| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20211003181413.12465-4-nstange@suse.de>
Date: Sun, 3 Oct 2021 20:14:08 +0200
From: Nicolai Stange <nstange@...e.de>
To: Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>
Cc: linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
Stephan Müller <smueller@...onox.de>,
Torsten Duwe <duwe@...e.de>, Nicolai Stange <nstange@...e.de>
Subject: [PATCH 3/8] crypto: api - only support lookups for specific CRYPTO_ALG_TESTED status
Commit ff753308d2f7 ("crypto: api - crypto_alg_mod_lookup either tested
or untested") introduced support to crypto_alg_lookup() for
ignoring the CRYPTO_ALG_TESTED status in the search. According to the
patch description, this had been needed at the time for "constructing
givcipher and aead". Callers of crypto_alg_lookup() would enable this
behaviour by the special combination of setting CRYPTO_ALG_TESTED in
type only, but not in mask.
However, the last user invoking this functionality has been gone with
commit 3a01d0ee2b99 ("crypto: skcipher - Remove top-level givcipher
interface"). With the previous two patches making the userspace facing APIs
to validate the mask and type values passed in, the combination of
(type & CRYPTO_ALG_TESTED), but !(mask & CRYPTO_ALG_TESTED) is not
possible in crypto_alg_lookup() anymore.
In preparation for subsequent patches, make this explicit by effectively
applying what is a revert of commit ff753308d2f7 ("crypto: api -
crypto_alg_mod_lookup either tested or untested") and adding a
corresponding WARN_ON_ONCE() to crypto_alg_mod_lookup().
There is no change in behaviour.
Note that it is now guaranteed that the first __crypto_alg_lookup()
invocation from crypto_alg_mod_lookup() will always have CRYPTO_ALG_TESTED
in the mask passed in, which will be needed for a subsequent patch
enforcing the same for lookup larvals.
Signed-off-by: Nicolai Stange <nstange@...e.de>
---
crypto/api.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/crypto/api.c b/crypto/api.c
index ee5991fe11f8..5cced204b6b4 100644
--- a/crypto/api.c
+++ b/crypto/api.c
@@ -239,8 +239,10 @@ static struct crypto_alg *crypto_alg_lookup(const char *name, u32 type,
struct crypto_alg *alg;
u32 test = 0;
- if (!((type | mask) & CRYPTO_ALG_TESTED))
+ if (!(mask & CRYPTO_ALG_TESTED)) {
+ WARN_ON_ONCE(type & CRYPTO_ALG_TESTED);
test |= CRYPTO_ALG_TESTED;
+ }
down_read(&crypto_alg_sem);
alg = __crypto_alg_lookup(name, type | test, mask | test);
--
2.26.2
Powered by blists - more mailing lists