Re: [PATCH v2] crypto/mcryptd: Check mcryptd algorithm compatibility

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I think a proper fix would be to find the reason why mcryptd crashes and 
fix that reason (i.e. make it fail in mcryptd_create_hash rather than 
crash).

Testing flags could fix the bug for now but it could backfire later when 
more algorithms are added.

Mikulas



On Mon, 5 Dec 2016, Tim Chen wrote:

> Algorithms not compatible with mcryptd could be spawned by mcryptd
> with a direct crypto_alloc_tfm invocation using a "mcryptd(alg)" name
> construct.  This causes mcryptd to crash the kernel if an arbitrary
> "alg" is incompatible and not intended to be used with mcryptd.  It is
> an issue if AF_ALG tries to spawn mcryptd(alg) to expose it externally.
> But such algorithms must be used internally and not be exposed.
> 
> We added a check to enforce that only internal algorithms are allowed
> with mcryptd at the time mcryptd is spawning an algorithm.
> 
> Link: http://marc.info/?l=linux-crypto-vger&m=148063683310477&w=2
> Cc: stable@xxxxxxxxxxxxxxx
> Reported-by: Mikulas Patocka <mpatocka@xxxxxxxxxx>
> Signed-off-by: Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> ---
>  crypto/mcryptd.c | 19 ++++++++++++-------
>  1 file changed, 12 insertions(+), 7 deletions(-)
> 
> diff --git a/crypto/mcryptd.c b/crypto/mcryptd.c
> index 94ee44a..c207458 100644
> --- a/crypto/mcryptd.c
> +++ b/crypto/mcryptd.c
> @@ -254,18 +254,22 @@ static void *mcryptd_alloc_instance(struct crypto_alg *alg, unsigned int head,
>  	goto out;
>  }
>  
> -static inline void mcryptd_check_internal(struct rtattr **tb, u32 *type,
> +static inline bool mcryptd_check_internal(struct rtattr **tb, u32 *type,
>  					  u32 *mask)
>  {
>  	struct crypto_attr_type *algt;
>  
>  	algt = crypto_get_attr_type(tb);
>  	if (IS_ERR(algt))
> -		return;
> -	if ((algt->type & CRYPTO_ALG_INTERNAL))
> -		*type |= CRYPTO_ALG_INTERNAL;
> -	if ((algt->mask & CRYPTO_ALG_INTERNAL))
> -		*mask |= CRYPTO_ALG_INTERNAL;
> +		return false;
> +
> +	*type |= algt->type & CRYPTO_ALG_INTERNAL;
> +	*mask |= algt->mask & CRYPTO_ALG_INTERNAL;
> +
> +	if (*type & *mask & CRYPTO_ALG_INTERNAL)
> +		return true;
> +	else
> +		return false;
>  }
>  
>  static int mcryptd_hash_init_tfm(struct crypto_tfm *tfm)
> @@ -492,7 +496,8 @@ static int mcryptd_create_hash(struct crypto_template *tmpl, struct rtattr **tb,
>  	u32 mask = 0;
>  	int err;
>  
> -	mcryptd_check_internal(tb, &type, &mask);
> +	if (!mcryptd_check_internal(tb, &type, &mask))
> +		return -EINVAL;
>  
>  	halg = ahash_attr_alg(tb[1], type, mask);
>  	if (IS_ERR(halg))
> -- 
> 2.5.5
> 
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux