Am Sonntag, 24. September 2017, 08:22:54 CEST schrieb Stephan Müller:
Hi Herbert,
(private)
> Hi Herbert,
>
> The two patches together fix a kernel crash that can be triggered via
> AF_ALG when using authenc() with zero plaintext.
>
> The changes are also tested to verify that the hashing on n
Hi Herbert,
The two patches together fix a kernel crash that can be triggered via
AF_ALG when using authenc() with zero plaintext.
The changes are also tested to verify that the hashing on null data
is still supported.
I suspect that the vulnerability fixed with patch 1 is present in
abklcipher
The encryption / decryption operation is a noop in case the caller
provides zero input data. As this noop is a "valid" operation, the API
calls will return no error, but simply skip any processing.
This fixes a kernel crash with authenc() ciphers and zero plaintext /
ciphertext that can be trigger
In case the caller provides an SG with zero data, prevent a kmap of the
page pointed to by the SG. In this case, it is possible that the page
does not exist.
This fixes a crash in authenc() when the plaintext is zero and thus the
encryption operation is a noop. In this case, no input data exists t
Currently, the aes_ccm.c and aes_gcm.c are almost line by line
copy of each other. This patch reduce code redundancy by moving
the code in these two files to crypto/aead_api.c to make it a
higher level aead api. The aes_ccm.c and aes_gcm.c are removed
and all the functions are now implemented in th
--
Greetings From Mr. Soumaila Sorgho
I have a Mutual/Beneficial Business Project that would be beneficial
to you. I only have two questions to ask of you, if you are
interested.
1. Can you handle this project?
2. Can I give you this trust?
Please note that the deal requires high level
