[PATCH stable 3.10.y 17/18] crypto: cryptd - initialize child shash_desc on import

From: Ard Biesheuvel commit 0bd2223594a4dcddc1e34b15774a3a4776f7749e upstream. When calling .import() on a cryptd ahash_request, the structure members that describe the child transform in the shash_desc need to be initialized like they are when calling .init() Cc:

[PATCH stable 3.10.y 12/18] crypto: af_alg - Forbid bind(2) when nokey child sockets are present

From: Herbert Xu commit a6a48c565f6f112c6983e2a02b1602189ed6e26e upstream. This patch forbids the calling of bind(2) when there are child sockets created by accept(2) in existence, even if they are created on the nokey path. This is needed as those child sockets

[PATCH stable 3.10.y 06/18] crypto: algif_hash - Require setkey before accept(2)

From: Herbert Xu commit 6de62f15b581f920ade22d758f4c338311c2f0d4 upstream. Hash implementations that require a key may crash if you use them without setting a key. This patch adds the necessary checks so that if you do attempt to use them without a key that we

[PATCH stable 3.10.y 00/18] Backport crypto fixes.

While fuzzing our 3.10 based kernel we observed some crashes, e.g: http://lkml.kernel.org/r/ It appears that 3.10-stable lacks some crypto related fixes. Here is my attempt to backport them. Many patches didn't apply

[PATCH stable 3.10.y 08/18] crypto: algif_skcipher - Add key check exception for cipher_null

From: Herbert Xu commit 6e8d8ecf438792ecf7a3207488fb4eebc4edb040 upstream. This patch adds an exception to the key check so that cipher_null users may continue to use algif_skcipher without setting a key. Cc: sta...@vger.kernel.org Signed-off-by: Herbert Xu

Re: [ANNOUNCE] libkcapi v0.12.0 released

Am Donnerstag, 27. Oktober 2016, 18:53:45 CEST schrieb Jeffrey Walton: Hi Jeffrey, > >> preprocessor macros we can use to guard it? > > > > I am not entirely sure I understand the question. > > See, for example, > https://github.com/openssl/openssl/blob/master/engines/afalg/e_afalg.c > > The

Re: [ANNOUNCE] libkcapi v0.12.0 released

>> > The Linux kernel exports a network interface of type AF_ALG to allow user >> > space to utilize the kernel crypto API. libkcapi uses this network >> > interface and exports an easy to use API so that a developer does not >> > need to consider the low-level network interface handling. ... >>

Re: [PATCH] crypto: fix AEAD tag memory handling

Am Donnerstag, 27. Oktober 2016, 14:42:14 CEST schrieb Mat Martineau: Hi Mat, > Stephan and Herbert, > > On Thu, 27 Oct 2016, Stephan Mueller wrote: > > Hi Herbert, > > > > for this patch, I have updated the testing for libkcapi accordingly and > > all > > tests pass. I will push the libkcapi

Re: [PATCH] crypto: fix AEAD tag memory handling

Stephan and Herbert, On Thu, 27 Oct 2016, Stephan Mueller wrote: Hi Herbert, for this patch, I have updated the testing for libkcapi accordingly and all tests pass. I will push the libkcapi code 0.12 with that test code change out shortly. Using the current upstream version of 0.11.1 will

Re: [PATCH] crypto: acomp: export all scomp interfaces

Hi Arnd, On Thu, Oct 27, 2016 at 04:09:49PM +0200, Arnd Bergmann wrote: > The newly added scomp/acomp interface has a couple of functions > that should be exported to allow linking the two drivers > as loadable modules: > > ERROR: "crypto_acomp_scomp_free_ctx" [crypto/acompress.ko] undefined! >

[PATCH stable 3.10.y 11/18] crypto: algif_skcipher - Remove custom release parent function

From: Herbert Xu commit d7b65aee1e7b4c87922b0232eaba56a8a143a4a0 upstream. This patch removes the custom release parent function as the generic af_alg_release_parent now works for nokey sockets too. Cc: sta...@vger.kernel.org Signed-off-by: Herbert Xu

[PATCH stable 3.10.y 02/18] crypto: af_alg - Disallow bind/setkey/... after accept(2)

From: Herbert Xu commit c840ac6af3f8713a71b4d2363419145760bd6044 upstream. Each af_alg parent socket obtained by socket(2) corresponds to a tfm object once bind(2) has succeeded. An accept(2) call on that parent socket creates a context which then uses the tfm

[PATCH stable 3.10.y 16/18] crypto: shash - Fix has_key setting

From: Herbert Xu commit 00420a65fa2beb3206090ead86942484df2275f3 upstream. The has_key logic is wrong for shash algorithms as they always have a setkey function. So we should instead be testing against shash_no_setkey. Fixes: a5596d633278 ("crypto: hash - Add

[PATCH stable 3.10.y 15/18] crypto: algif_skcipher - Load TX SG list after waiting

From: Herbert Xu commit 4f0414e54e4d1893c6f08260693f8ef84c929293 upstream. We need to load the TX SG list in sendmsg(2) after waiting for incoming data, not before. Cc: sta...@vger.kernel.org Reported-by: Dmitry Vyukov Signed-off-by: Herbert Xu

[PATCH stable 3.10.y 05/18] crypto: hash - Add crypto_ahash_has_setkey

From: Herbert Xu commit a5596d6332787fd383b3b5427b41f94254430827 upstream. This patch adds a way for ahash users to determine whether a key is required by a crypto_ahash transform. Cc: sta...@vger.kernel.org Signed-off-by: Herbert Xu

[PATCH stable 3.10.y 10/18] crypto: algif_hash - Remove custom release parent function

From: Herbert Xu commit f1d84af1835846a5a2b827382c5848faf2bb0e75 upstream. This patch removes the custom release parent function as the generic af_alg_release_parent now works for nokey sockets too. Cc: sta...@vger.kernel.org Signed-off-by: Herbert Xu

[PATCH stable 3.10.y 07/18] crypto: skcipher - Add crypto_skcipher_has_setkey

From: Herbert Xu commit a1383cd86a062fc798899ab20f0ec2116cce39cb upstream. This patch adds a way for skcipher users to determine whether a key is required by a transform. Cc: sta...@vger.kernel.org Signed-off-by: Herbert Xu

[PATCH stable 3.10.y 04/18] crypto: algif_skcipher - Add nokey compatibility path

From: Herbert Xu commit a0fa2d037129a9849918a92d91b79ed6c7bd2818 upstream. This patch adds a compatibility path to support old applications that do acept(2) before setkey. Cc: sta...@vger.kernel.org Signed-off-by: Herbert Xu

[PATCH stable 3.10.y 18/18] crypto: skcipher - Fix blkcipher walk OOM crash

From: Herbert Xu commit acdb04d0b36769b3e05990c488dc74d8b7ac8060 upstream. When we need to allocate a temporary blkcipher_walk_next and it fails, the code is supposed to take the slow path of processing the data block by block. However, due to an unrelated change

[PATCH stable 3.10.y 14/18] crypto: algif_skcipher - Fix race condition in skcipher_check_key

From: Herbert Xu commit 1822793a523e5d5730b19cc21160ff1717421bc8 upstream. We need to lock the child socket in skcipher_check_key as otherwise two simultaneous calls can cause the parent socket to be freed. Cc: sta...@vger.kernel.org Signed-off-by: Herbert Xu

[PATCH stable 3.10.y 09/18] crypto: af_alg - Allow af_af_alg_release_parent to be called on nokey path

From: Herbert Xu commit 6a935170a980024dd29199e9dbb5c4da4767a1b9 upstream. This patch allows af_alg_release_parent to be called even for nokey sockets. Cc: sta...@vger.kernel.org Signed-off-by: Herbert Xu Signed-off-by: Andrey Ryabinin

[PATCH stable 3.10.y 13/18] crypto: algif_hash - Fix race condition in hash_check_key

From: Herbert Xu commit ad46d7e33219218605ea619e32553daf4f346b9f upstream. We need to lock the child socket in hash_check_key as otherwise two simultaneous calls can cause the parent socket to be freed. Cc: sta...@vger.kernel.org Signed-off-by: Herbert Xu

[PATCH stable 3.10.y 01/18] crypto: algif_skcipher - Require setkey before accept(2)

From: Herbert Xu commit dd504589577d8e8e70f51f997ad487a4cb6c026f upstream. Some cipher implementations will crash if you try to use them without calling setkey first. This patch adds a check so that the accept(2) call will fail with -ENOKEY if setkey hasn't been

[PATCH stable 3.10.y 03/18] crypto: af_alg - Add nokey compatibility path

From: Herbert Xu commit 37766586c965d63758ad542325a96d5384f4a8c9 upstream. This patch adds a compatibility path to support old applications that do acept(2) before setkey. Cc: sta...@vger.kernel.org Signed-off-by: Herbert Xu

Re: [PATCH stable 3.10.y 00/18] Backport crypto fixes.

Hi Andrey, On Thu, Oct 27, 2016 at 05:29:33PM +0300, Andrey Ryabinin wrote: > While fuzzing our 3.10 based kernel we observed some crashes, e.g: > > http://lkml.kernel.org/r/ > > It appears that 3.10-stable lacks some

Re: AEAD Question

Hello Stephan Thank you for your fast answer My idea is to do zero copy encryption and the cipher I am using is authenc(hmac(sha1),cbc(aes). The layout of my buffer is espHeader(AD) || IV || plaintext || Integrity (TAG) As I see it, the SGs do point to the same buffer, but they do not overlap

Re: [PATCH 6/6] Add support for AEAD algos.

On 14-10-2016 19:54, Stephan Mueller wrote: > Am Donnerstag, 13. Oktober 2016, 16:39:39 CEST schrieb Harsh Jain: > > Hi Harsh, > >> Add support for following AEAD algos. >> GCM,CCM,RFC4106,RFC4309,authenc(hmac(shaXXX),cbc(aes)). >> >> Signed-off-by: Harsh Jain >> --- >>

[PATCH] crypto: acomp: export all scomp interfaces

The newly added scomp/acomp interface has a couple of functions that should be exported to allow linking the two drivers as loadable modules: ERROR: "crypto_acomp_scomp_free_ctx" [crypto/acompress.ko] undefined! ERROR: "crypto_acomp_scomp_alloc_ctx" [crypto/acompress.ko] undefined! ERROR: