Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-09 15:29:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux-next/crypto
History
Eric Biggers 4b34968e77 X.509: fix NULL dereference when restricting key with unsupported_sig 
The asymmetric key type allows an X.509 certificate to be added even if
its signature's hash algorithm is not available in the crypto API.  In
that case 'payload.data[asym_auth]' will be NULL.  But the key
restriction code failed to check for this case before trying to use the
signature, resulting in a NULL pointer dereference in
key_or_keyring_common() or in restrict_link_by_signature().

Fix this by returning -ENOPKG when the signature is unsupported.

Reproducer when all the CONFIG_CRYPTO_SHA512* options are disabled and
keyctl has support for the 'restrict_keyring' command:

    keyctl new_session
    keyctl restrict_keyring @s asymmetric builtin_trusted
    openssl req -new -sha512 -x509 -batch -nodes -outform der \
        | keyctl padd asymmetric desc @s

Fixes: a511e1af8b12 ("KEYS: Move the point of trust determination to __key_link()")
Cc: <stable@vger.kernel.org> # v4.7+
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
2018-02-22 14:38:34 +00:00
..
asymmetric_keys
X.509: fix NULL dereference when restricting key with unsupported_sig
2018-02-22 14:38:34 +00:00
async_tx
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
.gitignore
crypto: rsa - add .gitignore for crypto/*.-asn1.[ch] files
2015-06-25 23:29:24 +08:00
842.c
crypto: acomp - add support for 842 via scomp
2016-10-25 11:08:33 +08:00
ablk_helper.c
crypto: remove unused hardirq.h
2017-11-29 17:33:29 +11:00
ablkcipher.c
crypto: Replaced gcc specific attributes with macros from compiler.h
2017-01-13 00:24:39 +08:00
acompress.c
crypto: acomp - allow registration of multiple acomps
2017-04-21 20:30:50 +08:00
aead.c
crypto: aead - prevent using AEADs without setting key
2018-01-12 23:03:39 +11:00
aes_generic.c
crypto: aes-generic - drop alignment requirement
2017-02-11 17:50:43 +08:00
aes_ti.c
crypto: aes_ti - fix comment for MixColumns step
2017-06-19 14:11:53 +08:00
af_alg.c
vfs: do bulk POLL* -> EPOLL* replacement
2018-02-11 14:34:03 -08:00
ahash.c
crypto: hash - prevent using keyed hashes without setting key
2018-01-12 23:03:37 +11:00
akcipher.c
crypto: Replaced gcc specific attributes with macros from compiler.h
2017-01-13 00:24:39 +08:00
algapi.c
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
2018-01-31 14:22:45 -08:00
algboss.c
crypto: algboss - remove redundant setting of len to zero
2017-10-07 12:10:34 +08:00
algif_aead.c
crypto: aead - prevent using AEADs without setting key
2018-01-12 23:03:39 +11:00
algif_hash.c
crypto: hash - prevent using keyed hashes without setting key
2018-01-12 23:03:37 +11:00
algif_rng.c
crypto: algif_rng - Remove obsolete const-removal cast
2015-04-22 09:30:21 +08:00
algif_skcipher.c
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
2018-01-31 14:22:45 -08:00
ansi_cprng.c
crypto: ansi_cprng - Convert to new rng interface
2015-04-22 09:30:18 +08:00
anubis.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
api.c
crypto: algapi - convert cra_refcnt to refcount_t
2018-01-05 18:43:09 +11:00
arc4.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
authenc.c
crypto: null - Get rid of crypto_{get,put}_default_null_skcipher2()
2017-12-22 19:29:08 +11:00
authencesn.c
crypto: null - Get rid of crypto_{get,put}_default_null_skcipher2()
2017-12-22 19:29:08 +11:00
blkcipher.c
crypto: remove unused hardirq.h
2017-11-29 17:33:29 +11:00
blowfish_common.c
crypto: blowfish - split generic and common c code
2011-09-22 21:25:25 +10:00
blowfish_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
camellia_generic.c
crypto: replace FSF address with web source in license notices
2017-11-29 17:33:25 +11:00
cast5_generic.c
crypto: replace FSF address with web source in license notices
2017-11-29 17:33:25 +11:00
cast6_generic.c
crypto: replace FSF address with web source in license notices
2017-11-29 17:33:25 +11:00
cast_common.c
crypto: make tables used from assembler __visible
2013-08-14 20:42:03 +10:00
cbc.c
crypto: cbc - Propagate NEED_FALLBACK bit
2017-03-09 18:34:39 +08:00
ccm.c
