Am Dienstag, 20. Januar 2015, 14:17:04 schrieb Herbert Xu: Hi Herbert, >On Sun, Jan 18, 2015 at 11:56:03PM +0100, Stephan Mueller wrote: >> The cipher registered as __driver-gcm-aes-aesni is never intended >> to be used directly by any caller. Instead it is a service mechanism >> to rfc4106-gcm-aesni. >> >> The kernel crypto API unconditionally calls the registered setkey >> function. In case a caller erroneously uses __driver-gcm-aes-aesni a >> call to crypto_aead_setkey will cause a NULL pointer dereference >> without this patch. >> >> CC: Tadeusz Struk <tadeusz.struk@xxxxxxxxx> >> Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx> > >Rather than adding a bogus setkey function, please fix this mess >properly by moving the top-level setkey function into the __driver >one where it should be. Compare with how we handle it in the >ablk_helper which is pretty much the same thing. That is a good suggestion. And the modification is quite limited as the existing rfc4106_set_key could be used for the __driver with only slight modifications. In that case, however, we should apply the same to rfc4106_set_authsize. This in turn would then turn the __driver implementation into a full GCM implementation. That would mean that we should rename it from __driver into gcm(aes) / gcm-aesni. > >Thanks, Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html