ype.)
The assigned type is "struct idxd_wq **", but the returned type will be
"struct wq **". These are the same size allocation (pointer sized), but
the types don't match. Adjust the allocation type to match the assignment.
Signed-off-by: Kees Cook
---
Cc: Kristen Accardi
Cc
kCFI is enabled.
>
> Cc: Kees Cook
> Cc: Linus Walleij
> Signed-off-by: Ard Biesheuvel
Reviewed-by: Kees Cook
--
Kees Cook
.cra_ctxsize= sizeof(struct nx842_crypto_ctx),
+ .cra_ctxsize= struct_size_t(struct nx842_crypto_ctx,
header.group,
+ NX842_CRYPTO_GROUP_MAX),
.cra_module = THIS_MODULE,
.cra_init = nx842_pseries_crypto_init,
.cra_exit = nx842_crypto_exit,
--
Kees Cook
On Fri, Feb 02, 2024 at 12:01:55PM +0100, Marco Elver wrote:
> On Fri, 2 Feb 2024 at 11:16, Kees Cook wrote:
> > [...]
> > +config UBSAN_UNSIGNED_WRAP
> > + bool "Perform checking for unsigned arithmetic wrap-around"
> > + depends on $(cc-option
still extremely noisy, but gets us to a common point where
we can continue experimenting with the sanitizer.
Cc: x...@kernel.org
Cc: net...@vger.kernel.org
Cc: linux-crypto@vger.kernel.org
Signed-off-by: Kees Cook
---
arch/x86/kernel/Makefile | 1 +
arch/x86/kernel/apic/Makefile | 1 +
arch
To allow for fine-grained control of where the wrapping sanitizers can
be disabled, split them from the main UBSAN CFLAGS into their own set of
rules.
Cc: Masahiro Yamada
Cc: Nathan Chancellor
Cc: Nicolas Schier
Cc: linux-kbu...@vger.kernel.org
Signed-off-by: Kees Cook
---
scripts
ot; is in effect.)
Cc: Andrey Konovalov
Cc: Marco Elver
Cc: linux-...@vger.kernel.org
Cc: linux-kbu...@vger.kernel.org
Signed-off-by: Kees Cook
---
Documentation/dev-tools/ubsan.rst | 28
arch/arm/Kconfig | 2 +-
arch/arm64/Kconfig
Yamada
Cc: Nathan Chancellor
Cc: Nicolas Schier
Cc: linux-kbu...@vger.kernel.org
Signed-off-by: Kees Cook
---
include/linux/compiler_types.h | 7 ++-
lib/Kconfig.ubsan | 8
lib/test_ubsan.c | 33 +
lib/ubsan.c
Chancellor
Cc: Masahiro Yamada
Cc: Nicolas Schier
Cc: Nick Desaulniers
Cc: Bill Wendling
Cc: linux-kbu...@vger.kernel.org
Cc: l...@lists.linux.dev
Signed-off-by: Kees Cook
---
scripts/Makefile.ubsan | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/Makefile.ubsan b
s/27 [2]
Link: https://github.com/KSPP/linux/issues/344 [3]
Cc: Justin Stitt
Cc: Miguel Ojeda
Cc: Nathan Chancellor
Cc: Nick Desaulniers
Cc: Peter Zijlstra
Cc: Marco Elver
Cc: Hao Luo
Cc: Przemek Kitszel
Signed-off-by: Kees Cook
---
include/linux/compiler_types.h | 14 ++-
lib
/KSPP/linux/issues/344 [3]
Kees Cook (6):
ubsan: Use Clang's -fsanitize-trap=undefined option
ubsan: Reintroduce signed and unsigned overflow sanitizers
ubsan: Introduce CONFIG_UBSAN_POINTER_WRAP
ubsan: Remove CONFIG_UBSAN_SANITIZE_ALL
ubsan: Split wrapping sanitizer Makefile rules
first steps
done. And then once the sanitizers are in good shape, the fuzzers can grind.
