| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 25 Jun 2020 12:16:05 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: ardb@...nel.org
Cc: netdev@...r.kernel.org, linux-crypto@...r.kernel.org,
antoine.tenart@...tlin.com, andrew@...n.ch, f.fainelli@...il.com,
hkallweit1@...il.com, kuba@...nel.org, stable@...r.kernel.org,
ebiggers@...gle.com
Subject: Re: [PATCH v2] net: phy: mscc: avoid skcipher API for single block
AES encryption
From: Ard Biesheuvel <ardb@...nel.org>
Date: Thu, 25 Jun 2020 09:18:16 +0200
> The skcipher API dynamically instantiates the transformation object
> on request that implements the requested algorithm optimally on the
> given platform. This notion of optimality only matters for cases like
> bulk network or disk encryption, where performance can be a bottleneck,
> or in cases where the algorithm itself is not known at compile time.
>
> In the mscc case, we are dealing with AES encryption of a single
> block, and so neither concern applies, and we are better off using
> the AES library interface, which is lightweight and safe for this
> kind of use.
>
> Note that the scatterlist API does not permit references to buffers
> that are located on the stack, so the existing code is incorrect in
> any case, but avoiding the skcipher and scatterlist APIs entirely is
> the most straight-forward approach to fixing this.
>
> Fixes: 28c5107aa904e ("net: phy: mscc: macsec support")
> Reviewed-by: Eric Biggers <ebiggers@...gle.com>
> Signed-off-by: Ard Biesheuvel <ardb@...nel.org>
Applied and queued up for -stable, thanks.
Please never CC: stable for networking changes, I handle the submissions
by hand.
Thank you.
Powered by blists - more mailing lists