| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180906225854.40989-1-keescook@chromium.org>
Date: Thu, 6 Sep 2018 15:58:50 -0700
From: Kees Cook <keescook@...omium.org>
To: Herbert Xu <herbert@...dor.apana.org.au>
Cc: Kees Cook <keescook@...omium.org>,
Eric Biggers <ebiggers@...gle.com>,
Ard Biesheuvel <ard.biesheuvel@...aro.org>,
Gilad Ben-Yossef <gilad@...yossef.com>,
Alexander Stein <alexander.stein@...tec-electronic.com>,
Antoine Tenart <antoine.tenart@...tlin.com>,
Boris Brezillon <boris.brezillon@...tlin.com>,
Arnaud Ebalard <arno@...isbad.org>,
Corentin Labbe <clabbe.montjoie@...il.com>,
Maxime Ripard <maxime.ripard@...tlin.com>,
Chen-Yu Tsai <wens@...e.org>,
Christian Lamparter <chunkeey@...il.com>,
Philippe Ombredanne <pombredanne@...b.com>,
Jonathan Cameron <Jonathan.Cameron@...wei.com>,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org
Subject: [PATCH v2 0/4] crypto: skcipher - Remove VLA usage
This removes VLAs[1] from SKCIPHER_REQUEST_ON_STACK by making sure that
on-stack requests are being used only on non-ASYNC algorithms and that
enough space has been reserved.
v2:
- Instead of globally failing large reqsizes, limit to only non-ASYNC users
of the on-stack request.
- Remove unused tfm argument after VLA removal.
-Kees
[1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com
Kees Cook (4):
crypto: skcipher - Consolidate encrypt/decrypt sanity check
crypto: skcipher - Enforce non-ASYNC for on-stack requests
crypto: skcipher - Remove VLA usage for SKCIPHER_REQUEST_ON_STACK
crypto: skcipher - Remove unused argument to SKCIPHER_REQUEST_ON_STACK()
arch/s390/crypto/aes_s390.c | 8 +-
arch/x86/crypto/fpu.c | 4 +-
crypto/algif_aead.c | 2 +-
crypto/authenc.c | 2 +-
crypto/authencesn.c | 2 +-
crypto/cryptd.c | 4 +-
crypto/echainiv.c | 2 +-
crypto/gcm.c | 2 +-
crypto/seqiv.c | 2 +-
drivers/block/cryptoloop.c | 2 +-
drivers/crypto/axis/artpec6_crypto.c | 2 +-
drivers/crypto/ccp/ccp-crypto-aes-xts.c | 2 +-
drivers/crypto/chelsio/chcr_algo.c | 2 +-
drivers/crypto/mxs-dcp.c | 2 +-
drivers/crypto/omap-aes.c | 2 +-
drivers/crypto/picoxcell_crypto.c | 2 +-
drivers/crypto/qce/ablkcipher.c | 2 +-
drivers/crypto/sahara.c | 8 +-
drivers/crypto/vmx/aes_cbc.c | 4 +-
drivers/crypto/vmx/aes_ctr.c | 2 +-
drivers/crypto/vmx/aes_xts.c | 2 +-
drivers/net/ppp/ppp_mppe.c | 6 +-
drivers/staging/rtl8192e/rtllib_crypt_tkip.c | 4 +-
drivers/staging/rtl8192e/rtllib_crypt_wep.c | 4 +-
.../rtl8192u/ieee80211/ieee80211_crypt_tkip.c | 4 +-
.../rtl8192u/ieee80211/ieee80211_crypt_wep.c | 4 +-
drivers/usb/wusbcore/crypto.c | 2 +-
include/crypto/skcipher.h | 74 ++++++++++++++-----
net/ceph/crypto.c | 2 +-
net/mac802154/llsec.c | 4 +-
net/rxrpc/rxkad.c | 10 +--
net/sunrpc/auth_gss/gss_krb5_crypto.c | 14 ++--
net/wireless/lib80211_crypt_tkip.c | 4 +-
net/wireless/lib80211_crypt_wep.c | 4 +-
34 files changed, 116 insertions(+), 80 deletions(-)
--
2.17.1
Powered by blists - more mailing lists