(I'm trying to add some parallelism to this project; this code pattern was
known so I figured we could address it now.)
-Kees
--
Kees Cook
nel.org/linus/68df3755e383e6fecf2354a67b08f92f18536594 [1]
Link: https://github.com/KSPP/linux/issues/26 [2]
Link: https://github.com/KSPP/linux/issues/27 [3]
Link: https://github.com/KSPP/linux/issues/344 [4]
Cc: Herbert Xu
Cc: "David S. Miller"
Cc: Aditya Srivastava
Cc: Randy Dunlap
Cc: linux-crypto@vger.kernel.org
S
-crypto@vger.kernel.org
Signed-off-by: Kees Cook
---
drivers/crypto/axis/artpec6_crypto.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/axis/artpec6_crypto.c
b/drivers/crypto/axis/artpec6_crypto.c
index dbc1d483f2af..cbec539f0e20 100644
--- a/drivers/crypto/axis
om Rix
Cc: Adam Guerin
Cc: Lucas Segarra Fernandez
Cc: Andy Shevchenko
Cc: qat-li...@intel.com
Cc: linux-crypto@vger.kernel.org
Cc: l...@lists.linux.dev
Signed-off-by: Kees Cook
---
drivers/crypto/intel/qat/qat_common/adf_fw_counters.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
di
py(buf, str, sizeof(buf));
> for (i = 0; i < 16; i++) {
> if (!isdigit(buf[i])) {
I was initially worried when I saw this walking the entire contents, but
I see it is explicitly zeroed on the stack first, so this is fine:
char buf[16] = {0};
Reviewed-by: Kees
tps://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings
> [1]
> Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html
> [2]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-harden...@vger.kernel.org
> Signed-
-through
All switch/case blocks must end in one of:
break;
fallthrough;
continue;
goto ;
return [expression];
[3] https://cwe.mitre.org/data/definitions/484.html
--
Kees Cook
inal series may be lower, but there
are still bugs being found from it -- we need to finish this and shut
the door on it for good.)
--
Kees Cook
On Mon, Nov 23, 2020 at 05:32:51PM -0800, Nick Desaulniers wrote:
> On Sun, Nov 22, 2020 at 8:17 AM Kees Cook wrote:
> >
> > On Fri, Nov 20, 2020 at 11:51:42AM -0800, Jakub Kicinski wrote:
> > > If none of the 140 patches here fix a real bug, and there is no change
>
On Fri, Nov 20, 2020 at 11:51:42AM -0800, Jakub Kicinski wrote:
> On Fri, 20 Nov 2020 11:30:40 -0800 Kees Cook wrote:
> > On Fri, Nov 20, 2020 at 10:53:44AM -0800, Jakub Kicinski wrote:
> > > On Fri, 20 Nov 2020 12:21:39 -0600 Gustavo A. R. Silva wrote:
> > > > This
On Fri, Nov 20, 2020 at 11:51:42AM -0800, Jakub Kicinski wrote:
> On Fri, 20 Nov 2020 11:30:40 -0800 Kees Cook wrote:
> > On Fri, Nov 20, 2020 at 10:53:44AM -0800, Jakub Kicinski wrote:
> > > On Fri, 20 Nov 2020 12:21:39 -0600 Gustavo A. R. Silva wrote:
> > > > This
ngs are supposed to warn about issues that could
> be bugs. Falling through to default: break; can hardly be a bug?!
It's certainly a place where the intent is not always clear. I think
this makes all the cases unambiguous, and doesn't impact the machine
code, since the compiler will happily optimize away any behavioral
redundancy.
--
Kees Cook
On Fri, Oct 16, 2020 at 01:12:24AM -0700, syzbot wrote:
> dashboard link: https://syzkaller.appspot.com/bug?extid=92ead4eb8e26a26d465e
> [...]
> Reported-by: syzbot+92ead4eb8e26a26d4...@syzkaller.appspotmail.com
> [...]
> UBSAN: array-index-out-of-bounds in crypto/af_alg.c:166:2
> index 91 is out o
build tests, I run those with COMPILE_TEST force-enabled.
