Eric Lee / smarc-fsl-linux-kernel

13 Dec, 2019

1 commit

  • d8d63ea23   crypto: user - fix memory leak in crypto_reportstat ... Browse Code »

    commit c03b04dcdba1da39903e23cc4d072abf8f68f2dd upstream.

    In crypto_reportstat, a new skb is created by nlmsg_new(). This skb is
    leaked if crypto_reportstat_alg() fails. Required release for skb is
    added.

    Fixes: cac5818c25d0 ("crypto: user - Implement a generic crypto statistics")
    Cc:
    Signed-off-by: Navid Emamdoost
    Signed-off-by: Herbert Xu
    Signed-off-by: Greg Kroah-Hartman

    Navid Emamdoost
     

26 Jul, 2019

1 commit

  • 91b05a7e7   crypto: user - make NETLINK_CRYPTO work inside netns ... Browse Code »

    Currently, NETLINK_CRYPTO works only in the init network namespace. It
    doesn't make much sense to cut it out of the other network namespaces,
    so do the minor plumbing work necessary to make it work in any network
    namespace. Code inspired by net/core/sock_diag.c.

    Tested using kcapi-dgst from libkcapi [1]:
    Before:
    # unshare -n kcapi-dgst -c sha256
    Signed-off-by: Herbert Xu

    Ondrej Mosnacek
     

18 Jan, 2019

2 commits

23 Dec, 2018

1 commit

07 Dec, 2018

6 commits

09 Nov, 2018

2 commits

  • 37db69e0b   crypto: user - clean up report structure copying ... Browse Code »

    There have been a pretty ridiculous number of issues with initializing
    the report structures that are copied to userspace by NETLINK_CRYPTO.
    Commit 4473710df1f8 ("crypto: user - Prepare for CRYPTO_MAX_ALG_NAME
    expansion") replaced some strncpy()s with strlcpy()s, thereby
    introducing information leaks. Later two other people tried to replace
    other strncpy()s with strlcpy() too, which would have introduced even
    more information leaks:

    - https://lore.kernel.org/patchwork/patch/954991/
    - https://patchwork.kernel.org/patch/10434351/

    Commit cac5818c25d0 ("crypto: user - Implement a generic crypto
    statistics") also uses the buggy strlcpy() approach and therefore leaks
    uninitialized memory to userspace. A fix was proposed, but it was
    originally incomplete.

    Seeing as how apparently no one can get this right with the current
    approach, change all the reporting functions to:

    - Start by memsetting the report structure to 0. This guarantees it's
    always initialized, regardless of what happens later.
    - Initialize all strings using strscpy(). This is safe after the
    memset, ensures null termination of long strings, avoids unnecessary
    work, and avoids the -Wstringop-truncation warnings from gcc.
    - Use sizeof(var) instead of sizeof(type). This is more robust against
    copy+paste errors.

    For simplicity, also reuse the -EMSGSIZE return value from nla_put().

    Signed-off-by: Eric Biggers
    Signed-off-by: Herbert Xu

    Eric Biggers
     
  • 9f4debe38   crypto: user - Zeroize whole structure given to user space ... Browse Code »

    For preventing uninitialized data to be given to user-space (and so leak
    potential useful data), the crypto_stat structure must be correctly
    initialized.

    Reported-by: Dan Carpenter
    Fixes: cac5818c25d0 ("crypto: user - Implement a generic crypto statistics")
    Signed-off-by: Corentin Labbe
    [EB: also fix it in crypto_reportstat_one()]
    [EB: use sizeof(var) rather than sizeof(type)]
    Signed-off-by: Eric Biggers
    Signed-off-by: Herbert Xu

    Corentin Labbe
     

28 Sep, 2018

1 commit