crypto: ccm - preserve the IV buffer
2017-11-03 21:35:35 +08:00
chacha20_generic.c
crypto: chacha20 - Fix keystream alignment for chacha20_block()
2017-11-29 17:33:33 +11:00
chacha20poly1305.c
crypto: chacha20poly1305 - validate the digest size
2017-12-22 19:02:33 +11:00
cipher.c
crypto: api - Remove no-op exit_ops code
2016-10-21 11:03:42 +08:00
cmac.c
crypto: algapi - make crypto_xor() and crypto_inc() alignment agnostic
2017-02-11 17:52:28 +08:00
compress.c
crypto: api - Remove no-op exit_ops code
2016-10-21 11:03:42 +08:00
crc32_generic.c
crypto: hash - annotate algorithms taking optional key
2018-01-12 23:03:35 +11:00
crc32c_generic.c
crypto: hash - annotate algorithms taking optional key
2018-01-12 23:03:35 +11:00
crct10dif_common.c
crypto: crct10dif - Add fallback for broken initrds
2013-09-12 15:31:34 +10:00
crct10dif_generic.c
crypto: squash lines for simple wrapper functions
2016-09-13 20:27:26 +08:00
cryptd.c
crypto: hash - annotate algorithms taking optional key
2018-01-12 23:03:35 +11:00
crypto_engine.c
crypto: engine - replace pr_xxx by dev_xxx
2017-06-19 14:19:54 +08:00
crypto_null.c
crypto: null - Remove default null blkcipher
2016-07-18 17:35:44 +08:00
crypto_user.c
crypto: algapi - convert cra_refcnt to refcount_t
2018-01-05 18:43:09 +11:00
crypto_wq.c
crypto: crypto_wq - Fix late crypto work queue initialization
2014-03-21 21:54:28 +08:00
ctr.c
crypto: algapi - make crypto_xor() take separate dst and src arguments
2017-08-04 09:27:15 +08:00
cts.c
crypto: remove redundant backlog checks on EBUSY
2017-11-03 22:11:17 +08:00
deflate.c
crypto: scomp - add support for deflate rfc1950 (zlib)
2017-04-24 18:11:08 +08:00
des_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
dh_helper.c
crypto: dh - Don't permit 'key' or 'g' size longer than 'p'
2017-11-10 19:20:17 +08:00
dh.c
crypto: dh - Remove pointless checks for NULL 'p' and 'g'
2017-11-10 19:20:22 +08:00
drbg.c
crypto: drbg - move to generic async completion
2017-11-03 22:11:19 +08:00
ecb.c
crypto: include crypto- module prefix in template
2014-11-26 20:06:30 +08:00
ecc_curve_defs.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
ecc.c
crypto: ecc - Fix NULL pointer deref. on no default_rng
2017-11-29 17:33:24 +11:00
ecc.h
crypto: ecdh - add privkey generation support
2017-06-10 12:04:35 +08:00
ecdh_helper.c
crypto: ecdh - return unsigned value for crypto_ecdh_key_len()
2017-10-12 22:55:00 +08:00
ecdh.c
crypto: ecdh - remove empty exit()
2017-11-06 14:45:04 +08:00
echainiv.c
crypto: echainiv - Remove unused alg/spawn variable
2017-12-22 19:52:45 +11:00
fcrypt.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
fips.c
crypto: fips - Move fips_enabled sysctl into fips.c
2015-04-23 14:18:09 +08:00
gcm.c
crypto: null - Get rid of crypto_{get,put}_default_null_skcipher2()
2017-12-22 19:29:08 +11:00
gf128mul.c
crypto: gf128mul - remove incorrect comment
2017-12-22 19:52:40 +11:00
ghash-generic.c
crypto: ghash - remove checks for key being set
2018-01-12 23:03:38 +11:00
hash_info.c
keys, trusted: select hash algorithm for TPM2 chips
2015-12-20 15:27:12 +02:00
hmac.c
crypto: hmac - require that the underlying hash algorithm is unkeyed
2017-11-29 13:39:15 +11:00
internal.h
crypto: algapi - remove unused notifications
2018-01-05 18:43:10 +11:00
jitterentropy-kcapi.c
crypto: jitterentropy - drop duplicate header module.h
2016-11-17 23:34:52 +08:00
jitterentropy.c
crypto: jitterentropy - Delete unnecessary checks before the function call "kzfree"
2015-06-25 23:18:33 +08:00
Kconfig
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
2018-01-31 14:22:45 -08:00
keywrap.c
crypto: keywrap - Add missing ULL suffixes for 64-bit constants
2017-11-29 17:33:26 +11:00
khazad.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
kpp.c
crypto: Replaced gcc specific attributes with macros from compiler.h
2017-01-13 00:24:39 +08:00
lrw.c
crypto: remove redundant backlog checks on EBUSY
2017-11-03 22:11:17 +08:00
lz4.c
crypto: lz4 - fixed decompress function to return error code
2017-04-10 19:17:27 +08:00
lz4hc.c
crypto: lz4 - fixed decompress function to return error code
2017-04-10 19:17:27 +08:00
lzo.c
treewide: use kv[mz]alloc* rather than opencoded variants
2017-05-08 17:15:13 -07:00
Makefile
crypto: aes-generic - fix aes-generic regression on powerpc
2018-01-20 11:43:36 +11:00
mcryptd.c
crypto: hash - annotate algorithms taking optional key
2018-01-12 23:03:35 +11:00
md4.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
md5.c
md5: remove from lib and only live in crypto
2017-03-24 22:02:56 +08:00
memneq.c
crypto: memneq - fix for archs without efficient unaligned access
2013-12-09 20:09:12 +08:00
michael_mic.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
pcbc.c
crypto: algapi - make crypto_xor() take separate dst and src arguments
2017-08-04 09:27:15 +08:00
pcrypt.c
crypto: pcrypt - fix freeing pcrypt instances
2017-12-22 19:02:47 +11:00
poly1305_generic.c
crypto: poly1305 - remove ->setkey() method
2018-01-12 23:03:14 +11:00
proc.c
crypto: algapi - convert cra_refcnt to refcount_t
2018-01-05 18:43:09 +11:00
ripemd.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
rmd128.c
crypto: drop unnecessary return statements
2017-09-22 17:43:28 +08:00
rmd160.c
crypto: drop unnecessary return statements
2017-09-22 17:43:28 +08:00
rmd256.c
crypto: drop unnecessary return statements
2017-09-22 17:43:28 +08:00
rmd320.c
crypto: drop unnecessary return statements
2017-09-22 17:43:28 +08:00
rng.c
crypto: rng - ensure that the RNG is ready before using
2017-07-28 17:56:00 +08:00
rsa_helper.c
crypto: rsa - fix buffer overread when stripping leading zeroes
2017-11-29 13:39:14 +11:00
rsa-pkcs1pad.c
crypto: remove redundant backlog checks on EBUSY
2017-11-03 22:11:17 +08:00
rsa.c
crypto: rsa - comply with crypto_akcipher_maxsize()
2017-06-10 12:04:30 +08:00
rsaprivkey.asn1
crypto: rsa - Store rest of the private key components
2016-07-05 23:05:26 +08:00
rsapubkey.asn1
crypto: akcipher - Changes to asymmetric key API
2015-10-14 22:23:16 +08:00
salsa20_generic.c
crypto: salsa20 - export generic helpers
2018-01-12 23:03:42 +11:00
scatterwalk.c
crypto: scatterwalk - Remove unnecessary aliasing check in map_and_copy
2016-11-22 15:02:25 +08:00
scompress.c
crypto: scompress - use sgl_alloc() and sgl_free()
2018-01-06 09:18:00 -07:00
seed.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
seqiv.c
crypto: seqiv - Remove unused alg/spawn variable
2017-12-22 19:52:45 +11:00
serpent_generic.c
crypto: serpent - improve __serpent_setkey with UBSAN
2017-08-09 20:17:54 +08:00
sha1_generic.c
crypto: hash - add zero length message hash for shax and md5
2015-12-22 20:43:35 +08:00
sha3_generic.c
crypto: sha3-generic - Use __optimize to support old compilers
2018-02-08 22:38:12 +11:00
sha256_generic.c
crypto: hash - add zero length message hash for shax and md5
2015-12-22 20:43:35 +08:00
sha512_generic.c
crypto: sha512-generic - move to generic glue implementation
2015-04-10 21:39:41 +08:00
shash.c
crypto: hash - prevent using keyed hashes without setting key
2018-01-12 23:03:37 +11:00
simd.c
crypto: replace FSF address with web source in license notices
2017-11-29 17:33:25 +11:00
skcipher.c
crypto: skcipher - prevent using skciphers without setting key
2018-01-12 23:03:39 +11:00
sm3_generic.c
crypto: sm3 - add OSCCA SM3 secure hash
2017-09-22 17:43:07 +08:00
tcrypt.c
crypto: tcrypt - free xoutbuf instead of axbuf
2018-01-12 23:03:07 +11:00
tcrypt.h
crypto: tcrypt - Add ChaCha20/Poly1305 speed tests
2015-07-17 21:20:20 +08:00
tea.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
testmgr.c
crypto: testmgr - test misuse of result in ahash
2018-01-26 01:10:29 +11:00
testmgr.h
crypto: testmgr - add new testcases for sha3
2018-01-26 01:10:34 +11:00
tgr192.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
twofish_common.c
crypto: replace FSF address with web source in license notices
2017-11-29 17:33:25 +11:00
twofish_generic.c
crypto: replace FSF address with web source in license notices
2017-11-29 17:33:25 +11:00
vmac.c
crypto: include crypto- module prefix in template
2014-11-26 20:06:30 +08:00
wp512.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
xcbc.c
crypto: replace FSF address with web source in license notices
2017-11-29 17:33:25 +11:00
xor.c
kmemcheck: stop using GFP_NOTRACK and SLAB_NOTRACK
2017-11-15 18:21:04 -08:00
xts.c
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
2017-11-14 10:52:09 -08:00