On Fri, Jan 22, 2016 at 11:22:48AM -0600, Tom Lendacky wrote:
> On 01/12/2016 11:17 AM, Tom Lendacky wrote:
> > Commit 8996eafdcbad ("crypto: ahash - ensure statesize is non-zero")
> > added a check to prevent ahash algorithms from successfully registering
> > if the import and export functions were not implemented. This prevents
> > an oops in the hash_accept function of algif_hash. This commit causes
> > the ccp-crypto module SHA support and AES CMAC support from successfully
> > registering and causing the ccp-crypto module load to fail because the
> > ahash import and export functions are not implemented.
> >
> > Update the CCP Crypto API support to provide import and export support
> > for ahash algorithms.
> >
> > Cc: <stable@xxxxxxxxxxxxxxx> # 3.14.x-
> > Signed-off-by: Tom Lendacky <thomas.lendacky@xxxxxxx>
>
> Herbert, is it possible this patch can be part of Crypto Fixes for 4.5?
While your patch is probably OK the rctx structure just contains
too much crap for me to feel safe about pushing this in at this
point in time. So I'd like to have it cook for another cycle.
The reason I'm overly cautious is because import/export is directly
exposed to user-space so if we get this wrong then we may open
up a root hole.
Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
