On Fri, Dec 02, 2016 at 04:15:21PM -0800, Tim Chen wrote: > Algorithms not compatible with mcryptd could be spawned by mcryptd > with a direct crypto_alloc_tfm invocation using a "mcryptd(alg)" > name construct. This causes mcryptd to crash the kernel if > "alg" is incompatible and not intended to be used with mcryptd. > > A flag CRYPTO_ALG_MCRYPT is being added to mcryptd compatible > algorithms' cra_flags. The compatability is checked when mcryptd spawn > off an algorithm. > > Link: http://marc.info/?l=linux-crypto-vger&m=148063683310477&w=2 > Cc: sta...@vger.kernel.org > Reported-by: Mikulas Patocka <mpato...@redhat.com> > Tested-by: Megha Dey <megha....@linux.intel.com> > Signed-off-by: Tim Chen <tim.c.c...@linux.intel.com>
Tim, I think we should instead make mcryptd refuse to generate a non-internal algorithm. This way the user would not be able to access it at all since they can only request for non-internal algorithms. Basically you want to check at the start of mcryptd_create_hash that the INTERNAL bit is set on both the type and mask as returned by crypto_get_attr_type. Thanks, -- Email: Herbert Xu <herb...@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
