't work any more -- as the cbc module won't be loaded.
You're missing the MODULE_ALIAS_CRYPTO() annotaions for all the crypto
templates -- cbc, ctr, xts, hmac, ...


Regards,
Mathias
--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html