Ah, I got this backwards. It's not COMPILE_TEST breaking it, it's
actually FIXING it. :P Anyway, I'll go clean this up more.
--
Kees Cook
On Thu, Aug 27, 2020 at 12:02:12PM -0700, Linus Torvalds wrote:
> On Thu, Aug 27, 2020 at 11:42 AM Kees Cook wrote:
> >
> > Do you mean you checked both gcc and clang and it was only a problem with
> > gcc?
>
> I didn't check with clang, but Arnd claimed it was
CFLAGS_UBSAN += $(call cc-option, -fsanitize=object-size)
CFLAGS_UBSAN += $(call cc-option, -fsanitize=bool)
CFLAGS_UBSAN += $(call cc-option, -fsanitize=enum)
endif
--
Kees Cook
ts, u64 fsize)
> > (unsigned long)total,
> > (unsigned long)beN_to_cpu(&p->ostart[offset], size));
> > + if (size > p->olen)
> > + return -ENOSPC;
> > +
> > memcpy(p->out, &p->ostart[offset], size);
> > p->out += size;
> > p->olen -= size;
> > @@ -345,6 +348,9 @@ int sw842_decompress(const u8 *in, unsigned int ilen,
> > if (!bytes || bytes > SHORT_DATA_BITS_MAX)
> > return -EINVAL;
> > + if (bytes > p.olen)
> > + return -ENOSPC;
> > +
> > while (bytes-- > 0) {
> > ret = next_bits(&p, &tmp, 8);
> > if (ret)
> >
Reviewed-by: Kees Cook
--
Kees Cook
On Tue, May 05, 2020 at 04:36:49PM -0700, Nick Desaulniers wrote:
> On Tue, May 5, 2020 at 4:22 PM Jason A. Donenfeld wrote:
> >
> > On Tue, May 5, 2020 at 5:19 PM Kees Cook wrote:
> > >
> > > (Though as was mentioned, it's likely that FORTIFY_SOURCE isn&#x
so I may still send a patch to depend on !clang
just to avoid surprises until it's fixed, but I haven't had time to
chase down a solution yet.)
--
Kees Cook
o you think it should just be dropped in each patch?
--
Kees Cook
lude/asm/asm.h |1
> include/asm/paravirt_types.h| 25 +++--
> include/asm/pm-trace.h |2
> include/asm/processor.h |6 +-
> kernel/acpi/wakeup_64.S | 31 ++-
> kernel/head_64.S| 16 +++---
> kernel/relocate_kernel_64.S |2
> power/hibernate_asm_64.S|4 -
> 29 files changed, 306 insertions(+), 213 deletions(-)
>
> Patchset is based on next-20190708.
>
>
--
Kees Cook
m/include/asm/io.h:299:29: note: in expansion of macro ‘__raw_writel’
> #define writel_relaxed(v,c) __raw_writel((__force u32) cpu_to_le32(v),c)
> ^~~~
> drivers/crypto/ux500/cryp/cryp.c:371:3: note: in expansion of macro
> ‘writel_relaxed’
>writ
e "little" fixes so
there's less to review for the big PIE changes down the road.
--
Kees Cook
stmgr.c:1420
> __alg_test_hash+0x26d/0x340 crypto/testmgr.c:1502
> alg_test_hash+0x22e/0x330 crypto/testmgr.c:1552
> alg_test.part.7+0x132/0x610 crypto/testmgr.c:4931
> alg_test+0x1f/0x40 crypto/testmgr.c:4952
>
> Fixes: b68a7ec1e9a3 ("crypto: hash - Remove VLA usage")
> Reported-by: Corentin Labbe
> Cc: # v4.20+
> Cc: Kees Cook
> Signed-off-by: Eric Biggers
Ah, yikes! Nice catch. Thanks for fixing this. :)
Reviewed-by: Kees Cook
--
Kees Cook
On Wed, Oct 17, 2018 at 7:41 AM, Gustavo A. R. Silva
wrote:
>
>
> On 10/17/18 9:20 AM, Antoine Tenart wrote:
>> Hi,
>>
>> On Wed, Oct 17, 2018 at 02:17:41PM +0800, Herbert Xu wrote:
>>> On Tue, Oct 16, 2018 at 09:44:02PM +0200, Gustavo A. R. Silva wrote:
>&
("Sizeof not portable")
> Fixes: 9744fec95f06 ("crypto: inside-secure - remove request list to improve
> performance")
> Signed-off-by: Gustavo A. R. Silva
Reviewed-by: Kees Cook
Luckily, this results in the same size, since it's still a pointer:
struct crypt
On Thu, Sep 27, 2018 at 10:08 PM, Herbert Xu
wrote:
> All applied. Thanks.
