lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CA+rthh_nFgranq50214W=yyCAtr1NQHQ1aaqg+Ux19eG5ub9WQ@mail.gmail.com>
Date:	Mon, 24 Nov 2014 23:57:34 +0100
From:	Mathias Krause <minipli@...glemail.com>
To:	Kees Cook <keescook@...omium.org>
Cc:	Herbert Xu <herbert@...dor.apana.org.au>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>
Subject: Re: [PATCH v2] crypto: include crypto- module prefix in template

On 24 November 2014 at 23:24, Kees Cook <keescook@...omium.org> wrote:
> This adds the module loading prefix "crypto-" to the template lookup
> as well.
>
> For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly
> includes the "crypto-" prefix at every level, correctly rejecting "vfat":
>
>         net-pf-38
>         algif-hash
>         crypto-vfat(blowfish)
>         crypto-vfat(blowfish)-all
>         crypto-vfat
>
> Reported-by: Mathias Krause <minipli@...glemail.com>
> Signed-off-by: Kees Cook <keescook@...omium.org>
> ---
>  crypto/algapi.c     | 4 ++--
>  crypto/authenc.c    | 1 +
>  crypto/authencesn.c | 1 +
>  crypto/cbc.c        | 1 +
>  crypto/chainiv.c    | 1 +
>  crypto/cmac.c       | 1 +
>  crypto/cts.c        | 1 +
>  crypto/ecb.c        | 1 +
>  crypto/eseqiv.c     | 1 +
>  crypto/hmac.c       | 1 +
>  crypto/lrw.c        | 1 +
>  crypto/pcbc.c       | 1 +
>  crypto/seqiv.c      | 1 +
>  crypto/vmac.c       | 1 +
>  crypto/xcbc.c       | 1 +
>  crypto/xts.c        | 1 +
>  16 files changed, 17 insertions(+), 2 deletions(-)

The following ones are still missing:

  arch/x86/crypto/fpu.c: needs MODULE_ALIAS_CRYPTO("fpu")
  crypto/ccm.c: needs MODULE_ALIAS_CRYPTO("ccm")
  crypto/cryptd.c: needs MODULE_ALIAS_CRYPTO("cryptd")
  crypto/ctr.c: needs MODULE_ALIAS_CRYPTO("ctr")
  crypto/gcm.c: needs MODULE_ALIAS_CRYPTO("gcm")
  crypto/mcryptd.c: needs MODULE_ALIAS_CRYPTO("mcryptd")
  crypto/pcrypt.c: needs MODULE_ALIAS_CRYPTO("pcrypt")

