ccea9767d3cc25f1540b4c2474238fbf32809666
29 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Ivaylo Georgiev
|
63399e395a |
Merge android-4.19-q.79 (40321f2) into msm-4.19
* refs/heads/tmp-40321f2: Linux 4.19.79 nl80211: validate beacon head cfg80211: Use const more consistently in for_each_element macros cfg80211: add and use strongly typed element iteration macros staging: erofs: detect potential multiref due to corrupted images staging: erofs: add two missing erofs_workgroup_put for corrupted images staging: erofs: some compressed cluster should be submitted for corrupted images staging: erofs: fix an error handling in erofs_readdir() coresight: etm4x: Use explicit barriers on enable/disable vfs: Fix EOVERFLOW testing in put_compat_statfs64 arm64/speculation: Support 'mitigations=' cmdline option arm64: Use firmware to detect CPUs that are not affected by Spectre-v2 arm64: Force SSBS on context switch arm64: ssbs: Don't treat CPUs with SSBS as unaffected by SSB arm64: add sysfs vulnerability show for speculative store bypass arm64: add sysfs vulnerability show for spectre-v2 arm64: Always enable spectre-v2 vulnerability detection arm64: Advertise mitigation of Spectre-v2, or lack thereof arm64: Provide a command line to disable spectre_v2 mitigation arm64: Always enable ssb vulnerability detection arm64: enable generic CPU vulnerabilites support arm64: add sysfs vulnerability show for meltdown arm64: Add sysfs vulnerability show for spectre-v1 arm64: fix SSBS sanitization arm64: docs: Document SSBS HWCAP KVM: arm64: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe arm64: ssbd: Add support for PSTATE.SSBS rather than trapping to EL3 riscv: Avoid interrupts being erroneously enabled in handle_exception() perf stat: Reset previous counts on repeat with interval perf tools: Fix segfault in cpu_cache_level__read() tick: broadcast-hrtimer: Fix a race in bc_set_next tools lib traceevent: Do not free tep->cmdlines in add_new_comm() on failure powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag powerpc/pseries: Fix cpu_hotplug_lock acquisition in resize_hpt() nbd: fix crash when the blksize is zero KVM: nVMX: Fix consistency check on injected exception error code KVM: PPC: Book3S HV: XIVE: Free escalation interrupts before disabling the VP drm/radeon: Bail earlier when radeon.cik_/si_support=0 is passed nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs perf unwind: Fix libunwind build failure on i386 systems kernel/elfcore.c: include proper prototypes perf build: Add detection of java-11-openjdk-devel package sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr() sched/membarrier: Fix private expedited registration check sched/membarrier: Call sync_core only before usermode for same mm libnvdimm/nfit_test: Fix acpi_handle redefinition fuse: fix memleak in cuse_channel_open libnvdimm/region: Initialize bad block for volatile namespaces thermal_hwmon: Sanitize thermal_zone type thermal: Fix use-after-free when unregistering thermal zone device ntb: point to right memory window index x86/purgatory: Disable the stackleak GCC plugin for the purgatory pwm: stm32-lp: Add check in case requested period cannot be achieved pNFS: Ensure we do clear the return-on-close layout stateid on fatal errors drm/amdgpu: Check for valid number of registers to read drm/amdgpu: Fix KFD-related kernel oops on Hawaii netfilter: nf_tables: allow lookups in dynamic sets watchdog: aspeed: Add support for AST2600 ceph: reconnect connection if session hang in opening state ceph: fix directories inode i_blkbits initialization xen/pci: reserve MCFG areas earlier 9p: avoid attaching writeback_fid on mmap with type PRIVATE 9p: Transport error uninitialized fs: nfs: Fix possible null-pointer dereferences in encode_attrs() ima: fix freeing ongoing ahash_request ima: always return negative code for error arm64: cpufeature: Detect SSBS and advertise to userspace cfg80211: initialize on-stack chandefs s390/cio: avoid calling strlen on null pointer ieee802154: atusb: fix use-after-free at disconnect xen/xenbus: fix self-deadlock after killing user process Revert "locking/pvqspinlock: Don't wait if vCPU is preempted" mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence mmc: sdhci: improve ADMA error reporting drm/i915/gvt: update vgpu workload head pointer correctly drm/nouveau/kms/nv50-: Don't create MSTMs for eDP connectors drm/msm/dsi: Fix return value check for clk_get_parent drm/omap: fix max fclk divider for omap36xx perf stat: Fix a segmentation fault when using repeat forever watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout PCI: Restore Resizable BAR size bits correctly for 1MB BARs PCI: vmd: Fix shadow offsets to reflect spec changes timer: Read jiffies once when forwarding base clk usercopy: Avoid HIGHMEM pfn warning tracing: Make sure variable reference alias has correct var_ref_idx power: supply: sbs-battery: only return health when battery present power: supply: sbs-battery: use correct flags field MIPS: Treat Loongson Extensions as ASEs crypto: ccree - use the full crypt length value crypto: ccree - account for TEE not ready to report crypto: caam - fix concurrency issue in givencrypt descriptor crypto: cavium/zip - Add missing single_release() crypto: skcipher - Unmap pages after an external error crypto: qat - Silence smp_processor_id() warning tools lib traceevent: Fix "robust" test of do_generate_dynamic_list_file can: mcp251x: mcp251x_hw_reset(): allow more time after a reset powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions powerpc/powernv/ioda: Fix race in TCE level allocation powerpc/powernv: Restrict OPAL symbol map to only be readable by root powerpc/mce: Schedule work from irq_work powerpc/mce: Fix MCE handling for huge pages ASoC: sgtl5000: Improve VAG power and mute control ASoC: Define a set of DAPM pre/post-up events PM / devfreq: tegra: Fix kHz to Hz conversion nbd: fix max number of supported devs KVM: nVMX: handle page fault in vmread fix KVM: X86: Fix userspace set invalid CR4 KVM: PPC: Book3S HV: Don't lose pending doorbell request on migration on P9 KVM: PPC: Book3S HV: Check for MMU ready on piggybacked virtual cores KVM: PPC: Book3S HV: Fix race in re-enabling XIVE escalation interrupts s390/cio: exclude subchannels with no parent from pseudo check s390/topology: avoid firing events before kobjs are created KVM: s390: Test for bad access register and size at the start of S390_MEM_OP s390/process: avoid potential reading of freed stack ANDROID: cuttlefish_defconfig: Enable BPF_JIT and BPF_JIT_ALWAYS_ON ANDROID: arm64: bpf: implement arch_bpf_jit_check_func ANDROID: bpf: validate bpf_func when BPF_JIT is enabled with CFI UPSTREAM: kcm: use BPF_PROG_RUN Conflicts: arch/arm64/include/asm/cpucaps.h arch/arm64/include/asm/sysreg.h arch/arm64/kernel/cpu_errata.c arch/arm64/kernel/cpufeature.c arch/arm64/kernel/process.c drivers/mmc/host/sdhci.c include/linux/ieee80211.h kernel/sched/core.c net/wireless/scan.c Change-Id: I57a49ff57133edeaed48cb90e2b03fa453bf1451 Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org> |
||
|
Herbert Xu
|
cd8e0a5d94 |
crypto: skcipher - Unmap pages after an external error
commit 0ba3c026e685573bd3534c17e27da7c505ac99c4 upstream.
skcipher_walk_done may be called with an error by internal or
external callers. For those internal callers we shouldn't unmap
pages but for external callers we must unmap any pages that are
in use.
This patch distinguishes between the two cases by checking whether
walk->nbytes is zero or not. For internal callers, we now set
walk->nbytes to zero prior to the call. For external callers,
walk->nbytes has always been non-zero (as zero is used to indicate
the termination of a walk).
Reported-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Fixes:
|
||
|
Ivaylo Georgiev
|
0f3194a0fa |
Merge android-4.19.45 (50f9143) into msm-4.19
* refs/heads/tmp-50f9143:
Linux 4.19.45
ext4: don't update s_rev_level if not required
ext4: fix compile error when using BUFFER_TRACE
pstore: Refactor compression initialization
pstore: Allocate compression during late_initcall()
pstore: Centralize init/exit routines
iov_iter: optimize page_copy_sane()
libnvdimm/namespace: Fix label tracking error
xen/pvh: set xen_domain_type to HVM in xen_pvh_init
kbuild: turn auto.conf.cmd into a mandatory include file
KVM: lapic: Busy wait for timer to expire when using hv_timer
KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes
jbd2: fix potential double free
ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug
ALSA: hda/realtek - Fixup headphone noise via runtime suspend
ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14)
ext4: avoid panic during forced reboot due to aborted journal
ext4: fix use-after-free in dx_release()
ext4: fix data corruption caused by overlapping unaligned and aligned IO
ext4: zero out the unused memory region in the extent tree block
tty: Don't force RISCV SBI console as preferred console
fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount
crypto: ccm - fix incompatibility between "ccm" and "ccm_base"
ipmi:ssif: compare block number correctly for multi-part return messages
bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim()
bcache: fix a race between cache register and cacheset unregister
Btrfs: do not start a transaction at iterate_extent_inodes()
Btrfs: do not start a transaction during fiemap
Btrfs: send, flush dellaloc in order to avoid data loss
btrfs: Honour FITRIM range constraints during free space trim
btrfs: Correctly free extent buffer in case btree_read_extent_buffer_pages fails
btrfs: Check the first key and level for cached extent buffer
ext4: fix ext4_show_options for file systems w/o journal
ext4: actually request zeroing of inode table after grow
ext4: fix use-after-free race with debug_want_extra_isize
ext4: avoid drop reference to iloc.bh twice
ext4: ignore e_value_offs for xattrs with value-in-ea-inode
ext4: make sanity check in mballoc more strict
jbd2: check superblock mapped prior to committing
tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0
mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write
mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values
mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L
ACPI: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle
userfaultfd: use RCU to free the task struct when fork fails
ocfs2: fix ocfs2 read inode data panic in ocfs2_iget
hugetlb: use same fault hash key for shared and private mappings
mm/hugetlb.c: don't put_page in lock of hugetlb_lock
mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses
mm/mincore.c: make mincore() more conservative
crypto: ccree - handle tee fips error during power management resume
crypto: ccree - add function to handle cryptocell tee fips error
crypto: ccree - HOST_POWER_DOWN_EN should be the last CC access during suspend
crypto: ccree - pm resume first enable the source clk
crypto: ccree - don't map AEAD key and IV on stack
crypto: ccree - use correct internal state sizes for export
crypto: ccree - don't map MAC key on stack
crypto: ccree - fix mem leak on error path
crypto: ccree - remove special handling of chained sg
bpf, arm64: remove prefetch insn in xadd mapping
ASoC: codec: hdac_hdmi add device_link to card device
ASoC: fsl_esai: Fix missing break in switch statement
ASoC: RT5677-SPI: Disable 16Bit SPI Transfers
ASoC: max98090: Fix restore of DAPM Muxes
ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14)
ALSA: hda/realtek - EAPD turn on later
ALSA: hda/hdmi - Consider eld_valid when reporting jack event
ALSA: hda/hdmi - Read the pin sense from register when repolling
ALSA: usb-audio: Fix a memory leak bug
ALSA: line6: toneport: Fix broken usage of timer for delayed execution
mmc: core: Fix tag set memory leak
crypto: arm64/aes-neonbs - don't access already-freed walk.iv
crypto: arm/aes-neonbs - don't access already-freed walk.iv
crypto: rockchip - update IV buffer to contain the next IV
crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
crypto: arm64/gcm-aes-ce - fix no-NEON fallback code
crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
crypto: crct10dif-generic - fix use via crypto_shash_digest()
crypto: skcipher - don't WARN on unprocessed data after slow walk step
crypto: vmx - fix copy-paste error in CTR mode
crypto: ccp - Do not free psp_master when PLATFORM_INIT fails
crypto: chacha20poly1305 - set cra_name correctly
crypto: salsa20 - don't access already-freed walk.iv
crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues
crypto: crypto4xx - fix ctr-aes missing output IV
sched/x86: Save [ER]FLAGS on context switch
arm64: Save and restore OSDLR_EL1 across suspend/resume
arm64: Clear OSDLR_EL1 on CPU boot
arm64: compat: Reduce address limit
arm64: arch_timer: Ensure counter register reads occur with seqlock held
arm64: mmap: Ensure file offset is treated as unsigned
power: supply: axp288_fuel_gauge: Add ACEPC T8 and T11 mini PCs to the blacklist
power: supply: axp288_charger: Fix unchecked return value
ARM: exynos: Fix a leaked reference by adding missing of_node_put
mmc: sdhci-of-arasan: Add DTS property to disable DCMDs.
