android_kernel_oneplus_msm8998/arch
megha.dey@linux.intel.com 4362533a04 crypto: x86/sha1 - Fix reads beyond the number of blocks passed
commit 8861249c740fc4af9ddc5aee321eafefb960d7c6 upstream.

It was reported that the sha1 AVX2 function(sha1_transform_avx2) is
reading ahead beyond its intended data, and causing a crash if the next
block is beyond page boundary:
http://marc.info/?l=linux-crypto-vger&m=149373371023377

This patch makes sure that there is no overflow for any buffer length.

It passes the tests written by Jan Stancek that revealed this problem:
https://github.com/jstancek/sha1-avx2-crash

I have re-enabled sha1-avx2 by reverting commit
b82ce24426a4071da9529d726057e4e642948667

Fixes: b82ce24426a4 ("crypto: sha1-ssse3 - Disable avx2")
Originally-by: Ilya Albrekht <ilya.albrekht@intel.com>
Tested-by: Jan Stancek <jstancek@redhat.com>
Signed-off-by: Megha Dey <megha.dey@linux.intel.com>
Reported-by: Jan Stancek <jstancek@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-08-24 17:02:35 -07:00
..
alpha osf_wait4(): fix infoleak 2017-05-25 14:30:17 +02:00
arc mm: larger stack guard gap, between vmas 2017-06-26 07:13:11 +02:00
arm KVM: arm/arm64: Handle hva aging while destroying the vm 2017-08-12 19:29:09 -07:00
arm64 arm64: mm: fix show_pte KERN_CONT fallout 2017-08-06 19:19:46 -07:00
avr32 avr32: off by one in at32_init_pio() 2016-10-07 15:23:45 +02:00
blackfin net: smc91x: fix SMC accesses 2016-09-30 10:18:37 +02:00
c6x c6x/ptrace: Remove useless PTRACE_SETREGSET implementation 2017-03-31 09:49:53 +02:00
cris cris: Only build flash rescue image if CONFIG_ETRAX_AXISFLASHMAP is selected 2017-01-12 11:22:48 +01:00
frv mm: larger stack guard gap, between vmas 2017-06-26 07:13:11 +02:00
h8300 h8300/ptrace: Fix incorrect register transfer count 2017-03-31 09:49:53 +02:00
hexagon hexagon: fix strncpy_from_user() error return 2016-09-24 10:07:44 +02:00
ia64 ia64: copy_from_user() should zero the destination on access_ok() failure 2016-09-24 10:07:46 +02:00
m32r m32r: fix __get_user() 2016-09-24 10:07:43 +02:00
m68k m68k: Fix ndelay() macro 2016-12-15 08:49:23 -08:00
metag metag/uaccess: Check access_ok in strncpy_from_user 2017-05-25 14:30:16 +02:00
microblaze microblaze: fix copy_from_user() 2016-09-24 10:07:43 +02:00
mips MIPS: Fix a typo: s/preset/present/ in r2-to-r6 emulation error message 2017-07-27 15:06:08 -07:00
mn10300 mn10300: copy_from_user() should zero on access_ok() failure... 2016-09-24 10:07:45 +02:00
nios2 nios2: reserve boot memory for device tree 2017-04-12 12:38:34 +02:00
openrisc openrisc: Add _text symbol to fix ksym build error 2017-08-06 19:19:45 -07:00
parisc parisc/mm: Ensure IRQs are off in switch_mm() 2017-07-21 07:44:56 +02:00
powerpc Revert "powerpc/numa: Fix percpu allocations to be NUMA aware" 2017-08-06 19:19:40 -07:00
s390 bpf, s390: fix jit branch offset related to ldimm64 2017-08-12 19:29:08 -07:00
score score: fix copy_from_user() and friends 2016-09-24 10:07:44 +02:00
sh mm: larger stack guard gap, between vmas 2017-06-26 07:13:11 +02:00
sparc sparc64: Prevent perf from running during super critical sections 2017-08-12 19:29:09 -07:00
tile mm: larger stack guard gap, between vmas 2017-06-26 07:13:11 +02:00
um um: Don't discard .text.exit section 2016-09-07 08:32:38 +02:00
unicore32 pwm: Changes for v4.4-rc1 2015-11-11 09:16:10 -08:00
x86 crypto: x86/sha1 - Fix reads beyond the number of blocks passed 2017-08-24 17:02:35 -07:00
xtensa mm: larger stack guard gap, between vmas 2017-06-26 07:13:11 +02:00
.gitignore
Kconfig kexec: split kexec_load syscall from kexec core code 2015-09-10 13:29:01 -07:00