Awesome! Thanks :)
-Kees
--
Kees Cook
Pixel Security
it as a fix, and handle the conflict with Kees's
> patch in cryptodev. Otherwise, I can respin it to apply onto cryptodev
> directly. The patch was build tested only - I don't have the hardware.
I think the depth warning is minor (90 bytes over), so I don't think
it's high priority to backport the fix. I'm fine either way, of
course.
Reviewed-by: Kees Cook
-Kees
--
Kees Cook
Pixel Security
On Mon, Sep 24, 2018 at 9:49 PM, Herbert Xu wrote:
> On Mon, Sep 24, 2018 at 05:49:37PM -0700, Kees Cook wrote:
>>
>> > Kees Cook (23):
>> > crypto: skcipher - Introduce crypto_sync_skcipher
>> > gss_krb5: Remove VLA usage of skcipher
>>
On Tue, Sep 18, 2018 at 7:10 PM, Kees Cook wrote:
> This is the full follow-up to earlier discussions[1] that suggested
> adding a new struct crypto_sync_skcipher to handle the VLA removal from
> SKCIPHER_REQUEST_ON_STACK.
>
> This series is effectively a no-op change: everythi
On Mon, Sep 24, 2018 at 4:52 AM, Ard Biesheuvel
wrote:
> On Wed, 19 Sep 2018 at 04:11, Kees Cook wrote:
>> @@ -119,7 +119,7 @@ cryptoloop_transfer(struct loop_device *lo, int cmd,
>> unsigned in_offs, out_offs;
>> int err;
>>
>> -
On Mon, Sep 24, 2018 at 4:45 AM, Ard Biesheuvel
wrote:
> On Wed, 19 Sep 2018 at 04:11, Kees Cook wrote:
>>
>> In the quest to remove all stack VLA usage from the kernel[1], this
>> replaces struct crypto_skcipher and SKCIPHER_REQUEST_ON_STACK() usage
>> with stru
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: Jesper Nilsson
Cc: Lars Persson
Cc: linux-arm-ker...@axis.com
Signed-off-by: Kees Cook
---
drivers/crypto/axis/artpec6_crypto.c | 19 +--
1 file changed, 9 insertions(+), 10 deletions(-)
diff --git a/drivers/crypto/axis
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: Jamie Iles
Cc: linux-arm-ker...@lists.infradead.org
Signed-off-by: Kees Cook
---
drivers/crypto/picoxcell_crypto.c | 21 ++---
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/drivers/crypto/picoxcell_crypto.c
b/drivers
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: Himanshu Jha
Signed-off-by: Kees Cook
---
drivers/crypto/qce/ablkcipher.c | 13 ++---
drivers/crypto/qce/cipher.h | 2 +-
2 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/drivers/crypto/qce/ablkcipher.c b/drivers/crypto/qce
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
---
drivers/crypto/mxs-dcp.c | 21 ++---
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/drivers/crypto/mxs-dcp.c b/drivers/crypto/mxs-dcp.c
index a10c418d4e5c..430174be6f92 100644
--- a/drivers
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: Harsh Jain
Signed-off-by: Kees Cook
---
drivers/crypto/chelsio/chcr_algo.c | 27 ++-
drivers/crypto/chelsio/chcr_crypto.h | 2 +-
2 files changed, 15 insertions(+), 14 deletions(-)
diff --git a/drivers/crypto/chelsio
Now that all the users of the VLA-generating SKCIPHER_REQUEST_ON_STACK()
macro have been moved to SYNC_SKCIPHER_REQUEST_ON_STACK(), we can remove
the former.