ARM: dts: exynos: Fix audio (microphone) routing on Odroid XU3
ARM: dts: exynos: Fix interrupt for shared EINTs on Exynos5260
arm64: dts: rockchip: Disable DCMDs on RK3399's eMMC controller.
objtool: Fix function fallthrough detection
x86/speculation/mds: Improve CPU buffer clear documentation
x86/speculation/mds: Revert CPU buffer clear on double fault exit
locking/rwsem: Prevent decrement of reader count before increment
fs: sdcardfs: Add missing option to show_options
BACKPORT: drm/amd/display: add -msse2 to prevent Clang from emitting libcalls to undefined SW FP routines
ANDROID: x86: use the correct function type for sys_ni_syscall
ANDROID: x86: use the correct function type for sys32_(rt_)sigreturn
ANDROID: x86: use the correct function type for native_set_fixmap
ANDROID: x86: use the correct function type in SYSCALL_DEFINE0
ANDROID: x86: add support for CONFIG_LTO_CLANG
ANDROID: x86: disable STACK_VALIDATION with LTO_CLANG
ANDROID: x86: disable HAVE_ARCH_PREL32_RELOCATIONS with LTO_CLANG
ANDROID: x86/vdso: disable LTO only for VDSO
ANDROID: x86/cpu/vmware: use the full form of inl in VMWARE_PORT
UPSTREAM: x86/build: Keep local relocations with ld.lld
ANDROID: crypto: arm64/ghash: fix CFI for GHASH CE
ANDROID: crypto: arm64/sha: fix CFI in SHA CE
ANDROID: arm64: kvm: disable CFI
ANDROID: arm64: mark kpti_install_ng_mappings as __nocfi
ANDROID: arm64: disable CFI for cpu_replace_ttbr1
FROMLIST: arm64: use the correct function type for __arm64_sys_ni_syscall
FROMLIST: arm64: use the correct function type in SYSCALL_DEFINE0
FROMLIST: arm64: fix syscall_fn_t type
ANDROID: modpost: add an exception for CFI stubs
ANDROID: ftrace: fix function type mismatches
FROMLIST: 9p: pass the correct prototype to read_cache_page
FROMLIST: jffs2: pass the correct prototype to read_cache_page
UPSTREAM: nfs: pass the correct prototype to read_cache_page
FROMLIST: mm: don't cast ->readpage to filler_t for do_read_cache_page
UPSTREAM: netfilter: xt_IDLETIMER: fix sysfs callback function type
ANDROID: kallsyms: strip the .cfi postfix from symbols with CONFIG_CFI_CLANG
ANDROID: add support for clang Control Flow Integrity (CFI)
FROMLIST: arm64: select ARCH_SUPPORTS_LTO_CLANG
ANDROID: arm64: disable HAVE_ARCH_PREL32_RELOCATIONS with LTO_CLANG
ANDROID: arm64: add atomic_ll_sc.o to obj-y if using lld
ANDROID: arm64: lse: fix LSE atomics with LTO
ANDROID: arm64: vdso: disable LTO
FROMLIST: arm64: kvm: use -fno-jump-tables with clang
BACKPORT: arm64: sysreg: Make mrs_s and msr_s macros work with Clang and LTO
ANDROID: init: ensure initcall ordering with LTO
ANDROID: drivers/misc: disable LTO for lkdtm_rodata.o
FROMLIST: efi/libstub: disable LTO
FROMLIST: scripts/mod: disable LTO for empty.c
ANDROID: kbuild: disable LTO_CLANG with KASAN
FROMLIST: kbuild: fix dynamic ftrace with clang LTO
ANDROID: kbuild: add support for clang LTO
ANDROID: kbuild: add CONFIG_LD_IS_LLD
UPSTREAM: gcov: clang support
UPSTREAM: gcov: docs: add a note on GCC vs Clang differences
UPSTREAM: gcov: clang: move common GCC code into gcc_base.c
UPSTREAM: module: add stubs for within_module functions
UPSTREAM: bpf: relax inode permission check for retrieving bpf program
Conflicts:
Makefile
arch/Kconfig
arch/arm64/kvm/hyp/Makefile
arch/x86/include/asm/syscall_wrapper.h
drivers/mmc/core/queue.c
fs/nfs/dir.c
fs/nfs/symlink.c
include/asm-generic/vmlinux.lds.h
include/linux/compiler-clang.h
include/linux/pagemap.h
kernel/cfi.c
mm/filemap.c
scripts/link-vmlinux.sh
Change-Id: I1e34675a86ecb60d7b8a87e16574ea8920f9cb12
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
|
||
|
Eric Biggers
|
aabf86f24d |
crypto: skcipher - don't WARN on unprocessed data after slow walk step
commit dcaca01a42cc2c425154a13412b4124293a6e11e upstream.
skcipher_walk_done() assumes it's a bug if, after the "slow" path is
executed where the next chunk of data is processed via a bounce buffer,
the algorithm says it didn't process all bytes. Thus it WARNs on this.
However, this can happen legitimately when the message needs to be
evenly divisible into "blocks" but isn't, and the algorithm has a
'walksize' greater than the block size. For example, ecb-aes-neonbs
sets 'walksize' to 128 bytes and only supports messages evenly divisible
into 16-byte blocks. If, say, 17 message bytes remain but they straddle
scatterlist elements, the skcipher_walk code will take the "slow" path
and pass the algorithm all 17 bytes in the bounce buffer. But the
algorithm will only be able to process 16 bytes, triggering the WARN.
Fix this by just removing the WARN_ON(). Returning -EINVAL, as the code
already does, is the right behavior.
This bug was detected by my patches that improve testmgr to fuzz
algorithms against their generic implementation.
