| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1727999.1685976466@warthog.procyon.org.uk>
Date: Mon, 05 Jun 2023 15:47:46 +0100
From: David Howells <dhowells@...hat.com>
To: Roberto Sassu <roberto.sassu@...weicloud.com>
Cc: dhowells@...hat.com,
Linus Torvalds <torvalds@...ux-foundation.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Eric Biggers <ebiggers@...nel.org>,
Stefan Berger <stefanb@...ux.ibm.com>,
herbert@...dor.apana.org.au, davem@...emloft.net,
zohar@...ux.ibm.com, dmitry.kasatkin@...il.com,
paul@...l-moore.com, jmorris@...ei.org, serge@...lyn.com,
Jarkko Sakkinen <jarkko@...nel.org>,
linux-integrity@...r.kernel.org,
linux-security-module@...r.kernel.org, keyrings@...r.kernel.org,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
stable@...r.kernel.org
Subject: Re: [GIT PULL] Asymmetric keys fix for v6.4-rc5
Roberto Sassu <roberto.sassu@...weicloud.com> wrote:
> Here is a small fix to make an unconditional copy of the buffer passed
> to crypto operations, to take into account the case of the stack not in
> the linear mapping area.
I wonder if evm_verify_hmac() and other such callers of the signature
verification service should be placing the data and crypto material in slab
memory rather than it being on the stack. But, for the moment:
Acked-by: David Howells <dhowells@...hat.com>
Powered by blists - more mailing lists