lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LRH.2.21.1709290822590.15742@namei.org>
Date:   Fri, 29 Sep 2017 08:33:13 +1000 (AEST)
From:   James Morris <jmorris@...ei.org>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
cc:     David Howells <dhowells@...hat.com>,
        Eric Biggers <ebiggers@...gle.com>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        linux-security-module@...r.kernel.org,
        linux-kernel@...r.kernel.org,
        Herbert Xu <herbert@...dor.apana.org.au>
Subject: [GIT PULL] security: keys fixes for v4.14-rc3

Hi Linus,

Please pull these fixes for the keys subsystem.

Notable here is a rewrite of big_key crypto by Jason Donenfeld to address 
some issues in the original code.

>From Jason's commit log:

"This started out as just replacing the use of crypto/rng with 
get_random_bytes_wait, so that we wouldn't use bad randomness at boot 
time. But, upon looking further, it appears that there were even deeper 
underlying cryptographic problems, and that this seems to have been 
committed with very little crypto review. So, I rewrote the whole thing, 
trying to keep to the conventions introduced by the previous author, to 
fix these cryptographic flaws."

There has been positive review of the new code by Eric Biggers and Herbert 
Xu, and it passes basic testing via the keyutils test suite.  Eric also 
manually tested it.

Generally speaking, we likely need to improve the amount of crypto review 
for kernel crypto users including keys (I'll post a note separately to 
ksummit-discuss).


---

The following changes since commit 9cd6681cb1169e815c41af0265165dd1b872f228:
  Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs (2017-09-27 12:22:12 -0700)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git fixes-v4.14-rc3

Eric Biggers (10):
      KEYS: fix cred refcount leak in request_key_auth_new()
      KEYS: don't revoke uninstantiated key in request_key_auth_new()
      KEYS: fix key refcount leak in keyctl_assume_authority()
      KEYS: fix key refcount leak in keyctl_read_key()
      KEYS: fix writing past end of user-supplied buffer in keyring_read()
      KEYS: prevent creating a different user's keyrings
      KEYS: prevent KEYCTL_READ on negative key
      KEYS: reset parent each time before searching key_user_tree
      KEYS: restrict /proc/keys by credentials at open time
      KEYS: use kmemdup() in request_key_auth_new()

James Morris (1):
      Merge commit 'keys-fixes-20170927' into fixes-v4.14-rc3

Jason A. Donenfeld (2):
      security/keys: properly zero out sensitive key material in big_key
      security/keys: rewrite all of big_key crypto

 include/linux/key.h              |    2 +
 security/keys/Kconfig            |    4 +-
 security/keys/big_key.c          |  139 ++++++++++++++++++--------------------
 security/keys/internal.h         |    2 +-
 security/keys/key.c              |    6 +-
 security/keys/keyctl.c           |   13 ++--
 security/keys/keyring.c          |   37 +++++-----
 security/keys/proc.c             |    8 +--
 security/keys/process_keys.c     |    6 +-
 security/keys/request_key_auth.c |   74 +++++++++-----------
 10 files changed, 139 insertions(+), 152 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