linux/crypto/blkcipher.c, branch v3.12.10

crypto: user - fix info leaks in report API

2013-02-19T12:27:03Z

Three errors resulting in kernel memory disclosure: 1/ The structures used for the netlink based crypto algorithm report API are located on the stack. As snprintf() does not fill the remainder of the buffer with null bytes, those stack bytes will be disclosed to users of the API. Switch to strncpy() to fix this. 2/ crypto_report_one() does not initialize all field of struct crypto_user_alg. Fix this to fix the heap info leak. 3/ For the module name we should copy only as many bytes as module_name() returns -- not as much as the destination buffer could hold. But the current code does not and therefore copies random data from behind the end of the module name, as the module name is always shorter than CRYPTO_MAX_ALG_NAME. Also switch to use strncpy() to copy the algorithm's name and driver_name. They are strings, after all. Signed-off-by: Mathias Krause Cc: Steffen Klassert Signed-off-by: Herbert Xu

crypto: use ERR_CAST

2013-02-04T13:16:53Z

Replace PTR_ERR followed by ERR_PTR by ERR_CAST, to be more concise. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression err,x; @@ - err = PTR_ERR(x); if (IS_ERR(x)) - return ERR_PTR(err); + return ERR_CAST(x); // Signed-off-by: Julia Lawall Signed-off-by: Herbert Xu

crypto: Stop using NLA_PUT*().

2012-04-02T08:33:42Z

These macros contain a hidden goto, and are thus extremely error prone and make code hard to audit. Signed-off-by: David S. Miller

crypto: remove the second argument of k[un]map_atomic()

2012-03-20T13:48:16Z

Signed-off-by: Cong Wang

crypto: algapi - Fix build problem with NET disabled

2011-11-10T22:57:06Z

The report functions use NLA_PUT so we need to ensure that NET is enabled. Reported-by: Luis Henriques Signed-off-by: Herbert Xu

crypto: Add userspace report for blkcipher type algorithms

2011-10-21T12:24:05Z

Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu

mm: strictly nested kmap_atomic()

2010-10-26T23:52:08Z

Ensure kmap_atomic() usage is strictly nested Signed-off-by: Peter Zijlstra Reviewed-by: Rik van Riel Acked-by: Chris Metcalf Cc: David Howells Cc: Hugh Dickins Cc: Ingo Molnar Cc: Thomas Gleixner Cc: "H. Peter Anvin" Cc: Steven Rostedt Cc: Russell King Cc: Ralf Baechle Cc: David Miller Cc: Paul Mackerras Cc: Benjamin Herrenschmidt Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

crypto: skcipher - Avoid infinite loop when cipher fails selftest

2009-02-18T13:20:06Z

When an skcipher constructed through crypto_givcipher_default fails its selftest, we'll loop forever trying to construct new skcipher objects but failing because it already exists. The crux of the issue is that once a givcipher fails the selftest, we'll ignore it on the next run through crypto_skcipher_lookup and attempt to construct a new givcipher. We should instead return an error to the caller if we find a givcipher that has failed the test. Signed-off-by: Herbert Xu

crypto: blkcipher - Fix WARN_ON handling in walk_done

2009-01-27T06:11:13Z

When we get left-over bits from a slow walk, it means that the underlying cipher has gone troppo. However, as we're handling that case we should ensure that the caller terminates the walk. This patch does this by setting walk->nbytes to zero. Reported-by: Roel Kluin Reported-by: Huang Ying Signed-off-by: Herbert Xu

crypto: skcipher - Move IV generators into their own modules

2008-08-29T05:50:00Z

This patch moves the default IV generators into their own modules in order to break a dependency loop between cryptomgr, rng, and blkcipher. Signed-off-by: Herbert Xu