Signed-off-by: Kees Cook
---
include/crypto/skcipher.h | 5 -
1 file changed, 5 deletions(-)
diff --git a/include/crypto/skcipher.h
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: Alexander Aring
Cc: Stefan Schmidt
Cc: linux-w...@vger.kernel.org
Signed-off-by: Kees Cook
---
net/mac802154/llsec.c | 16
net/mac802154/llsec.h | 2 +-
2 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/net/mac802154
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: x...@kernel.org
Signed-off-by: Kees Cook
---
arch/x86/crypto/fpu.c | 30 --
1 file changed, 16 insertions(+), 14 deletions(-)
diff --git a/arch/x86/crypto/fpu.c b/arch/x86/crypto/fpu.c
index 406680476c52..be9b3766f241
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: Martin Schwidefsky
Cc: Heiko Carstens
Cc: linux-s...@vger.kernel.org
Signed-off-by: Kees Cook
---
arch/s390/crypto/aes_s390.c | 48 ++---
1 file changed, 24 insertions(+), 24 deletions(-)
diff --git a/arch/s390/crypto
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: Ilya Dryomov
Cc: "Yan, Zheng"
Cc: Sage Weil
Cc: ceph-de...@vger.kernel.org
Signed-off-by: Kees Cook
---
net/ceph/crypto.c | 12 ++--
net/ceph/crypto.h | 2 +-
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/net/cep
_set_flags()
crypto_sync_skcipher_clear_flags()
crypto_sync_skcipher_blocksize()
crypto_sync_skcipher_ivsize()
crypto_sync_skcipher_reqtfm()
skcipher_request_set_sync_tfm()
SYNC_SKCIPHER_REQUEST_ON_STACK() (with tfm type check)
Signed-off-by: Kees Cook
-
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: Johannes Berg
Cc: linux-wirel...@vger.kernel.org
Signed-off-by: Kees Cook
---
drivers/staging/rtl8192e/rtllib_crypt_tkip.c | 34 +--
drivers/staging/rtl8192e/rtllib_crypt_wep.c | 28 +++
.../rtl8192u/ieee80211
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: Jens Axboe
Cc: linux-bl...@vger.kernel.org
Signed-off-by: Kees Cook
---
drivers/block/cryptoloop.c | 22 +++---
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/drivers/block/cryptoloop.c b/drivers/block/cryptoloop.c
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: Paul Mackerras
Cc: linux-...@vger.kernel.org
Signed-off-by: Kees Cook
---
drivers/net/ppp/ppp_mppe.c | 27 ++-
1 file changed, 14 insertions(+), 13 deletions(-)
diff --git a/drivers/net/ppp/ppp_mppe.c b/drivers/net/ppp
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
---
crypto/algif_aead.c | 12 ++--
crypto/authenc.c| 8
crypto/authencesn.c | 8
crypto/crypto_null.c| 11 +--
crypto/echainiv.c
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: Greg Kroah-Hartman
Cc: Felipe Balbi
Cc: Johan Hovold
Cc: "Gustavo A. R. Silva"
Cc: linux-...@vger.kernel.org
Signed-off-by: Kees Cook
---
drivers/usb/wusbcore/crypto.c | 16
1 file changed, 8 insertions(+), 8 deletion
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: David Howells
Cc: linux-...@lists.infradead.org
Signed-off-by: Kees Cook
---
net/rxrpc/ar-internal.h | 2 +-
net/rxrpc/rxkad.c | 44 -
2 files changed, 23 insertions(+), 23 deletions(-)
diff --git a/net
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: "Leonidas S. Barbosa"
Cc: Paulo Flabiano Smorigo
Cc: Benjamin Herrenschmidt
