| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 25 Jul 2019 16:58:12 +0300
From: Iuliana Prodan <iuliana.prodan@....com>
To: Herbert Xu <herbert@...dor.apana.org.au>,
Horia Geanta <horia.geanta@....com>,
Aymen Sghaier <aymen.sghaier@....com>
Cc: "David S. Miller" <davem@...emloft.net>,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-imx <linux-imx@....com>
Subject: [PATCH v3 00/14] crypto: caam - fixes for kernel v5.3
The series solves:
- the failures found with fuzz testing;
- resources clean-up on caampkc/caamrng exit path.
The first 10 patches solve the issues found with
CONFIG_CRYPTO_MANAGER_EXTRA_TESTS enabled.
They modify the drivers to provide a valid error (and not the hardware
error ID) to the user, via completion callbacks.
They check key length, assoclen, authsize and input size to solve the
fuzz tests that expect -EINVAL to be returned when these values are
not valid.
The next 4 patches check the algorithm registration for caampkc
module and unregister it only if the registration was successful.
Also, on caampkc/caamrng, the exit point function is executed only if the
registration was successful to avoid double freeing of resources in case
the initialization function failed.
This patch depends on series:
https://patchwork.kernel.org/project/linux-crypto/list/?series=150651
Changes since v2:
- use helper functions from crypto API, to validate the inputs;
- update rfc4106 shared descriptor with the erratum workaround;
- fix MDHA key derivation for CAAM with era < 6;
- remove check for keylen < 4, since is included in check_aes_keylen.
Horia Geantă (5):
crypto: caam/qi - fix error handling in ERN handler
crypto: caam - fix return code in completion callbacks
crypto: caam - update IV only when crypto operation succeeds
crypto: caam - keep both virtual and dma key addresses
crypto: caam - fix MDHA key derivation for certain user key lengths
Iuliana Prodan (9):
crypto: caam - check key length
crypto: caam - check authsize
crypto: caam - check assoclen
crypto: caam - check zero-length input
crypto: caam - update rfc4106 sh desc to support zero length input
crypto: caam - free resources in case caam_rng registration failed
crypto: caam - execute module exit point only if necessary
crypto: caam - unregister algorithm only if the registration succeeded
crypto: caam - change return value in case CAAM has no MDHA
drivers/crypto/caam/Kconfig | 2 +
drivers/crypto/caam/caamalg.c | 227 +++++++++++++++----------
drivers/crypto/caam/caamalg_desc.c | 45 +++--
drivers/crypto/caam/caamalg_desc.h | 2 +-
drivers/crypto/caam/caamalg_qi.c | 223 +++++++++++++++----------
drivers/crypto/caam/caamalg_qi2.c | 320 +++++++++++++++++++++++-------------
drivers/crypto/caam/caamhash.c | 114 ++++++++-----
drivers/crypto/caam/caamhash_desc.c | 5 +-
drivers/crypto/caam/caamhash_desc.h | 2 +-
drivers/crypto/caam/caampkc.c | 80 ++++++---
drivers/crypto/caam/caamrng.c | 17 +-
drivers/crypto/caam/desc_constr.h | 34 ++--
drivers/crypto/caam/error.c | 61 ++++---
drivers/crypto/caam/error.h | 2 +-
drivers/crypto/caam/key_gen.c | 14 +-
drivers/crypto/caam/qi.c | 10 +-
drivers/crypto/caam/regs.h | 1 +
17 files changed, 745 insertions(+), 414 deletions(-)
--
2.1.0
Powered by blists - more mailing lists