13 Jan, 2015
1 commit
-
Commit 5d26a105b5a7 ("crypto: prefix module autoloading with "crypto-"")
changed the automatic module loading when requesting crypto algorithms
to prefix all module requests with "crypto-". This requires all crypto
modules to have a crypto specific module alias even if their file name
would otherwise match the requested crypto algorithm.Even though commit 5d26a105b5a7 added those aliases for a vast amount of
modules, it was missing a few. Add the required MODULE_ALIAS_CRYPTO
annotations to those files to make them get loaded automatically, again.
This fixes, e.g., requesting 'ecb(blowfish-generic)', which used to work
with kernels v3.18 and below.Also change MODULE_ALIAS() lines to MODULE_ALIAS_CRYPTO(). The former
won't work for crypto modules any more.Fixes: 5d26a105b5a7 ("crypto: prefix module autoloading with "crypto-"")
Cc: Kees Cook
Signed-off-by: Mathias Krause
Signed-off-by: Herbert Xu
24 Nov, 2014
1 commit
-
This prefixes all crypto module loading with "crypto-" so we never run
the risk of exposing module auto-loading to userspace via a crypto API,
as demonstrated by Mathias Krause:https://lkml.org/lkml/2013/3/4/70
Signed-off-by: Kees Cook
Signed-off-by: Herbert Xu
17 Oct, 2014
1 commit
-
Recently, in commit 13aa93c70e71 ("random: add and use memzero_explicit()
for clearing data"), we have found that GCC may optimize some memset()
cases away when it detects a stack variable is not being used anymore
and going out of scope. This can happen, for example, in cases when we
are clearing out sensitive information such as keying material or any
e.g. intermediate results from crypto computations, etc.With the help of Coccinelle, we can figure out and fix such occurences
in the crypto subsytem as well. Julia Lawall provided the following
Coccinelle program:@@
type T;
identifier x;
@@T x;
... when exists
when any
-memset
+memzero_explicit
(&x,
-0,
...)
... when != x
when strict@@
type T;
identifier x;
@@T x[...];
... when exists
when any
-memset
+memzero_explicit
(x,
-0,
...)
... when != x
when strictTherefore, make use of the drop-in replacement memzero_explicit() for
exactly such cases instead of using memset().Signed-off-by: Daniel Borkmann
Cc: Julia Lawall
Cc: Herbert Xu
Cc: Theodore Ts'o
Cc: Hannes Frederic Sowa
Acked-by: Hannes Frederic Sowa
Acked-by: Herbert Xu
Signed-off-by: Theodore Ts'o
01 Aug, 2012
1 commit
-
Combine all shash algs to be registered and use new crypto_[un]register_shashes
functions. This simplifies init/exit code.Signed-off-by: Jussi Kivilinna
Signed-off-by: Herbert Xu
21 Oct, 2011
1 commit
-
rc[0] is unused because rounds are counted from 1.
Save an u64!Signed-off-by: Alexey Dobriyan
Signed-off-by: Herbert Xu
25 Dec, 2008
1 commit
-
This patch changes wp512, wp384 and wp256 to the new shash interface.
Signed-off-by: Adrian-Ken Rueegsegger
Signed-off-by: Herbert Xu
21 Apr, 2008
1 commit
-
On Thu, Mar 27, 2008 at 03:40:36PM +0100, Bodo Eggert wrote:
> Kamalesh Babulal wrote:
>
> > This patch cleanups the crypto code, replaces the init() and fini()
> > with the _init/_fini
>
> This part ist OK.
>
> > or init/fini_ (if the
> > _init/_fini exist)
>
> Having init_foo and foo_init won't be a good thing, will it? I'd start
> confusing them.
>
> What about foo_modinit instead?Thanks for the suggestion, the init() is replaced with
_mod_init ()
and fini () is replaced with _mod_fini.
Signed-off-by: Kamalesh Babulal
Signed-off-by: Herbert Xu
02 Nov, 2007
1 commit
-
Not architecture specific code should not #include .
This patch therefore either replaces them with
#include or simply removes them if they were
unused.Signed-off-by: Adrian Bunk
Signed-off-by: Jens Axboe