Cc: Paul Mackerras
Cc: Michael Ellerman
Cc: linuxppc-...@lists.ozlabs.org
Signed-off-by: Kees Cook
---
drivers/crypto/vmx/aes_cbc.c | 22 +++--
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: Tom Lendacky
Cc: Gary Hook
Signed-off-by: Kees Cook
---
drivers/crypto/ccp/ccp-crypto-aes-xts.c | 13 +++--
drivers/crypto/ccp/ccp-crypto.h | 2 +-
2 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/ccp/ccp
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
---
drivers/crypto/sahara.c | 31 +++
1 file changed, 15 insertions(+), 16 deletions(-)
diff --git a/drivers/crypto/sahara.c b/drivers/crypto/sahara.c
index e7540a5b8197..bbf166a97ad3 100644
--- a
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
---
crypto/cryptd.c | 32 +---
1 file changed, 17 insertions(+), 15 deletions(-)
diff --git a/crypto/cryptd.c b/crypto/cryptd.c
index addca7bae33f..7118fb5efbaa 100644
--- a/crypto/cryptd.c
+++ b/crypto
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
---
drivers/crypto/omap-aes.c | 17 -
drivers/crypto/omap-aes.h | 2 +-
2 files changed, 9 insertions(+), 10 deletions(-)
diff --git a/drivers/crypto/omap-aes.c b/drivers/crypto/omap-aes.c
index 9019f6b67986
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Cc: Trond Myklebust
Cc: Anna Schumaker
Cc: "J. Bruce Fields"
Cc: Jeff Layton
Cc: YueHaibing
Cc: linux-...@vger.kernel.org
Signed-off-by: Kees Cook
---
include/linux/sunrpc/gss_krb5.h | 30 -
net/sunrpc/auth_gss/gss_krb5_cry
enforcement
for not putting an ASYNC skcipher on the stack, which allows us to
declare the on-stack requests with a fixed stack size.
[1]
https://lkml.kernel.org/r/CAGXu5j+bpLK=EQ9LHkO8V=sdaQwt==6fbghgn2vi1e9_wxs...@mail.gmail.com
-Kees
Kees Cook (23):
crypto: skcipher - Introduce
On Thu, Sep 13, 2018 at 11:23 AM, Kees Cook wrote:
> RFC follow-up to
> https://lkml.kernel.org/r/CAGXu5j+bpLK=EQ9LHkO8V=sdaQwt==6fbghgn2vi1e9_wxs...@mail.gmail.com
>
> The core API changes:
>
> struct crypto_sync_skcipher
> crypt
es of SKCIPHER_REQUEST_ON_STACK().
Signed-off-by: Kees Cook
---
crypto/skcipher.c | 24 +
drivers/crypto/ccp/ccp-crypto-aes-xts.c | 10
drivers/crypto/ccp/ccp-crypto.h | 2 +-
include/crypto/skcipher.h | 34 -
4
On Thu, Sep 13, 2018 at 9:46 AM, Kees Cook wrote:
> On Mon, Sep 10, 2018 at 10:52 PM, Herbert Xu
> wrote:
>> On Fri, Sep 07, 2018 at 08:56:23AM +0200, Ard Biesheuvel wrote:
>>>
>>> OK, so given that all SKCIPHER_REQUEST_ON_STACK occurrences are
>>> up
rypt(nreq);
For the above, we'd also need:
sync_skcipher_request_set_tfm()
sync_skcipher_request_set_callback()
sync_skcipher_request_set_crypt()
-Kees
--
Kees Cook
Pixel Security
On Mon, Sep 3, 2018 at 8:13 PM, Herbert Xu wrote:
> On Tue, Aug 07, 2018 at 02:18:39PM -0700, Kees Cook wrote:
>> In the quest to remove all stack VLA usage from the kernel[1], this uses
>> the new HASH_MAX_DIGESTSIZE from the crypto layer to allocate the upper
>> bounds on
On Thu, Sep 6, 2018 at 8:42 PM, Herbert Xu wrote:
> On Thu, Sep 06, 2018 at 03:58:52PM -0700, Kees Cook wrote:
>>
>> @@ -437,6 +442,12 @@ static inline struct crypto_skcipher
>> *crypto_skcipher_reqtfm_check(
>> {
>> struct crypto_skcipher
possible.
