<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/crypto, branch v3.12.4</title>
<subtitle>Linux kernel source tree</subtitle>
<id>https://git.amat.us/linux/atom/crypto?h=v3.12.4</id>
<link rel='self' href='https://git.amat.us/linux/atom/crypto?h=v3.12.4'/>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/'/>
<updated>2013-12-08T15:29:15Z</updated>
<entry>
<title>net: update consumers of MSG_MORE to recognize MSG_SENDPAGE_NOTLAST</title>
<updated>2013-12-08T15:29:15Z</updated>
<author>
<name>Shawn Landden</name>
<email>shawn@churchofgit.com</email>
</author>
<published>2013-11-25T06:36:28Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=2afe5cfbf8a8e9d5868dd5768fa80acacbf4b0e2'/>
<id>urn:sha1:2afe5cfbf8a8e9d5868dd5768fa80acacbf4b0e2</id>
<content type='text'>
[ Upstream commit d3f7d56a7a4671d395e8af87071068a195257bf6 ]

Commit 35f9c09fe (tcp: tcp_sendpages() should call tcp_push() once)
added an internal flag MSG_SENDPAGE_NOTLAST, similar to
MSG_MORE.

algif_hash, algif_skcipher, and udp used MSG_MORE from tcp_sendpages()
and need to see the new flag as identical to MSG_MORE.

This fixes sendfile() on AF_ALG.

v3: also fix udp

Cc: Tom Herbert &lt;therbert@google.com&gt;
Cc: Eric Dumazet &lt;eric.dumazet@gmail.com&gt;
Cc: David S. Miller &lt;davem@davemloft.net&gt;
Cc: &lt;stable@vger.kernel.org&gt; # 3.4.x + 3.2.x
Reported-and-tested-by: Shawn Landden &lt;shawnlandden@gmail.com&gt;
Original-patch: Richard Weinberger &lt;richard@nod.at&gt;
Signed-off-by: Shawn Landden &lt;shawn@churchofgit.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>net: rework recvmsg handler msg_name and msg_namelen logic</title>
<updated>2013-12-08T15:29:13Z</updated>
<author>
<name>Hannes Frederic Sowa</name>
<email>hannes@stressinduktion.org</email>
</author>
<published>2013-11-21T02:14:22Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=0cefe287488ca07c0d7962a7b4d3fbb829d09917'/>
<id>urn:sha1:0cefe287488ca07c0d7962a7b4d3fbb829d09917</id>
<content type='text'>
[ Upstream commit f3d3342602f8bcbf37d7c46641cb9bca7618eb1c ]

This patch now always passes msg-&gt;msg_namelen as 0. recvmsg handlers must
set msg_namelen to the proper size &lt;= sizeof(struct sockaddr_storage)
to return msg_name to the user.

This prevents numerous uninitialized memory leaks we had in the
recvmsg handlers and makes it harder for new code to accidentally leak
uninitialized memory.

Optimize for the case recvfrom is called with NULL as address. We don't
need to copy the address at all, so set it to NULL before invoking the
recvmsg handler. We can do so, because all the recvmsg handlers must
cope with the case a plain read() is called on them. read() also sets
msg_name to NULL.

Also document these changes in include/linux/net.h as suggested by David
Miller.

Changes since RFC:

Set msg-&gt;msg_name = NULL if user specified a NULL in msg_name but had a
non-null msg_namelen in verify_iovec/verify_compat_iovec. This doesn't
affect sendto as it would bail out earlier while trying to copy-in the
address. It also more naturally reflects the logic by the callers of
verify_iovec.

With this change in place I could remove "
if (!uaddr || msg_sys-&gt;msg_namelen == 0)
	msg-&gt;msg_name = NULL
".

This change does not alter the user visible error logic as we ignore
msg_namelen as long as msg_name is NULL.

Also remove two unnecessary curly brackets in ___sys_recvmsg and change
comments to netdev style.

Cc: David Miller &lt;davem@davemloft.net&gt;
Suggested-by: Eric Dumazet &lt;eric.dumazet@gmail.com&gt;
Signed-off-by: Hannes Frederic Sowa &lt;hannes@stressinduktion.org&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>X.509: Remove certificate date checks</title>
<updated>2013-12-04T19:06:35Z</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2013-06-18T16:40:44Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=b8c5051525f83a032427663e51f49dfaf80a812c'/>
<id>urn:sha1:b8c5051525f83a032427663e51f49dfaf80a812c</id>
<content type='text'>
commit 124df926090b32a998483f6e43ebeccdbe5b5302 upstream.

Remove the certificate date checks that are performed when a certificate is
parsed.  There are two checks: a valid from and a valid to.  The first check is
causing a lot of problems with system clocks that don't keep good time and the
second places an implicit expiry date upon the kernel when used for module
signing, so do we really need them?

