An error occurred fetching the project authors.
  1. 03 Jul, 2020 3 commits
  2. 26 Jun, 2020 12 commits
  3. 18 Jun, 2020 22 commits
  4. 15 Jun, 2020 3 commits
    • Stephan Müller's avatar
      crypto: drbg - always try to free Jitter RNG instance · 819966c0
      Stephan Müller authored
      The Jitter RNG is unconditionally allocated as a seed source follwoing
      the patch 97f2650e. Thus, the instance must always be deallocated.
      
      Reported-by: syzbot+2e635807decef724a1fa@syzkaller.appspotmail.com
      Fixes: 97f2650e ("crypto: drbg - always seeded with SP800-90B ...")
      Signed-off-by: default avatarStephan Mueller <smueller@chronox.de>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      819966c0
    • Dan Carpenter's avatar
      crypto: marvell/octeontx - Fix a potential NULL dereference · 1f5b07f5
      Dan Carpenter authored
      Smatch reports that:
      
          drivers/crypto/marvell/octeontx/otx_cptvf_algs.c:132 otx_cpt_aead_callback()
          warn: variable dereferenced before check 'cpt_info' (see line 121)
      
      This function is called from process_pending_queue() as:
      
      drivers/crypto/marvell/octeontx/otx_cptvf_reqmgr.c
         599                  /*
         600                   * Call callback after current pending entry has been
         601                   * processed, we don't do it if the callback pointer is
         602                   * invalid.
         603                   */
         604                  if (callback)
         605                          callback(res_code, areq, cpt_info);
      
      It does appear to me that "cpt_info" can be NULL so this could lead to
      a NULL dereference.
      
      Fixes: 10b4f094 ("crypto: marvell - add the Virtual Function driver for CPT")
      Signed-off-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      1f5b07f5
    • Eric Biggers's avatar
      crypto: algboss - don't wait during notifier callback · 77251e41
      Eric Biggers authored
      When a crypto template needs to be instantiated, CRYPTO_MSG_ALG_REQUEST
      is sent to crypto_chain.  cryptomgr_schedule_probe() handles this by
      starting a thread to instantiate the template, then waiting for this
      thread to complete via crypto_larval::completion.
      
      This can deadlock because instantiating the template may require loading
      modules, and this (apparently depending on userspace) may need to wait
      for the crc-t10dif module (lib/crc-t10dif.c) to be loaded.  But
      crc-t10dif's module_init function uses crypto_register_notifier() and
      therefore takes crypto_chain.rwsem for write.  That can't proceed until
      the notifier callback has finished, as it holds this semaphore for read.
      
      Fix this by removing the wait on crypto_larval::completion from within
      cryptomgr_schedule_probe().  It's actually unnecessary because
      crypto_alg_mod_lookup() calls crypto_larval_wait() itself after sending
      CRYPTO_MSG_ALG_REQUEST.
      
      This only actually became a problem in v4.20 due to commit b7637754
      ("crc-t10dif: Pick better transform if one becomes available"), but the
      unnecessary wait was much older.
      
      BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=207159Reported-by: default avatarMike Gerow <gerow@google.com>
      Fixes: 39871037 ("crypto: algapi - Move larval completion into algboss")
      Cc: <stable@vger.kernel.org> # v3.6+
      Cc: Martin K. Petersen <martin.petersen@oracle.com>
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Reported-by: default avatarKai Lüke <kai@kinvolk.io>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      77251e41