Signed-off-by: Kees Cook
---
include/crypto/skcipher.h | 33 +++--
1 file changed, 27 insertions(+), 6 deletions(-)
diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h
index 2f327f090c3e..6e954d398e0f 100644
--- a/include/crypto/skcipher.h
+++ b
-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
---
include/crypto/skcipher.h | 28
1 file changed, 16 insertions(+), 12 deletions(-)
diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h
index 3aabd5d098ed..cca216999bf1
tfm argument after VLA removal.
-Kees
[1]
https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Kees Cook (4):
crypto: skcipher - Consolidate encrypt/decrypt sanity check
crypto: skcipher - Enforce non-ASYNC for on-stack requests
crypto: skcipher
Check at use-time whether an skcipher request is on the stack. If it
is, enforce that it must be backed by a synchronous algorithm, as is
required:
https://www.redhat.com/archives/dm-devel/2018-January/msg00087.html
Co-developed-by: Ard Biesheuvel
Signed-off-by: Kees Cook
---
include/crypto
Since the size is now fixed, there is no need to include the tfm
argument. This removes it from the definition and callers.
Suggested-by: Alexander Stein
Signed-off-by: Kees Cook
---
arch/s390/crypto/aes_s390.c| 8
arch/x86/crypto/fpu.c
On Thu, Sep 6, 2018 at 1:22 PM, Kees Cook wrote:
> On Wed, Sep 5, 2018 at 5:43 PM, Kees Cook wrote:
>> On Wed, Sep 5, 2018 at 3:49 PM, Ard Biesheuvel
>> wrote:
>>> On 5 September 2018 at 23:05, Kees Cook wrote:
>>>> On Wed, Sep 5, 2018 at 2:18 AM, Ar
On Wed, Sep 5, 2018 at 5:43 PM, Kees Cook wrote:
> On Wed, Sep 5, 2018 at 3:49 PM, Ard Biesheuvel
> wrote:
>> On 5 September 2018 at 23:05, Kees Cook wrote:
>>> On Wed, Sep 5, 2018 at 2:18 AM, Ard Biesheuvel
>>> wrote:
>>>> On 4 September 2018 at 20:1
REQUEST_ON_STACK to ensure that
>> only sync algorithms can use this construct.
>>
>
> That would require lots of changes in the callers, including ones that
> already take care to use sync algos only.
>
> How about we do something like the below instead?
Oh, I like this, thanks!
-Kees
--
Kees Cook
Pixel Security
On Wed, Sep 5, 2018 at 3:49 PM, Ard Biesheuvel
wrote:
> On 5 September 2018 at 23:05, Kees Cook wrote:
>> On Wed, Sep 5, 2018 at 2:18 AM, Ard Biesheuvel
>> wrote:
>>> On 4 September 2018 at 20:16, Kees Cook wrote:
>>>> In the quest to remove all stac
On Wed, Sep 5, 2018 at 2:18 AM, Ard Biesheuvel
wrote:
> On 4 September 2018 at 20:16, Kees Cook wrote:
>> In the quest to remove all stack VLA usage from the kernel[1], this
>> caps the skcipher request size similar to other limits and adds a sanity
>> check at reg
zK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
---
crypto/cryptd.c| 7 +--
crypto/ctr.c | 7 +--
crypto/cts.c | 7 +--
crypto/lrw.c
This removes VLAs[1] from SKCIPHER_REQUEST_ON_STACK by making it possible
for crypto_skcipher_set_reqsize() to fail. Callers are updated to handle
the error condition.