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: David Woodhouse &lt;dwmw2@infradead.org&gt;
cc: Rusty Russell &lt;rusty@rustcorp.com.au&gt;
cc: Josh Boyer &lt;jwboyer@redhat.com&gt;
cc: Alexander Holler &lt;holler@ahsoftware.de&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
</entry>
<entry>
<title>crypto: ansi_cprng - Fix off by one error in non-block size request</title>
<updated>2013-11-29T19:27:53Z</updated>
<author>
<name>Neil Horman</name>
<email>nhorman@tuxdriver.com</email>
</author>
<published>2013-09-17T12:33:11Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=8ea7fffd97835f4e3ffd5f757df152a79835f65f'/>
<id>urn:sha1:8ea7fffd97835f4e3ffd5f757df152a79835f65f</id>
<content type='text'>
commit 714b33d15130cbb5ab426456d4e3de842d6c5b8a upstream.

Stephan Mueller reported to me recently a error in random number generation in
the ansi cprng. If several small requests are made that are less than the
instances block size, the remainder for loop code doesn't increment
rand_data_valid in the last iteration, meaning that the last bytes in the
rand_data buffer gets reused on the subsequent smaller-than-a-block request for
random data.

The fix is pretty easy, just re-code the for loop to make sure that
rand_data_valid gets incremented appropriately

Signed-off-by: Neil Horman &lt;nhorman@tuxdriver.com&gt;
Reported-by: Stephan Mueller &lt;stephan.mueller@atsec.com&gt;
CC: Stephan Mueller &lt;stephan.mueller@atsec.com&gt;
CC: Petr Matousek &lt;pmatouse@redhat.com&gt;
CC: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
CC: "David S. Miller" &lt;davem@davemloft.net&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Cc: Luis Henriques &lt;luis.henriques@canonical.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
</entry>
<entry>
<title>crypto: crct10dif - Add fallback for broken initrds</title>
<updated>2013-09-12T05:31:34Z</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2013-09-12T05:31:34Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=26052f9b9bb8de4f6a57165b0a803de9c26138bd'/>
<id>urn:sha1:26052f9b9bb8de4f6a57165b0a803de9c26138bd</id>
<content type='text'>
Unfortunately, even with a softdep some distros fail to include
the necessary modules in the initrd.  Therefore this patch adds
a fallback path to restore existing behaviour where we cannot
load the new crypto crct10dif algorithm.

In order to do this, the underlying crct10dif has been split out
from the crypto implementation so that it can be used on the
fallback path.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: api - Fix race condition in larval lookup</title>
<updated>2013-09-08T04:33:50Z</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2013-09-08T04:33:50Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=77dbd7a95e4a4f15264c333a9e9ab97ee27dc2aa'/>
<id>urn:sha1:77dbd7a95e4a4f15264c333a9e9ab97ee27dc2aa</id>
<content type='text'>
crypto_larval_lookup should only return a larval if it created one.
Any larval created by another entity must be processed through
crypto_larval_wait before being returned.

Otherwise this will lead to a larval being killed twice, which
will most likely lead to a crash.

Cc: stable@vger.kernel.org
Reported-by: Kees Cook &lt;keescook@chromium.org&gt;
Tested-by: Kees Cook &lt;keescook@chromium.org&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6</title>
<updated>2013-09-07T21:31:18Z</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2013-09-07T21:31:18Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=6be48f2940af9ea8d93c23a0dd8e322672c92efd'/>
<id>urn:sha1:6be48f2940af9ea8d93c23a0dd8e322672c92efd</id>
<content type='text'>
Pull crypto update from Herbert Xu:
 "Here is the crypto update for 3.12:

   - Added MODULE_SOFTDEP to allow pre-loading of modules.
   - Reinstated crct10dif driver using the module softdep feature.
   - Allow via rng driver to be auto-loaded.

   - Split large input data when necessary in nx.
   - Handle zero length messages correctly for GCM/XCBC in nx.
   - Handle SHA-2 chunks bigger than block size properly in nx.

   - Handle unaligned lengths in omap-aes.
   - Added SHA384/SHA512 to omap-sham.
   - Added OMAP5/AM43XX SHAM support.
   - Added OMAP4 TRNG support.

