evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/crypto
History
Eric Biggers 6001a6cf74 crypto: ghash - fix unaligned memory access in ghash_setkey() 
commit 5c6bc4dfa515738149998bb0db2481a4fdead979 upstream.

Changing ghash_mod_init() to be subsys_initcall made it start running
before the alignment fault handler has been installed on ARM.  In kernel
builds where the keys in the ghash test vectors happened to be
misaligned in the kernel image, this exposed the longstanding bug that
ghash_setkey() is incorrectly casting the key buffer (which can have any
alignment) to be128 for passing to gf128mul_init_4k_lle().

Fix this by memcpy()ing the key to a temporary buffer.

Don't fix it by setting an alignmask on the algorithm instead because
that would unnecessarily force alignment of the data too.

Fixes: 2cdc6899a8 ("crypto: ghash - Add GHASH digest algorithm for GCM")
Reported-by: Peter Robinson <pbrobinson@gmail.com>
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Tested-by: Peter Robinson <pbrobinson@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-08-04 09:34:49 +02:00
..
asymmetric_keys X.509: reject invalid BIT STRING for subjectPublicKey 2017-12-16 10:33:48 +01:00
async_tx async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome() 2018-04-13 19:50:06 +02:00
.gitignore
842.c
ablk_helper.c
ablkcipher.c crypto: skcipher - Fix -Wstringop-truncation warnings 2018-10-10 08:52:03 +02:00
aead.c
aes_generic.c
af_alg.c crypto: af_alg - fix possible uninit-value in alg_bind() 2018-05-16 10:06:49 +02:00
ahash.c crypto: ahash - fix another early termination in hash walk 2019-03-23 08:44:32 +01:00
akcipher.c
algapi.c crypto: algapi - fix NULL dereference in crypto_remove_spawns() 2018-01-17 09:35:30 +01:00
algboss.c
algif_aead.c crypto: algif_aead - Require setkey before accept(2) 2017-05-20 14:27:00 +02:00
algif_hash.c crypto: algif_hash - avoid zero-sized array 2017-03-30 09:35:20 +02:00
algif_rng.c
algif_skcipher.c crypto: AF_ALG - remove SGL terminator indicator when chaining 2017-09-27 11:00:14 +02:00
ansi_cprng.c
anubis.c
api.c
arc4.c
authenc.c crypto: authenc - fix parsing key with misaligned rta_len 2019-01-26 09:42:50 +01:00
authencesn.c crypto: authencesn - Avoid twice completion call in decrypt path 2019-01-26 09:42:49 +01:00
blkcipher.c crypto: skcipher - Fix -Wstringop-truncation warnings 2018-10-10 08:52:03 +02:00
blowfish_common.c
blowfish_generic.c
camellia_generic.c
cast5_generic.c
cast6_generic.c
cast_common.c
cbc.c
ccm.c
chacha20_generic.c
chacha20poly1305.c crypto: chacha20poly1305 - set cra_name correctly 2019-06-11 12:23:40 +02:00
chainiv.c
cipher.c
cmac.c
compress.c
crc32.c
crc32c_generic.c crypto: crc32c - Fix crc32c soft dependency 2016-02-17 12:31:04 -08:00
crct10dif_common.c
crct10dif_generic.c crypto: crct10dif-generic - fix use via crypto_shash_digest() 2019-06-11 12:23:35 +02:00
cryptd.c crypto: cryptd - pass through absence of ->setkey() 2018-02-16 20:09:43 +01:00
crypto_null.c
crypto_user.c crypto: user - prevent operating on larval algorithms 2019-07-10 09:56:42 +02:00
crypto_wq.c
ctr.c
cts.c crypto: cts - fix crash on short inputs 2019-01-16 22:16:12 +01:00
deflate.c
des_generic.c
drbg.c
ecb.c
echainiv.c crypto: echainiv - Replace chaining with multiplication 2016-09-30 10:18:34 +02:00
eseqiv.c
fcrypt.c
fips.c
gcm.c crypto: gcm - fix incompatibility between "gcm" and "gcm_base" 2019-06-11 12:23:40 +02:00
gf128mul.c
ghash-generic.c crypto: ghash - fix unaligned memory access in ghash_setkey() 2019-08-04 09:34:49 +02:00
hash_info.c
hmac.c crypto: hmac - require that the underlying hash algorithm is unkeyed 2017-12-20 10:04:51 +01:00
internal.h
jitterentropy-kcapi.c
jitterentropy.c
Kconfig Revert "crypto: xts - Add ECB dependency" 2017-11-21 09:21:22 +01:00
keywrap.c crypto: keywrap - memzero the correct memory 2016-04-12 09:08:45 -07:00
khazad.c
lrw.c crypto: lrw - Fix out-of bounds access on counter overflow 2018-11-21 09:27:34 +01:00
lz4.c
lz4hc.c
lzo.c
Makefile crypto: improve gcc optimization flags for serpent and wp512 2017-03-18 19:09:56 +08:00
mcryptd.c crypto: mcryptd - protect the per-CPU queue with a lock 2018-01-02 20:33:19 +01:00
md4.c
md5.c
memneq.c
michael_mic.c
pcbc.c crypto: pcbc - remove bogus memcpy()s with src == dest 2019-03-23 08:44:36 +01:00
pcompress.c
pcrypt.c crypto: pcrypt - fix freeing pcrypt instances 2018-01-10 09:27:09 +01:00
poly1305_generic.c crypto: poly1305 - remove ->setkey() method 2018-02-16 20:09:43 +01:00
proc.c
ripemd.h
rmd128.c
rmd160.c
rmd256.c
rmd320.c
rng.c
rsa.c
rsa_helper.c
rsaprivkey.asn1
rsapubkey.asn1
salsa20_generic.c crypto: salsa20 - don't access already-freed walk.iv 2019-06-11 12:23:40 +02:00
scatterwalk.c crypto: scatterwalk - Fix test in scatterwalk_done 2016-08-16 09:30:50 +02:00
seed.c
seqiv.c
serpent_generic.c
sha1_generic.c
sha256_generic.c
sha512_generic.c
shash.c crypto: shash - Fix a sleep-in-atomic bug in shash_setkey_unaligned 2018-11-10 07:41:42 -08:00
skcipher.c crypto: skcipher - Add crypto_skcipher_has_setkey 2016-02-17 12:31:03 -08:00
tcrypt.c crypto: tcrypt - fix S/G table for test_aead_speed() 2018-02-16 20:09:38 +01:00
tcrypt.h
tea.c
testmgr.c crypto: testmgr - fix out of bound read in __test_aead() 2017-05-02 21:19:48 -07:00
testmgr.h crypto: x86/poly1305 - fix overflow during partial reduction 2019-04-27 09:34:01 +02:00
tgr192.c
twofish_common.c
twofish_generic.c
vmac.c crypto: vmac - separate tfm and request context 2018-08-17 20:56:45 +02:00
wp512.c
xcbc.c
xor.c
xts.c
zlib.c