-Kees
[1]
https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Kees Cook (2):
crypto
crypto_skcipher_set_reqsize: 88
crypto_skcipher_set_reqsize: 472
[1]
https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
---
include/crypto/internal/skcipher.h | 3 +++
include/crypto/skcipher.h | 4
On Mon, Sep 3, 2018 at 10:19 PM, Herbert Xu wrote:
> On Tue, Aug 07, 2018 at 02:18:34PM -0700, Kees Cook wrote:
>> v8 cover letter:
>>
>> I continue to hope this can land in v4.19, but I realize that's unlikely.
>> It would be nice, though, if some of the "tri
to continues to get tweaked and has taken much longer
than I had expected.
-Kees
--
Kees Cook
Pixel Security
In the quest to remove all stack VLA usage from the kernel[1], this uses
the new upper bound for the stack buffer. Also adds a sanity check.
[1]
https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
---
drivers/crypto/qat
: Kees Cook
---
include/crypto/cbc.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/crypto/cbc.h b/include/crypto/cbc.h
index f5b8bfc22e6d..3bf28beefa33 100644
--- a/include/crypto/cbc.h
+++ b/include/crypto/cbc.h
@@ -113,7 +113,7 @@ static inline int
cra_blocksize is 144 (SHA3_224_BLOCK_SIZE, 18 8-byte words). For the
new blocksize limit, I went with 160 (20 8-byte words).
[1]
https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
---
crypto/algapi.c | 7 ++-
include
crypto_skcipher_set_reqsize: 88
crypto_skcipher_set_reqsize: 472
[1]
https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
---
include/crypto/internal/skcipher.h | 1 +
include/crypto/skcipher.h | 4
...@mail.gmail.com
Signed-off-by: Kees Cook
---
crypto/ahash.c| 4 ++--
crypto/algif_hash.c | 2 +-
crypto/shash.c| 6 +++---
include/crypto/hash.h | 6 +-
4 files changed, 11 insertions(+), 7 deletions(-)
diff --git a/crypto/ahash.c b/crypto/ahash.c
index a64c143165b1..78aaf2158c43
aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
---
crypto/xcbc.c | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/crypto/xcbc.c b/crypto/xcbc.c
index 25c75af50d3f..c055f57fab11 100644
--- a/crypto/xcbc.c
+++ b/crypto/xcbc.c
@@ -57,15 +57,17 @@ s
reqsizes for skcipher and ahash instead of guessing.
- improve names and comments for alg maxes
Ard Biesheuvel (1):
crypto: ccm: Remove VLA usage
Kees Cook (8):
crypto: xcbc: Remove VLA usage
crypto: cbc: Remove VLA usage
crypto: hash: Remove VLA usage
dm: Remove VLA usage from hashes
this helper was the only user.
[1]
https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
---
crypto/shash.c | 27 ---
include/linux/compiler-gcc.h | 1 -
2 files changed, 16 insertions(+), 12
In the quest to remove all stack VLA usage from the kernel[1], this uses
the new HASH_MAX_DIGESTSIZE from the crypto layer to allocate the upper
bounds on stack usage.
[1]
https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook
=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Ard Biesheuvel
Signed-off-by: Kees Cook
---
crypto/ccm.c | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/crypto/ccm.c b/crypto/ccm.c
index 0a083342ec8c..b242fd0d3262 100644
--- a/crypto/ccm.c
+++ b/crypto/ccm.c
@@ -50,7
On Tue, Aug 7, 2018 at 2:47 AM, Herbert Xu wrote:
> On Thu, Aug 02, 2018 at 03:51:45PM -0700, Kees Cook wrote:
>> In the quest to remove all stack VLA usage from the kernel[1], this
>> uses the upper bounds on blocksize. Since this is always a cipher
>> blocksize, use th
On Tue, Aug 7, 2018 at 2:45 AM, Herbert Xu wrote:
> On Thu, Aug 02, 2018 at 02:51:10PM -0700, Kees Cook wrote:
>> When pstore was refactored to use the crypto compress API in:
>>
>> commit cb3bee0369bc ("pstore: Use crypto compress API")
>>
>> nearly a
1 - 100 of 279 matches
Mail list logo