   - Misc fixes"

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (66 commits)
  Reinstate "crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework"
  hwrng: via - Add MODULE_DEVICE_TABLE
  crypto: fcrypt - Fix bitoperation for compilation with clang
  crypto: nx - fix SHA-2 for chunks bigger than block size
  crypto: nx - fix GCM for zero length messages
  crypto: nx - fix XCBC for zero length messages
  crypto: nx - fix limits to sg lists for AES-CCM
  crypto: nx - fix limits to sg lists for AES-XCBC
  crypto: nx - fix limits to sg lists for AES-GCM
  crypto: nx - fix limits to sg lists for AES-CTR
  crypto: nx - fix limits to sg lists for AES-CBC
  crypto: nx - fix limits to sg lists for AES-ECB
  crypto: nx - add offset to nx_build_sg_lists()
  padata - Register hotcpu notifier after initialization
  padata - share code between CPU_ONLINE and CPU_DOWN_FAILED, same to CPU_DOWN_PREPARE and CPU_UP_CANCELED
  hwrng: omap - reorder OMAP TRNG driver code
  crypto: omap-sham - correct dma burst size
  crypto: omap-sham - Enable Polling mode if DMA fails
  crypto: tegra-aes - bitwise vs logical and
  crypto: sahara - checking the wrong variable
  ...
</content>
</entry>
<entry>
<title>Reinstate "crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework"</title>
<updated>2013-09-07T02:56:26Z</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2013-09-07T02:56:26Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=68411521cc6055edc6274e03ab3210a5893533ba'/>
<id>urn:sha1:68411521cc6055edc6274e03ab3210a5893533ba</id>
<content type='text'>
This patch reinstates commits
	67822649d7305caf3dd50ed46c27b99c94eff996
	39761214eefc6b070f29402aa1165f24d789b3f7
	0b95a7f85718adcbba36407ef88bba0a7379ed03
	31d939625a9a20b1badd2d4e6bf6fd39fa523405
	2d31e518a42828df7877bca23a958627d60408bc

Now that module softdeps are in the kernel we can use that to resolve
the boot issue which cause the revert.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux</title>
<updated>2013-09-07T02:53:35Z</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2013-09-07T02:53:35Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=eeca9fad52fc4bfdf42c38bfcf383e932eb3e9d6'/>
<id>urn:sha1:eeca9fad52fc4bfdf42c38bfcf383e932eb3e9d6</id>
<content type='text'>
Merge upstream tree in order to reinstate crct10dif.
</content>
</entry>
<entry>
<title>crypto: fcrypt - Fix bitoperation for compilation with clang</title>
<updated>2013-09-02T10:32:58Z</updated>
<author>
<name>Jan-Simon Möller</name>
<email>dl9pf@gmx.de</email>
</author>
<published>2013-08-29T18:09:24Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=06e710bd5faa886e9b5d032d375761de28fcef54'/>
<id>urn:sha1:06e710bd5faa886e9b5d032d375761de28fcef54</id>
<content type='text'>
v2: Fix bug in statement as pointed out by Herbert Xu. Kudos to pipacs.

Author:  PaX Team &lt;pageexec at freemail.hu&gt;
ML-Post: http://lists.cs.uiuc.edu/pipermail/llvm-commits/Week-of-Mon-20120507/142707.html
URL:     http://llvm.linuxfoundation.org

Merge:   Jan-Simon Möller &lt;dl9pf at gmx.de&gt;

Description:

Fix for warning:
linux/crypto/fcrypt.c:143:47: warning: signed shift result (0x598000000) requires 36 bits to
      represent, but 'int' only has 32 bits [-Wshift-overflow]
        Z(0xef), Z(0x70), Z(0xcf), Z(0xc2), Z(0x2a), Z(0xb3), Z(0x61), Z(0xad),
                                                     ^~~~~~~
linux/crypto/fcrypt.c:113:29: note: expanded from macro 'Z'
                            ^  ~~
linux/include/uapi/linux/byteorder/little_endian.h:38:53: note: expanded from macro
      '__cpu_to_be32'
                                                    ^
linux/include/uapi/linux/swab.h:116:21: note: expanded from macro '__swab32'
        ___constant_swab32(x) :                 \
                           ^
linux/include/uapi/linux/swab.h:18:12: note: expanded from macro '___constant_swab32'
        (((__u32)(x) &amp; (__u32)0x0000ff00UL) &lt;&lt;  8) |            \
                  ^

Solution - make sure we don't exceed the 32 bit range.
 #define Z(x) cpu_to_be32(((x &amp; 0x1f) &lt;&lt; 27) | (x &gt;&gt; 5))

Signed-off-by: Jan-Simon Möller &lt;dl9pf@gmx.de&gt;
CC: pageexec@freemail.hu
CC: llvmlinux@lists.linuxfoundation.org
CC: behanw@converseincode.com
CC: herbert@gondor.apana.org.au
CC: davem@davemloft.net
CC: linux-crypto@vger.kernel.org
CC: linux-kernel@vger.kernel.org
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
</feed>
