| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <lsq.1454975631.847878149@decadent.org.uk>
Date: Mon, 08 Feb 2016 23:53:51 +0000
From: Ben Hutchings <ben@...adent.org.uk>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
CC: akpm@...ux-foundation.org,
"Herbert Xu" <herbert@...dor.apana.org.au>
Subject: [PATCH 3.2 70/87] crypto: af_alg - Add nokey compatibility path
3.2.77-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: Herbert Xu <herbert@...dor.apana.org.au>
commit 37766586c965d63758ad542325a96d5384f4a8c9 upstream.
This patch adds a compatibility path to support old applications
that do acept(2) before setkey.
Signed-off-by: Herbert Xu <herbert@...dor.apana.org.au>
[bwh: Backported to 3.2: adjust context]
Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
---
crypto/af_alg.c | 13 ++++++++++++-
include/crypto/if_alg.h | 2 ++
2 files changed, 14 insertions(+), 1 deletion(-)
--- a/crypto/af_alg.c
+++ b/crypto/af_alg.c
@@ -76,6 +76,8 @@ int af_alg_register_type(const struct af
goto unlock;
type->ops->owner = THIS_MODULE;
+ if (type->ops_nokey)
+ type->ops_nokey->owner = THIS_MODULE;
node->type = type;
list_add(&node->list, &alg_types);
err = 0;
@@ -257,6 +259,7 @@ int af_alg_accept(struct sock *sk, struc
const struct af_alg_type *type;
struct sock *sk2;
int err;
+ bool nokey;
lock_sock(sk);
type = ask->type;
@@ -275,12 +278,17 @@ int af_alg_accept(struct sock *sk, struc
security_sk_clone(sk, sk2);
err = type->accept(ask->private, sk2);
+
+ nokey = err == -ENOKEY;
+ if (nokey && type->accept_nokey)
+ err = type->accept_nokey(ask->private, sk2);
+
if (err)
goto unlock;
sk2->sk_family = PF_ALG;
- if (!ask->refcnt++)
+ if (nokey || !ask->refcnt++)
sock_hold(sk);
alg_sk(sk2)->parent = sk;
alg_sk(sk2)->type = type;
@@ -288,6 +296,9 @@ int af_alg_accept(struct sock *sk, struc
newsock->ops = type->ops;
newsock->state = SS_CONNECTED;
+ if (nokey)
+ newsock->ops = type->ops_nokey;
+
err = 0;
unlock:
--- a/include/crypto/if_alg.h
+++ b/include/crypto/if_alg.h
@@ -51,8 +51,10 @@ struct af_alg_type {
void (*release)(void *private);
int (*setkey)(void *private, const u8 *key, unsigned int keylen);
int (*accept)(void *private, struct sock *sk);
+ int (*accept_nokey)(void *private, struct sock *sk);
struct proto_ops *ops;
+ struct proto_ops *ops_nokey;
struct module *owner;
char name[14];
};
Powered by blists - more mailing lists