Fixes:
|
||
|
Ivaylo Georgiev
|
6f910c4e90 |
Merge android-4.19.31 (bb418a1) into msm-4.19
* refs/heads/tmp-bb418a1: Linux 4.19.31 s390/setup: fix boot crash for machine without EDAT-1 bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata KVM: nVMX: Ignore limit checks on VMX instructions using flat segments KVM: nVMX: Apply addr size mask to effective address for VMX instructions KVM: nVMX: Sign extend displacements of VMX instr's mem operands KVM: x86/mmu: Do not cache MMIO accesses while memslots are in flux KVM: x86/mmu: Detect MMIO generation wrap in any address space KVM: Call kvm_arch_memslots_updated() before updating memslots drm/amd/display: don't call dm_pp_ function from an fpu block drm/amd/powerplay: correct power reading on fiji drm/radeon/evergreen_cs: fix missing break in switch statement drm/fb-helper: generic: Fix drm_fbdev_client_restore() media: imx: csi: Stop upstream before disabling IDMA channel media: imx: csi: Disable CSI immediately after last EOF media: vimc: Add vimc-streamer for stream control media: uvcvideo: Avoid NULL pointer dereference at the end of streaming media: lgdt330x: fix lock status reporting media: imx: prpencvf: Stop upstream before disabling IDMA channel rcu: Do RCU GP kthread self-wakeup from softirq and interrupt tpm: Unify the send callback behaviour tpm/tpm_crb: Avoid unaligned reads in crb_recv() md: Fix failed allocation of md_register_thread perf intel-pt: Fix divide by zero when TSC is not available perf/x86/intel/uncore: Fix client IMC events return huge result perf intel-pt: Fix overlap calculation for padding perf auxtrace: Define auxtrace record alignment perf tools: Fix split_kallsyms_for_kcore() for trampoline symbols perf intel-pt: Fix CYC timestamp calculation after OVF x86/unwind/orc: Fix ORC unwind table alignment vt: perform safe console erase in the right order stable-kernel-rules.rst: add link to networking patch queue bcache: never writeback a discard operation PM / wakeup: Rework wakeup source timer cancellation svcrpc: fix UDP on servers with lots of threads NFSv4.1: Reinitialise sequence results before retransmitting a request nfsd: fix wrong check in write_v4_end_grace() nfsd: fix memory corruption caused by readdir nfsd: fix performance-limiting session calculation NFS: Don't recoalesce on error in nfs_pageio_complete_mirror() NFS: Fix an I/O request leakage in nfs_do_recoalesce NFS: Fix I/O request leakages cpcap-charger: generate events for userspace mfd: sm501: Fix potential NULL pointer dereference dm integrity: limit the rate of error messages dm: fix to_sector() for 32bit ipmi_si: fix use-after-free of resource->name arm64: KVM: Fix architecturally invalid reset value for FPEXC32_EL2 arm64: debug: Ensure debug handlers check triggering exception level arm64: Fix HCR.TGE status for NMI contexts ARM: s3c24xx: Fix boolean expressions in osiris_dvs_notify powerpc/traps: Fix the message printed when stack overflows powerpc/traps: fix recoverability of machine check handling on book3s/32 powerpc/hugetlb: Don't do runtime allocation of 16G pages in LPAR configuration powerpc/ptrace: Simplify vr_get/set() to avoid GCC warning powerpc: Fix 32-bit KVM-PR lockup and host crash with MacOS guest powerpc/powernv: Don't reprogram SLW image on every KVM guest entry/exit powerpc/83xx: Also save/restore SPRG4-7 during suspend powerpc/powernv: Make opal log only readable by root powerpc/wii: properly disable use of BATs when requested. powerpc/32: Clear on-stack exception marker upon exception return security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblock selinux: add the missing walk_size + len check in selinux_sctp_bind_connect jbd2: fix compile warning when using JBUFFER_TRACE jbd2: clear dirty flag when revoking a buffer from an older transaction serial: 8250_pci: Have ACCES cards that use the four port Pericom PI7C9X7954 chip use the pci_pericom_setup() serial: 8250_pci: Fix number of ports for ACCES serial cards serial: 8250_of: assume reg-shift of 2 for mrvl,mmp-uart serial: uartps: Fix stuck ISR if RX disabled with non-empty FIFO bpf: only test gso type on gso packets drm/i915: Relax mmap VMA check can: flexcan: FLEXCAN_IFLAG_MB: add () around macro argument gpio: pca953x: Fix dereference of irq data in shutdown media: i2c: ov5640: Fix post-reset delay i2c: tegra: fix maximum transfer size parport_pc: fix find_superio io compare code, should use equal test. intel_th: Don't reference unassigned outputs device property: Fix the length used in PROPERTY_ENTRY_STRING() kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv mm/memory.c: do_fault: avoid usage of stale vm_area_struct mm/vmalloc: fix size check for remap_vmalloc_range_partial() mm: hwpoison: fix thp split handing in soft_offline_in_use_page() dmaengine: usb-dmac: Make DMAC system sleep callbacks explicit usb: typec: tps6598x: handle block writes separately with plain-I2C adapters usb: chipidea: tegra: Fix missed ci_hdrc_remove_device() clk: ingenic: Fix doc of ingenic_cgu_div_info clk: ingenic: Fix round_rate misbehaving with non-integer dividers clk: samsung: exynos5: Fix kfree() of const memory on setting driver_override clk: samsung: exynos5: Fix possible NULL pointer exception on platform_device_alloc() failure clk: clk-twl6040: Fix imprecise external abort for pdmclk clk: uniphier: Fix update register for CPU-gear ext2: Fix underflow in ext2_max_size() cxl: Wrap iterations over afu slices inside 'afu_list_lock' IB/hfi1: Close race condition on user context disable and close PCI: dwc: skip MSI init if MSIs have been explicitly disabled PCI/DPC: Fix print AER status in DPC event handling PCI/ASPM: Use LTR if already enabled by platform ext4: fix crash during online resizing ext4: add mask of ext4 flags to swap ext4: update quota information while swapping boot loader inode ext4: cleanup pagecache before swap i_data ext4: fix check of inode in swap_inode_boot_loader cpufreq: pxa2xx: remove incorrect __init annotation cpufreq: tegra124: add missing of_node_put() cpufreq: kryo: Release OPP tables on module removal x86/kprobes: Prohibit probing on optprobe template code irqchip/brcmstb-l2: Use _irqsave locking variants in non-interrupt code irqchip/gic-v3-its: Avoid parsing _indirect_ twice for Device table libertas_tf: don't set URB_ZERO_PACKET on IN USB transfer soc: qcom: rpmh: Avoid accessing freed memory from batch API Btrfs: fix corruption reading shared and compressed extents after hole punching btrfs: ensure that a DUP or RAID1 block group has exactly two stripes Btrfs: setup a nofs context for memory allocation at __btrfs_set_acl Btrfs: setup a nofs context for memory allocation at btrfs_create_tree() m68k: Add -ffreestanding to CFLAGS ovl: Do not lose security.capability xattr over metadata file copy-up ovl: During copy up, first copy up data and then xattrs splice: don't merge into linked buffers fs/devpts: always delete dcache dentry-s in dput() scsi: qla2xxx: Fix LUN discovery if loop id is not assigned yet by firmware scsi: target/iscsi: Avoid iscsit_release_commands_from_conn() deadlock scsi: sd: Optimal I/O size should be a multiple of physical block size scsi: aacraid: Fix performance issue on logical drives scsi: virtio_scsi: don't send sc payload with tmfs s390/virtio: handle find on invalid queue gracefully s390/setup: fix early warning messages clocksource/drivers/arch_timer: Workaround for Allwinner A64 timer instability clocksource/drivers/exynos_mct: Clear timer interrupt when shutdown clocksource/drivers/exynos_mct: Move one-shot check from tick clear to ISR regulator: s2mpa01: Fix step values for some LDOs regulator: max77620: Initialize values for DT properties regulator: s2mps11: Fix steps for buck7, buck8 and LDO35 spi: pxa2xx: Setup maximum supported DMA transfer length spi: ti-qspi: Fix mmap read when more than one CS in use netfilter: ipt_CLUSTERIP: fix warning unused variable cn mmc:fix a bug when max_discard is 0 mmc: sdhci-esdhc-imx: fix HS400 timing issue ACPI / device_sysfs: Avoid OF modalias creation for removed device xen: fix dom0 boot on huge systems tracing/perf: Use strndup_user() instead of buggy open-coded version tracing: Do not free iter->trace in fail path of tracing_open_pipe() tracing: Use strncpy instead of memcpy for string keys in hist triggers CIFS: Fix read after write for files with read caching CIFS: Do not skip SMB2 message IDs on send failures CIFS: Do not reset lease state to NONE on lease break crypto: arm64/aes-ccm - fix bugs in non-NEON fallback routine crypto: arm64/aes-ccm - fix logical bug in AAD MAC handling crypto: x86/morus - fix handling chunked inputs and MAY_SLEEP crypto: x86/aesni-gcm - fix crash on empty plaintext crypto: x86/aegis - fix handling chunked inputs and MAY_SLEEP crypto: testmgr - skip crc32c context test for ahash algorithms crypto: skcipher - set CRYPTO_TFM_NEED_KEY if ->setkey() fails crypto: pcbc - remove bogus memcpy()s with src == dest crypto: morus - fix handling chunked inputs crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails crypto: arm64/crct10dif - revert to C code for short inputs crypto: arm64/aes-neonbs - fix returning final keystream block crypto: arm/crct10dif - revert to C code for short inputs crypto: aegis - fix handling chunked inputs crypto: aead - set CRYPTO_TFM_NEED_KEY if ->setkey() fails fix cgroup_do_mount() handling of failure exits libnvdimm: Fix altmap reservation size calculation libnvdimm/pmem: Honor force_raw for legacy pmem regions libnvdimm, pfn: Fix over-trim in trim_pfn_device() libnvdimm/label: Clear 'updating' flag after label-set update nfit/ars: Attempt short-ARS even in the no_init_ars case nfit/ars: Attempt a short-ARS whenever the ARS state is idle at boot acpi/nfit: Fix bus command validation nfit: acpi_nfit_ctl(): Check out_obj->type in the right place stm class: Prevent division by zero tmpfs: fix uninitialized return value in shmem_link selftests: fib_tests: sleep after changing carrier. again. net: set static variable an initial value in atl2_probe() bnxt_en: Wait longer for the firmware message response to complete. bnxt_en: Fix typo in firmware message timeout logic. nfp: bpf: fix ALU32 high bits clearance bug nfp: bpf: fix code-gen bug on BPF_ALU | BPF_XOR | BPF_K net: thunderx: add nicvf_send_msg_to_pf result check for set_rx_mode_task net: thunderx: make CFG_DONE message to run through generic send-ack sequence bpf, lpm: fix lookup bug in map_delete_elem mac80211_hwsim: propagate genlmsg_reply return code phonet: fix building with clang ARCv2: don't assume core 0x54 has dual issue ARCv2: support manual regfile save on interrupts ARC: uacces: remove lp_start, lp_end from clobber list ARCv2: lib: memcpy: fix doing prefetchw outside of buffer ixgbe: fix older devices that do not support IXGBE_MRQC_L3L4TXSWEN tmpfs: fix link accounting when a tmpfile is linked in mm: handle lru_add_drain_all for UP properly net: marvell: mvneta: fix DMA debug warning ARM: tegra: Restore DT ABI on Tegra124 Chromebooks arm64: Relax GIC version check during early boot ARM: dts: armada-xp: fix Armada XP boards NAND description qed: Fix iWARP syn packet mac address validation. qed: Fix iWARP buffer size provided for syn packet processing. ASoC: topology: free created components in tplg load error mailbox: bcm-flexrm-mailbox: Fix FlexRM ring flush timeout issue xfrm: Fix inbound traffic via XFRM interfaces across network namespaces net: mv643xx_eth: disable clk on error path in mv643xx_eth_shared_probe() qmi_wwan: apply SET_DTR quirk to Sierra WP7607 pinctrl: meson: meson8b: fix the sdxc_a data 1..3 pins net: dsa: bcm_sf2: Do not assume DSA master supports WoL net: systemport: Fix reception of BPDUs scsi: libiscsi: Fix race between iscsi_xmit_task and iscsi_complete_task keys: Fix dependency loop between construction record and auth key assoc_array: Fix shortcut creation ARM: 8835/1: dma-mapping: Clear DMA ops on teardown af_key: unconditionally clone on broadcast bpf: fix lockdep false positive in stackmap bpf: only adjust gso_size on bytestream protocols ARM: 8824/1: fix a migrating irq bug when hotplug cpu esp: Skip TX bytes accounting when sending from a request socket clk: sunxi: A31: Fix wrong AHB gate number kallsyms: Handle too long symbols in kallsyms.c clk: sunxi-ng: v3s: Fix TCON reset de-assert bit Input: st-keyscan - fix potential zalloc NULL dereference auxdisplay: ht16k33: fix potential user-after-free on module unload i2c: bcm2835: Clear current buffer pointers and counts after a transfer i2c: cadence: Fix the hold bit setting net: hns: Fix object reference leaks in hns_dsaf_roce_reset() mm: page_alloc: fix ref bias in page_frag_alloc() for 1-byte allocs x86/CPU: Add Icelake model number net: dsa: bcm_sf2: potential array overflow in bcm_sf2_sw_suspend() scsi: qla2xxx: Fix panic from use after free in qla2x00_async_tm_cmd Revert "mm: use early_pfn_to_nid in page_ext_init" mm/gup: fix gup_pmd_range() for dax NFS: Don't use page_file_mapping after removing the page xprtrdma: Make sure Send CQ is allocated on an existing compvec floppy: check_events callback should not return a negative number ipvs: fix dependency on nf_defrag_ipv6 blk-mq: insert rq with DONTPREP to hctx dispatch list when requeue netfilter: compat: initialize all fields in xt_init mac80211: Fix Tx aggregation session tear down with ITXQs mac80211: call drv_ibss_join() on restart Input: matrix_keypad - use flush_delayed_work() Input: ps2-gpio - flush TX work when closing port Input: cap11xx - switch to using set_brightness_blocking() ARM: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug ASoC: samsung: Prevent clk_get_rate() calls in atomic context KVM: arm64: Forbid kprobing of the VHE world-switch code KVM: arm/arm64: vgic: Always initialize the group of private IRQs arm/arm64: KVM: Don't panic on failure to properly reset system registers arm/arm64: KVM: Allow a VCPU to fully reset itself KVM: arm/arm64: Reset the VCPU without preemption and vcpu state loaded ASoC: rsnd: fixup rsnd_ssi_master_clk_start() user count check ASoC: dapm: fix out-of-bounds accesses to DAPM lookup tables ARM: OMAP2+: Variable "reg" in function omap4_dsi_mux_pads() could be uninitialized ARM: dts: Configure clock parent for pwm vibra Input: pwm-vibra - stop regulator after disabling pwm, not before Input: pwm-vibra - prevent unbalanced regulator s390/dasd: fix using offset into zero size array error arm64: dts: rockchip: fix graph_port warning on rk3399 bob kevin and excavator KVM: arm/arm64: vgic: Make vgic_dist->lpi_list_lock a raw_spinlock clocksource: timer-ti-dm: Fix pwm dmtimer usage of fck reparenting ASoC: rt5682: Correct the setting while select ASRC clk for AD/DA filter gpu: ipu-v3: Fix CSI offsets for imx53 drm/imx: imx-ldb: add missing of_node_puts gpu: ipu-v3: Fix i.MX51 CSI control registers offset drm/imx: ignore plane updates on disabled crtcs crypto: rockchip - update new iv to device in multiple operations crypto: rockchip - fix scatterlist nents error crypto: ahash - fix another early termination in hash walk crypto: cfb - remove bogus memcpy() with src == dest crypto: cfb - add missing 'chunksize' property crypto: ccree - don't copy zero size ciphertext crypto: ccree - unmap buffer before copying IV crypto: ccree - fix free of unallocated mlli buffer crypto: caam - fix DMA mapping of stack memory crypto: caam - fixed handling of sg list crypto: ccree - fix missing break in switch statement crypto: caam - fix hash context DMA unmap size stm class: Fix an endless loop in channel allocation mei: bus: move hw module get/put to probe/release mei: hbm: clean the feature flags on link reset iio: adc: exynos-adc: Fix NULL pointer exception on unbind ASoC: codecs: pcm186x: Fix energysense SLEEP bit ASoC: codecs: pcm186x: fix wrong usage of DECLARE_TLV_DB_SCALE() ASoC: fsl_esai: fix register setting issue in RIGHT_J mode 9p/net: fix memory leak in p9_client_create 9p: use inode->i_lock to protect i_size_write() under 32-bit media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused() ANDROID: cuttlefish_defconfig: Enable CONFIG_INPUT_MOUSEDEV FROMLIST: psi: introduce psi monitor FROMLIST: refactor header includes to allow kthread.h inclusion in psi_types.h FROMLIST: psi: track changed states FROMLIST: psi: split update_stats into parts FROMLIST: psi: rename psi fields in preparation for psi trigger addition FROMLIST: psi: make psi_enable static FROMLIST: psi: introduce state_mask to represent stalled psi states ANDROID: cuttlefish_defconfig: Enable CONFIG_PSI UPSTREAM: kernel: cgroup: add poll file operation UPSTREAM: fs: kernfs: add poll file operation UPSTREAM: psi: avoid divide-by-zero crash inside virtual machines UPSTREAM: psi: clarify the Kconfig text for the default-disable option UPSTREAM: psi: fix aggregation idle shut-off UPSTREAM: psi: fix reference to kernel commandline enable UPSTREAM: psi: make disabling/enabling easier for vendor kernels UPSTREAM: kernel/sched/psi.c: simplify cgroup_move_task() UPSTREAM: psi: cgroup support UPSTREAM: psi: pressure stall information for CPU, memory, and IO UPSTREAM: sched: introduce this_rq_lock_irq() UPSTREAM: sched: sched.h: make rq locking and clock functions available in stats.h UPSTREAM: sched: loadavg: make calc_load_n() public BACKPORT: sched: loadavg: consolidate LOAD_INT, LOAD_FRAC, CALC_LOAD UPSTREAM: delayacct: track delays from thrashing cache pages UPSTREAM: mm: workingset: tell cache transitions from workingset thrashing Conflicts: arch/arm/kernel/irq.c drivers/scsi/sd.c include/linux/sched.h init/Kconfig kernel/sched/Makefile kernel/sched/sched.h kernel/workqueue.c sound/soc/soc-dapm.c Change-Id: Ia2dcc01c712134c57037ca6788d51172f66bcd93 Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org> |
||
|
Eric Biggers
|
e6c703f158 |
crypto: skcipher - set CRYPTO_TFM_NEED_KEY if ->setkey() fails
commit b1f6b4bf416b49f00f3abc49c639371cdecaaad1 upstream.
Some algorithms have a ->setkey() method that is not atomic, in the
sense that setting a key can fail after changes were already made to the
tfm context. In this case, if a key was already set the tfm can end up
in a state that corresponds to neither the old key nor the new key.
For example, in lrw.c, if gf128mul_init_64k_bbe() fails due to lack of
memory, then priv::table will be left NULL. After that, encryption with
that tfm will cause a NULL pointer dereference.
It's not feasible to make all ->setkey() methods atomic, especially ones
that have to key multiple sub-tfms. Therefore, make the crypto API set
CRYPTO_TFM_NEED_KEY if ->setkey() fails and the algorithm requires a
key, to prevent the tfm from being used until a new key is set.
[Cc stable mainly because when introducing the NEED_KEY flag I changed
AF_ALG to rely on it; and unlike in-kernel crypto API users, AF_ALG
previously didn't have this problem. So these "incompletely keyed"
states became theoretically accessible via AF_ALG -- though, the
opportunities for causing real mischief seem pretty limited.]
Fixes:
|
||
|
Kees Cook
|
69e69705c0 |
crypto: skcipher - Introduce crypto_sync_skcipher
In preparation for removal of VLAs due to skcipher requests on the stack via SKCIPHER_REQUEST_ON_STACK() usage, this introduces the infrastructure for the "sync skcipher" tfm, which is for handling the on-stack cases of skcipher, which are always non-ASYNC and have a known limited request size. The crypto API additions: struct crypto_sync_skcipher (wrapper for struct crypto_skcipher) crypto_alloc_sync_skcipher() crypto_free_sync_skcipher() crypto_sync_skcipher_setkey() crypto_sync_skcipher_get_flags() crypto_sync_skcipher_set_flags() crypto_sync_skcipher_clear_flags() crypto_sync_skcipher_blocksize() crypto_sync_skcipher_ivsize() crypto_sync_skcipher_reqtfm() skcipher_request_set_sync_tfm() SYNC_SKCIPHER_REQUEST_ON_STACK() (with tfm type check) Change-Id: I9e6df0b1b97a9fde1ca8407793bdc9f4008db1c1 Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Git-Repo: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git Git-Commit: b350bee5ea0f4db75d4c6191a2e95db16f40c278 Signed-off-by: Rishabh Bhatnagar <rishabhb@codeaurora.org> |
||
|
Eric Biggers
|
8088d3dd4d |
crypto: skcipher - fix crash flushing dcache in error path
scatterwalk_done() is only meant to be called after a nonzero number of
bytes have been processed, since scatterwalk_pagedone() will flush the
dcache of the *previous* page. But in the error case of
skcipher_walk_done(), e.g. if the input wasn't an integer number of
blocks, scatterwalk_done() was actually called after advancing 0 bytes.
