| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150319072952.GA3106@gondor.apana.org.au> Date: Thu, 19 Mar 2015 18:29:52 +1100 From: Herbert Xu <herbert@...dor.apana.org.au> To: Stephan Mueller <smueller@...onox.de> Cc: linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 01/16] crypto: prevent helper ciphers from being used On Thu, Mar 19, 2015 at 08:23:58AM +0100, Stephan Mueller wrote: > > How can you distinguish between calls coming from crypto_*_spawn (which > we need to allow) and calls that come from the normal API calls (which > we should block? crypto_*_spawn should not be the place where you make the call on whether internals are allowed. You should put that information into places such as ablk_init_common or wherever these internals are allocated. So in ablk_init_common you would do cryptd_tfm = cryptd_alloc_ablkcipher(drv_name, CRYPTO_ALG_INTERNAL, CRYPTO_ALG_INTERNAL); IOW internals are disallowed if you don't specify it in the mask, but you can get them if you do specify it in the mask (and the corresponding bit in the type). Cheers, -- Email: Herbert Xu <herbert@...dor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists