On 01/25/2016 01:20 AM, Herbert Xu wrote:
> On Fri, Jan 22, 2016 at 11:22:48AM -0600, Tom Lendacky wrote:
>> On 01/12/2016 11:17 AM, Tom Lendacky wrote:
>>> Commit 8996eafdcbad ("crypto: ahash - ensure statesize is non-zero")
>>> added a check to prevent ahash algorithms from successfully registering
>>> if the import and export functions were not implemented. This prevents
>>> an oops in the hash_accept function of algif_hash. This commit causes
>>> the ccp-crypto module SHA support and AES CMAC support from successfully
>>> registering and causing the ccp-crypto module load to fail because the
>>> ahash import and export functions are not implemented.
>>>
>>> Update the CCP Crypto API support to provide import and export support
>>> for ahash algorithms.
>>>
>>> Cc: <stable@xxxxxxxxxxxxxxx> # 3.14.x-
>>> Signed-off-by: Tom Lendacky <thomas.lendacky@xxxxxxx>
>>
>> Herbert, is it possible this patch can be part of Crypto Fixes for 4.5?
>
> While your patch is probably OK the rctx structure just contains
> too much crap for me to feel safe about pushing this in at this
> point in time. So I'd like to have it cook for another cycle.
>
> The reason I'm overly cautious is because import/export is directly
> exposed to user-space so if we get this wrong then we may open
> up a root hole.
Many of the fields in the rctx structure are set during the update
operation and don't matter to the driver from an export and import
perspective. I included them to make the routines simple, but if
user-space exposure is a concern I can pare down the amount of data
that is exported and imported. I can send a follow-on patch to do
that if you prefer.
Thanks,
Tom
>
> Cheers,
>
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
