lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Fri, 24 Nov 2017 08:56:28 +0100
From:   Johannes Berg <>
To:     Florian Fainelli <>,
        Arend van Spriel <>,
        open list <>,
        netdev <>
Cc:     "David S. Miller" <>,
        Herbert Xu <>,
        David Howells <>,
Subject: Re: kernel BUG at crypto/asymmetric_keys/public_key.c:80

On Thu, 2017-11-23 at 09:47 -0800, Florian Fainelli wrote:

> Absolutely, please find it enclosed.


This is a bit odd. I didn't think the most likely reason is that you


but everything else built-in. Thus, when loading the certificate,
there's no way to calculate the digest since that requires sha-256,


If you make CONFIG_CRYPTO_SHA256=y then it should go away.

I guess I'll do this:

diff --git a/net/wireless/Kconfig b/net/wireless/Kconfig
index da91bb547db3..1abcc4fc4df1 100644
--- a/net/wireless/Kconfig
+++ b/net/wireless/Kconfig
@@ -20,6 +20,10 @@ config CFG80211
 	tristate "cfg80211 - wireless configuration API"
 	depends on RFKILL || !RFKILL
 	select FW_LOADER
+	# may need to update this when certificates are changed and are
+	# using a different algorithm, though right now they shouldn't
+	# (this is here rather than below to allow it to be a module)
 	  cfg80211 is the Linux wireless LAN (802.11) configuration API.
 	  Enable this if you have a wireless device.
@@ -113,6 +117,9 @@ config CFG80211_EXTRA_REGDB_KEYDIR
 	  certificates like in the kernel sources (net/wireless/certs/)
 	  that shall be accepted for a signed regulatory database.
+	  Note that you need to also select the correct CRYPTO_<hash> modules
+	  for your certificates, and if cfg80211 is built-in they also must be.
 	bool "cfg80211 regulatory support for cellular base station hints"
 	depends on CFG80211_CERTIFICATION_ONUS

Can you try if that fixes your config for you?


Powered by blists - more mailing lists