This adds the module loading prefix "crypto-" to the template lookup
as well.
For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly
includes the "crypto-" prefix at every level, correctly rejecting "vfat":
net-pf-38
algif-hash
crypto-vfat(blowfish)
On 24 November 2014 at 23:24, Kees Cook wrote:
> This adds the module loading prefix "crypto-" to the template lookup
> as well.
>
> For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly
> includes the "crypto-" prefix at every level, correctly rejecting "vfat":
>
> net
This adds the module loading prefix "crypto-" to the template lookup
as well.
For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly
includes the "crypto-" prefix at every level, correctly rejecting "vfat":
net-pf-38
algif-hash
crypto-vfat(blowfish)
Am Montag, 24. November 2014, 22:29:46 schrieb Herbert Xu:
Hi Herbert,
> On Fri, Nov 21, 2014 at 06:32:16AM +0100, Stephan Mueller wrote:
> > This patch adds the AEAD support for AF_ALG.
> >
> > The AEAD implementation uses the entire memory handling and
> > infrastructure of the existing skciph
To allow automatic loading of the crypto_user kernel module, the netlink
MODULE_ALIAS is added.
Signed-off-by: Stephan Mueller
---
crypto/crypto_user.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c
index e2a34fe..255df95 100644
--- a/crypto/crypt
On 24 November 2014 at 20:17, Kees Cook wrote:
> This adds the module loading prefix "crypto-" to the template lookup
> as well.
>
> For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly
> includes the "crypto-" prefix at every level, correctly rejecting "vfat":
>
> net
This adds the module loading prefix "crypto-" to the template lookup
as well.
For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly
includes the "crypto-" prefix at every level, correctly rejecting "vfat":
net-pf-38
algif-hash
crypto-vfat(blowfish)
On Sat, 2014-11-22 at 21:36 +0300, Dan Carpenter wrote:
> This can't be NULL and we dereferenced it earlier. Smatch used to
> ignore these things where the pointer was obviously non-NULL but I've
> found that sometimes the intention was to check something else so we
> were maybe missing bugs.
>
>
Hi Herbert, thanks for the review.
> -Original Message-
> From: devicetree-ow...@vger.kernel.org [mailto:devicetree-
> ow...@vger.kernel.org] On Behalf Of Herbert Xu
> Sent: 20 November 2014 14:22
> To: James Hartley
> Cc: da...@davemloft.net; grant.lik...@linaro.org; robh...@kernel.org;
Compiler dead store optimization can sometimes remove final calls
to memset() used to clear sensitive data at the end of a function.
Replace trailing memset() calls with memzero_explicit() to
preclude unwanted removal.
Signed-off-by: Nickolaus Woodruff
---
crypto/drbg.c | 22 +++-
Am Montag, 24. November 2014, 22:31:50 schrieb Herbert Xu:
Hi Herbert,
>On Fri, Nov 21, 2014 at 06:32:52AM +0100, Stephan Mueller wrote:
>> This patch adds the random number generator support for AF_ALG.
>>
>> A random number generator's purpose is to generate data without
>> requiring the calle
On Thu, Nov 20, 2014 at 05:05:53PM -0800, Kees Cook wrote:
> This prefixes all crypto module loading with "crypto-" so we never run
> the risk of exposing module auto-loading to userspace via a crypto API,
> as demonstrated by Mathias Krause:
>
> https://lkml.org/lkml/2013/3/4/70
>
> Signed-off-b
Am Montag, 24. November 2014, 22:29:46 schrieb Herbert Xu:
Hi Herbert,
>On Fri, Nov 21, 2014 at 06:32:16AM +0100, Stephan Mueller wrote:
>> This patch adds the AEAD support for AF_ALG.
>>
>> The AEAD implementation uses the entire memory handling and
>> infrastructure of the existing skcipher im
On Sat, Nov 15, 2014 at 08:55:58AM +0100, Corentin LABBE wrote:
>
> and then get it via
> struct crypto_priv *cp = req->base.tfm->__crt_alg->data;
> (a function will be better than that)
>
> So what is the recommended way to get driver structure inside the cryptoAPI
> function (init/udpate/final)
On Fri, Nov 21, 2014 at 06:32:52AM +0100, Stephan Mueller wrote:
> This patch adds the random number generator support for AF_ALG.
>
> A random number generator's purpose is to generate data without
> requiring the caller to provide any data. Therefore, the AF_ALG
> interface handler for RNGs only
On Fri, Nov 21, 2014 at 06:32:16AM +0100, Stephan Mueller wrote:
> This patch adds the AEAD support for AF_ALG.
>
> The AEAD implementation uses the entire memory handling and
> infrastructure of the existing skcipher implementation.
>
> To use AEAD, the user space consumer has to use the salg_ty
On Fri, Nov 21, 2014 at 06:30:18AM +0100, Stephan Mueller wrote:
>
> @@ -421,6 +421,18 @@ int af_alg_cmsg_send(struct msghdr *msg, struct
> af_alg_control *con)
> con->op = *(u32 *)CMSG_DATA(cmsg);
> break;
>
> + case ALG_SET_AEAD_AUTHSIZE:
On Wed, Nov 19, 2014 at 05:13:11PM +0100, Daniel Borkmann wrote:
> Commit e1bd95bf7c25 ("crypto: algif - zeroize IV buffer") and
> 2a6af25befd0 ("crypto: algif - zeroize message digest buffer")
> added memzero_explicit() calls on buffers that are later on
> passed back to sock_kfree_s().
>
> This
18 matches
Mail list logo