With that fixed,

Acked-by: Mathias Krause <minipli@...glemail.com>

>
> diff --git a/crypto/algapi.c b/crypto/algapi.c
> index e8d3a7dca8c4..71a8143e23b1 100644
> --- a/crypto/algapi.c
> +++ b/crypto/algapi.c
> @@ -509,8 +509,8 @@ static struct crypto_template *__crypto_lookup_template(const char *name)
>
>  struct crypto_template *crypto_lookup_template(const char *name)
>  {
> -       return try_then_request_module(__crypto_lookup_template(name), "%s",
> -                                      name);
> +       return try_then_request_module(__crypto_lookup_template(name),
> +                                      "crypto-%s", name);
>  }
>  EXPORT_SYMBOL_GPL(crypto_lookup_template);
>
> diff --git a/crypto/authenc.c b/crypto/authenc.c
> index e1223559d5df..78fb16cab13f 100644
> --- a/crypto/authenc.c
> +++ b/crypto/authenc.c
> @@ -721,3 +721,4 @@ module_exit(crypto_authenc_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("Simple AEAD wrapper for IPsec");
> +MODULE_ALIAS_CRYPTO("authenc");
> diff --git a/crypto/authencesn.c b/crypto/authencesn.c
> index 4be0dd4373a9..024bff2344fc 100644
> --- a/crypto/authencesn.c
> +++ b/crypto/authencesn.c
> @@ -814,3 +814,4 @@ module_exit(crypto_authenc_esn_module_exit);
>  MODULE_LICENSE("GPL");
>  MODULE_AUTHOR("Steffen Klassert <steffen.klassert@...unet.com>");
>  MODULE_DESCRIPTION("AEAD wrapper for IPsec with extended sequence numbers");
> +MODULE_ALIAS_CRYPTO("authencesn");
> diff --git a/crypto/cbc.c b/crypto/cbc.c
> index 61ac42e1e32b..780ee27b2d43 100644
> --- a/crypto/cbc.c
> +++ b/crypto/cbc.c
> @@ -289,3 +289,4 @@ module_exit(crypto_cbc_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("CBC block cipher algorithm");
> +MODULE_ALIAS_CRYPTO("cbc");
> diff --git a/crypto/chainiv.c b/crypto/chainiv.c
> index 9c294c8f9a07..63c17d5992f7 100644
> --- a/crypto/chainiv.c
> +++ b/crypto/chainiv.c
> @@ -359,3 +359,4 @@ module_exit(chainiv_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("Chain IV Generator");
> +MODULE_ALIAS_CRYPTO("chainiv");
> diff --git a/crypto/cmac.c b/crypto/cmac.c
> index 50880cf17fad..7a8bfbd548f6 100644
> --- a/crypto/cmac.c
> +++ b/crypto/cmac.c
> @@ -313,3 +313,4 @@ module_exit(crypto_cmac_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("CMAC keyed hash algorithm");
> +MODULE_ALIAS_CRYPTO("cmac");
> diff --git a/crypto/cts.c b/crypto/cts.c
> index 133f0874c95e..bd9405820e8a 100644
> --- a/crypto/cts.c
> +++ b/crypto/cts.c
> @@ -351,3 +351,4 @@ module_exit(crypto_cts_module_exit);
>
>  MODULE_LICENSE("Dual BSD/GPL");
>  MODULE_DESCRIPTION("CTS-CBC CipherText Stealing for CBC");
> +MODULE_ALIAS_CRYPTO("cts");
> diff --git a/crypto/ecb.c b/crypto/ecb.c
> index 935cfef4aa84..12011aff0971 100644
> --- a/crypto/ecb.c
> +++ b/crypto/ecb.c
> @@ -185,3 +185,4 @@ module_exit(crypto_ecb_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("ECB block cipher algorithm");
> +MODULE_ALIAS_CRYPTO("ecb");
> diff --git a/crypto/eseqiv.c b/crypto/eseqiv.c
> index bf7ab4a89493..f116fae766f8 100644
> --- a/crypto/eseqiv.c
> +++ b/crypto/eseqiv.c
> @@ -267,3 +267,4 @@ module_exit(eseqiv_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("Encrypted Sequence Number IV Generator");
> +MODULE_ALIAS_CRYPTO("eseqiv");
> diff --git a/crypto/hmac.c b/crypto/hmac.c
> index e392219ddc61..72e38c098bb3 100644
> --- a/crypto/hmac.c
> +++ b/crypto/hmac.c
> @@ -268,3 +268,4 @@ module_exit(hmac_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("HMAC hash algorithm");
> +MODULE_ALIAS_CRYPTO("hmac");
> diff --git a/crypto/lrw.c b/crypto/lrw.c
> index ba42acc4deba..6f9908a7ebcb 100644
> --- a/crypto/lrw.c
> +++ b/crypto/lrw.c
> @@ -400,3 +400,4 @@ module_exit(crypto_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("LRW block cipher mode");
> +MODULE_ALIAS_CRYPTO("lrw");
> diff --git a/crypto/pcbc.c b/crypto/pcbc.c
> index d1b8bdfb5855..f654965f0933 100644
> --- a/crypto/pcbc.c
> +++ b/crypto/pcbc.c
> @@ -295,3 +295,4 @@ module_exit(crypto_pcbc_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("PCBC block cipher algorithm");
> +MODULE_ALIAS_CRYPTO("pcbc");
> diff --git a/crypto/seqiv.c b/crypto/seqiv.c
> index ee190fcedcd2..9daa854cc485 100644
> --- a/crypto/seqiv.c
> +++ b/crypto/seqiv.c
> @@ -362,3 +362,4 @@ module_exit(seqiv_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("Sequence Number IV Generator");
> +MODULE_ALIAS_CRYPTO("seqiv");
> diff --git a/crypto/vmac.c b/crypto/vmac.c
> index d84c24bd7ff7..df76a816cfb2 100644
> --- a/crypto/vmac.c
> +++ b/crypto/vmac.c
> @@ -713,3 +713,4 @@ module_exit(vmac_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("VMAC hash algorithm");
> +MODULE_ALIAS_CRYPTO("vmac");
> diff --git a/crypto/xcbc.c b/crypto/xcbc.c
> index a5fbdf3738cf..df90b332554c 100644
> --- a/crypto/xcbc.c
> +++ b/crypto/xcbc.c
> @@ -286,3 +286,4 @@ module_exit(crypto_xcbc_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("XCBC keyed hash algorithm");
> +MODULE_ALIAS_CRYPTO("xcbc");
> diff --git a/crypto/xts.c b/crypto/xts.c
> index ca1608f44cb5..f6fd43f100c8 100644
> --- a/crypto/xts.c
> +++ b/crypto/xts.c
> @@ -362,3 +362,4 @@ module_exit(crypto_module_exit);
>
>  MODULE_LICENSE("GPL");
>  MODULE_DESCRIPTION("XTS block cipher mode");
> +MODULE_ALIAS_CRYPTO("xts");
> --

Thanks,
Mathias
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