This caused a crash ("BUG: unable to handle kernel paging request")
during '!PageSlab(page)' on architectures like arm and arm64 that define
ARCH_IMPLEMENTS_FLUSH_DCACHE_PAGE, provided that the input was
page-aligned as in that case walk->offset == 0.
Fix it by reorganizing skcipher_walk_done() to skip the
scatterwalk_advance() and scatterwalk_done() if an error has occurred.
This bug was found by syzkaller fuzzing.
Reproducer, assuming ARCH_IMPLEMENTS_FLUSH_DCACHE_PAGE:
#include <linux/if_alg.h>
#include <sys/socket.h>
#include <unistd.h>
int main()
{
struct sockaddr_alg addr = {
.salg_type = "skcipher",
.salg_name = "cbc(aes-generic)",
};
char buffer[4096] __attribute__((aligned(4096))) = { 0 };
int fd;
fd = socket(AF_ALG, SOCK_SEQPACKET, 0);
bind(fd, (void *)&addr, sizeof(addr));
setsockopt(fd, SOL_ALG, ALG_SET_KEY, buffer, 16);
fd = accept(fd, NULL, NULL);
write(fd, buffer, 15);
read(fd, buffer, 15);
}
Reported-by: Liu Chao <liuchao741@huawei.com>
Fixes:
|
||
|
Eric Biggers
|
2a57c0be22 |
crypto: skcipher - remove unnecessary setting of walk->nbytes
Setting 'walk->nbytes = walk->total' in skcipher_walk_first() doesn't make sense because actually walk->nbytes needs to be set to the length of the first step in the walk, which may be less than walk->total. This is done by skcipher_walk_next() which is called immediately afterwards. Also walk->nbytes was already set to 0 in skcipher_walk_skcipher(), which is a better default value in case it's forgotten to be set later. Therefore, remove the unnecessary assignment to walk->nbytes. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Eric Biggers
|
0567fc9e90 |
crypto: skcipher - fix aligning block size in skcipher_copy_iv()
The ALIGN() macro needs to be passed the alignment, not the alignmask
(which is the alignment minus 1).
Fixes:
|
||
|
Denis Efremov
|
e4e4730698 |
crypto: skcipher - remove the exporting of skcipher_walk_next
The function skcipher_walk_next declared as static and marked as EXPORT_SYMBOL_GPL. It's a bit confusing for internal function to be exported. The area of visibility for such function is its .c file and all other modules. Other *.c files of the same module can't use it, despite all other modules can. Relying on the fact that this is the internal function and it's not a crucial part of the API, the patch just removes the EXPORT_SYMBOL_GPL marking of skcipher_walk_next. Found by Linux Driver Verification project (linuxtesting.org). Signed-off-by: Denis Efremov <efremov@linux.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Eric Biggers
|
f8d33fac84 |
crypto: skcipher - prevent using skciphers without setting key
Similar to what was done for the hash API, update the skcipher API to track whether each transform has been keyed, and reject encryption/decryption if a key is needed but one hasn't been set. This isn't as important as the equivalent fix for the hash API because symmetric ciphers almost always require a key (the "null cipher" is the only exception), so are unlikely to be used without one. Still, tracking the key will prevent accidental unkeyed use. algif_skcipher also had to track the key anyway, so the new flag replaces that and simplifies the algif_skcipher implementation. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Eric Biggers
|
2b4f27c36b |
crypto: skcipher - set walk.iv for zero-length inputs
All the ChaCha20 algorithms as well as the ARM bit-sliced AES-XTS
algorithms call skcipher_walk_virt(), then access the IV (walk.iv)
before checking whether any bytes need to be processed (walk.nbytes).
But if the input is empty, then skcipher_walk_virt() doesn't set the IV,
and the algorithms crash trying to use the uninitialized IV pointer.
Fix it by setting the IV earlier in skcipher_walk_virt(). Also fix it
for the AEAD walk functions.
This isn't a perfect solution because we can't actually align the IV to
->cra_alignmask unless there are bytes to process, for one because the
temporary buffer for the aligned IV is freed by skcipher_walk_done(),
which is only called when there are bytes to process. Thus, algorithms
that require aligned IVs will still need to avoid accessing the IV when
walk.nbytes == 0. Still, many algorithms/architectures are fine with
IVs having any alignment, and even for those that aren't, a misaligned
pointer bug is much less severe than an uninitialized pointer bug.
This change also matches the behavior of the older blkcipher_walk API.
Fixes:
|
||
|
Linus Torvalds
|
43570f0383 |
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu: - avoid potential bogus alignment for some AEAD operations - fix crash in algif_aead - avoid sleeping in softirq context with async af_alg * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: skcipher - Fix skcipher_walk_aead_common crypto: af_alg - remove locking in async callback crypto: algif_aead - skip SGL entries with NULL page |
||
|
Ondrej Mosnáček
|
c14ca83865 |
crypto: skcipher - Fix skcipher_walk_aead_common
The skcipher_walk_aead_common function calls scatterwalk_copychunks on
the input and output walks to skip the associated data. If the AD end
at an SG list entry boundary, then after these calls the walks will
still be pointing to the end of the skipped region.
These offsets are later checked for alignment in skcipher_walk_next,
so the skcipher_walk may detect the alignment incorrectly.
This patch fixes it by calling scatterwalk_done after the copychunks
calls to ensure that the offsets refer to the right SG list entry.
Fixes:
|
||
|
Herbert Xu
|
0cabf2af6f |
crypto: skcipher - Fix crash on zero-length input
The skcipher walk interface doesn't handle zero-length input
properly as the old blkcipher walk interface did. This is due
to the fact that the length check is done too late.
This patch moves the length check forward so that it does the
right thing.
Fixes:
|
||
|
Herbert Xu
|
9933e113c2 |
crypto: skcipher - Add missing API setkey checks
The API setkey checks for key sizes and alignment went AWOL during the
skcipher conversion. This patch restores them.
Cc: <stable@vger.kernel.org>
Fixes:
|
||
|
Gideon Israel Dsouza
|
d8c34b949d |
crypto: Replaced gcc specific attributes with macros from compiler.h
Continuing from this commit:
|
||
|
Ard Biesheuvel
|
c821f6ab2e |
crypto: skcipher - introduce walksize attribute for SIMD algos
In some cases, SIMD algorithms can only perform optimally when allowed to operate on multiple input blocks in parallel. This is especially true for bit slicing algorithms, which typically take the same amount of time processing a single block or 8 blocks in parallel. However, other SIMD algorithms may benefit as well from bigger strides. So add a walksize attribute to the skcipher algorithm definition, and wire it up to the skcipher walk API. To avoid confusion between the skcipher and AEAD attributes, rename the skcipher_walk chunksize attribute to 'stride', and set it from the walksize (in the skcipher case) or from the chunksize (in the AEAD case). Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Ard Biesheuvel
|
18e615ad87 |
crypto: skcipher - fix crash in virtual walk
The new skcipher walk API may crash in the following way. (Interestingly, the tcrypt boot time tests seem unaffected, while an explicit test using the module triggers it) Unable to handle kernel NULL pointer dereference at virtual address 00000000 ... [<ffff000008431d84>] __memcpy+0x84/0x180 [<ffff0000083ec0d0>] skcipher_walk_done+0x328/0x340 [<ffff0000080c5c04>] ctr_encrypt+0x84/0x100 [<ffff000008406d60>] simd_skcipher_encrypt+0x88/0x98 [<ffff0000083fa05c>] crypto_rfc3686_crypt+0x8c/0x98 [<ffff0000009b0900>] test_skcipher_speed+0x518/0x820 [tcrypt] [<ffff0000009b31c0>] do_test+0x1408/0x3b70 [tcrypt] [<ffff0000009bd050>] tcrypt_mod_init+0x50/0x1000 [tcrypt] [<ffff0000080838f4>] do_one_initcall+0x44/0x138 [<ffff0000081aee60>] do_init_module+0x68/0x1e0 [<ffff0000081524d0>] load_module+0x1fd0/0x2458 [<ffff000008152c38>] SyS_finit_module+0xe0/0xf0 [<ffff0000080836f0>] el0_svc_naked+0x24/0x28 This is due to the fact that skcipher_done_slow() may be entered with walk->buffer unset. Since skcipher_walk_done() already deals with the case where walk->buffer == walk->page, it appears to be the intention that walk->buffer point to walk->page after skcipher_next_slow(), so ensure that is the case. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Herbert Xu
|
34bc085c83 |
crypto: skcipher - Add separate walker for AEAD decryption
The AEAD decrypt interface includes the authentication tag in req->cryptlen. Therefore we need to exlucde that when doing a walk over it. This patch adds separate walker functions for AEAD encryption and decryption. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> |
||
|
Ard Biesheuvel
|
3cbf61fb9f |
crypto: skcipher - fix crash in skcipher_walk_aead()
The new skcipher_walk_aead() may crash in the following way due to the walk flag SKCIPHER_WALK_PHYS not being cleared at the start of the walk: Unable to handle kernel NULL pointer dereference at virtual address 00000001 [..] Internal error: Oops: 96000044 [#1] PREEMPT SMP [..] PC is at skcipher_walk_next+0x208/0x450 LR is at skcipher_walk_next+0x1e4/0x450 pc : [<ffff2b93b7104e20>] lr : [<ffff2b93b7104dfc>] pstate: 40000045 sp : ffffb925fa517940 [...] [<ffff2b93b7104e20>] skcipher_walk_next+0x208/0x450 [<ffff2b93b710535c>] skcipher_walk_first+0x54/0x148 [<ffff2b93b7105664>] skcipher_walk_aead+0xd4/0x108 [<ffff2b93b6e77928>] ccm_encrypt+0x68/0x158 So clear the flag at the appropriate time. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Herbert Xu
|
b286d8b1a6 |
crypto: skcipher - Add skcipher walk interface
This patch adds the skcipher walk interface which replaces both blkcipher walk and ablkcipher walk. Just like blkcipher walk it can also be used for AEAD algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Herbert Xu
|
3a01d0ee2b |
crypto: skcipher - Remove top-level givcipher interface
This patch removes the old crypto_grab_skcipher helper and replaces it with crypto_grab_skcipher2. As this is the final entry point into givcipher this patch also removes all traces of the top-level givcipher interface, including all implicit IV generators such as chainiv. The bottom-level givcipher interface remains until the drivers using it are converted. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Herbert Xu
|
4e6c3df4d7 |
crypto: skcipher - Add low-level skcipher interface
This patch allows skcipher algorithms and instances to be created and registered with the crypto API. They are accessible through the top-level skcipher interface, along with ablkcipher/blkcipher algorithms and instances. This patch also introduces a new parameter called chunk size which is meant for ciphers such as CTR and CTS which ostensibly can handle arbitrary lengths, but still behave like block ciphers in that you can only process a partial block at the very end. For these ciphers the block size will continue to be set to 1 as it is now while the chunk size will be set to the underlying block size. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Herbert Xu
|
973fb3fb50 |
crypto: skcipher - Add default key size helper
While converting ecryptfs over to skcipher I found that it needs to pick a default key size if one isn't given. Rather than having it poke into the guts of the algorithm to get max_keysize, let's provide a helper that is meant to give a sane default (just in case we ever get an algorithm that has no maximum key size). Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Herbert Xu
|
a1383cd86a |
crypto: skcipher - Add crypto_skcipher_has_setkey
This patch adds a way for skcipher users to determine whether a key is required by a transform. Cc: stable@vger.kernel.org Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Geliang Tang
|
ecdd6bed29 |
crypto: skcipher - blkcipher and ablkcipher should it be static
Fixes the following sparse warnings: crypto/skcipher.c:94:5: warning: symbol 'crypto_init_skcipher_ops_blkcipher' was not declared. Should it be static? crypto/skcipher.c:185:5: warning: symbol 'crypto_init_skcipher_ops_ablkcipher' was not declared. Should it be static? Signed-off-by: Geliang Tang <geliangtang@163.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Herbert Xu
|
7a7ffe65c8 |
crypto: skcipher - Add top-level skcipher interface
This patch introduces the crypto skcipher interface which aims to replace both blkcipher and ablkcipher. It's very similar to the existing ablkcipher interface. The main difference is the removal of the givcrypt interface. In order to make the transition easier for blkcipher users, there is a helper SKCIPHER_REQUEST_ON_STACK which can be used to place a request on the stack for synchronous transforms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |