shinys000114/odroid-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
63e41ebc6630f39422d87f8a4bade1e793f37a01
odroid-linux/crypto
History
Mathias Krause 63e41ebc66 crypto: user - lock crypto_alg_list on alg dump 
We miss to take the crypto_alg_sem semaphore when traversing the
crypto_alg_list for CRYPTO_MSG_GETALG dumps. This allows a race with
crypto_unregister_alg() removing algorithms from the list while we're
still traversing it, thereby leading to a use-after-free as show below:

[ 3482.071639] general protection fault: 0000 [#1] SMP
[ 3482.075639] Modules linked in: aes_x86_64 glue_helper lrw ablk_helper cryptd gf128mul ipv6 pcspkr serio_raw virtio_net microcode virtio_pci virtio_ring virtio sr_mod cdrom [last unloaded: aesni_intel]
[ 3482.075639] CPU: 1 PID: 11065 Comm: crconf Not tainted 4.3.4-grsec+ #126
[ 3482.075639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.7.5-20140531_083030-gandalf 04/01/2014
[ 3482.075639] task: ffff88001cd41a40 ti: ffff88001cd422c8 task.ti: ffff88001cd422c8
[ 3482.075639] RIP: 0010:[<ffffffff93722bd3>]  [<ffffffff93722bd3>] strncpy+0x13/0x30
[ 3482.075639] RSP: 0018:ffff88001f713b60  EFLAGS: 00010202
[ 3482.075639] RAX: ffff88001f6c4430 RBX: ffff88001f6c43a0 RCX: ffff88001f6c4430
[ 3482.075639] RDX: 0000000000000040 RSI: fefefefefefeff16 RDI: ffff88001f6c4430
[ 3482.075639] RBP: ffff88001f713b60 R08: ffff88001f6c4470 R09: ffff88001f6c4480
[ 3482.075639] R10: 0000000000000002 R11: 0000000000000246 R12: ffff88001ce2aa28
[ 3482.075639] R13: ffff880000093700 R14: ffff88001f5e4bf8 R15: 0000000000003b20
[ 3482.075639] FS:  0000033826fa2700(0000) GS:ffff88001e900000(0000) knlGS:0000000000000000
[ 3482.075639] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3482.075639] CR2: ffffffffff600400 CR3: 00000000139ec000 CR4: 00000000001606f0
[ 3482.075639] Stack:
[ 3482.075639]  ffff88001f713bd8 ffffffff936ccd00 ffff88001e5c4200 ffff880000093700
[ 3482.075639]  ffff88001f713bd0 ffffffff938ef4bf 0000000000000000 0000000000003b20
[ 3482.075639]  ffff88001f5e4bf8 ffff88001f5e4848 0000000000000000 0000000000003b20
[ 3482.075639] Call Trace:
[ 3482.075639]  [<ffffffff936ccd00>] crypto_report_alg+0xc0/0x3e0
[ 3482.075639]  [<ffffffff938ef4bf>] ? __alloc_skb+0x16f/0x300
[ 3482.075639]  [<ffffffff936cd08a>] crypto_dump_report+0x6a/0x90
[ 3482.075639]  [<ffffffff93935707>] netlink_dump+0x147/0x2e0
[ 3482.075639]  [<ffffffff93935f99>] __netlink_dump_start+0x159/0x190
[ 3482.075639]  [<ffffffff936ccb13>] crypto_user_rcv_msg+0xc3/0x130
[ 3482.075639]  [<ffffffff936cd020>] ? crypto_report_alg+0x3e0/0x3e0
[ 3482.075639]  [<ffffffff936cc4b0>] ? alg_test_crc32c+0x120/0x120
[ 3482.075639]  [<ffffffff93933145>] ? __netlink_lookup+0xd5/0x120
[ 3482.075639]  [<ffffffff936cca50>] ? crypto_add_alg+0x1d0/0x1d0
[ 3482.075639]  [<ffffffff93938141>] netlink_rcv_skb+0xe1/0x130
[ 3482.075639]  [<ffffffff936cc4f8>] crypto_netlink_rcv+0x28/0x40
[ 3482.075639]  [<ffffffff939375a8>] netlink_unicast+0x108/0x180
[ 3482.075639]  [<ffffffff93937c21>] netlink_sendmsg+0x541/0x770
[ 3482.075639]  [<ffffffff938e31e1>] sock_sendmsg+0x21/0x40
[ 3482.075639]  [<ffffffff938e4763>] SyS_sendto+0xf3/0x130
[ 3482.075639]  [<ffffffff93444203>] ? bad_area_nosemaphore+0x13/0x20
[ 3482.075639]  [<ffffffff93444470>] ? __do_page_fault+0x80/0x3a0
[ 3482.075639]  [<ffffffff939d80cb>] entry_SYSCALL_64_fastpath+0x12/0x6e
[ 3482.075639] Code: 88 4a ff 75 ed 5d 48 0f ba 2c 24 3f c3 66 66 2e 0f 1f 84 00 00 00 00 00 55 48 85 d2 48 89 f8 48 89 f9 4c 8d 04 17 48 89 e5 74 15 <0f> b6 16 80 fa 01 88 11 48 83 de ff 48 83 c1 01 4c 39 c1 75 eb
[ 3482.075639] RIP  [<ffffffff93722bd3>] strncpy+0x13/0x30

To trigger the race run the following loops simultaneously for a while:
  $ while : ; do modprobe aesni-intel; rmmod aesni-intel; done
  $ while : ; do crconf show all > /dev/null; done

Fix the race by taking the crypto_alg_sem read lock, thereby preventing
crypto_unregister_alg() from modifying the algorithm list during the
dump.

This bug has been detected by the PaX memory sanitize feature.

Cc: stable@vger.kernel.org
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: PaX Team <pageexec@freemail.hu>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2016-02-06 15:23:55 +08:00
..
asymmetric_keys
PKCS#7: Don't require SpcSpOpusInfo in Authenticode pkcs7 signatures
2016-01-25 21:47:45 +08:00
async_tx
async_tx: use GFP_NOWAIT rather than GFP_IO
2016-01-07 11:06:18 +05:30
.gitignore
crypto: rsa - add .gitignore for crypto/*.-asn1.[ch] files
2015-06-25 23:29:24 +08:00
842.c
crypto: 842 - change 842 alg to use software
2015-05-11 15:06:43 +08:00
ablk_helper.c
crypto: cryptd - process CRYPTO_ALG_INTERNAL
2015-03-31 21:21:04 +08:00
ablkcipher.c
crypto: skcipher - Copy iv from desc even for 0-len walks
2015-12-09 20:16:22 +08:00
aead.c
crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag
2015-08-17 16:53:53 +08:00
aes_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
af_alg.c
crypto: af_alg - Forbid bind(2) when nokey child sockets are present
2016-01-18 18:16:33 +08:00
ahash.c
crypto: hash - Add crypto_ahash_has_setkey
2016-01-18 18:16:11 +08:00
akcipher.c
crypto: akcipher - add akcipher declarations needed by templates.
2015-12-09 20:03:57 +08:00
algapi.c
crypto: api - use list_first_entry_or_null and list_next_entry
2015-11-23 20:55:50 +08:00
algboss.c
crypto: algboss - Remove reference to nivaead
2015-08-17 16:53:41 +08:00
algif_aead.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2016-01-12 18:57:02 -08:00
algif_hash.c
crypto: algif_hash - wait for crypto_ahash_init() to complete
2016-01-30 22:05:15 +08:00
algif_rng.c
crypto: algif_rng - Remove obsolete const-removal cast
2015-04-22 09:30:21 +08:00
algif_skcipher.c
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
2016-01-22 11:58:43 -08:00
ansi_cprng.c
crypto: ansi_cprng - Convert to new rng interface
2015-04-22 09:30:18 +08:00
anubis.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
api.c
crypto: api - Only abort operations on fatal signal
2015-10-20 21:59:25 +08:00
arc4.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
authenc.c
crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag
2015-08-17 16:53:53 +08:00
authencesn.c
crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag
2015-08-17 16:53:53 +08:00
blkcipher.c
crypto: skcipher - Copy iv from desc even for 0-len walks
2015-12-09 20:16:22 +08:00
blowfish_common.c
crypto: blowfish - split generic and common c code
2011-09-22 21:25:25 +10:00
blowfish_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
camellia_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
cast5_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
cast6_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
cast_common.c
crypto: make tables used from assembler __visible
2013-08-14 20:42:03 +10:00
cbc.c
crypto: include crypto- module prefix in template
2014-11-26 20:06:30 +08:00
ccm.c
crypto: replace scatterwalk_sg_chain with sg_chain
2015-08-17 08:12:54 -06:00
chacha20_generic.c
crypto: chacha20 - Export common ChaCha20 helpers
2015-07-17 21:20:21 +08:00
chacha20poly1305.c
crypto: chacha20poly1305 - Skip encryption/decryption for 0-len
2015-12-09 20:16:04 +08:00
chainiv.c
crypto: chainiv - Offer normal cipher functionality without RNG
2015-06-22 15:49:28 +08:00
cipher.c
crypto: cipher - Fix checkpatch errors
2010-02-16 20:31:37 +08:00
cmac.c
crypto: include crypto- module prefix in template
2014-11-26 20:06:30 +08:00
compress.c
crypto: compress - Fix checkpatch errors
2010-02-16 20:31:04 +08:00
crc32.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
crc32c_generic.c
crypto: crc32c - Fix crc32c soft dependency
2016-01-19 15:52:10 +08:00
crct10dif_common.c
crypto: crct10dif - Add fallback for broken initrds
2013-09-12 15:31:34 +10:00
crct10dif_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
cryptd.c
crypto: cryptd - Assign statesize properly
2015-12-04 22:29:53 +08:00
crypto_null.c
crypto: null - Add default null skcipher
2015-05-22 11:25:55 +08:00
crypto_user.c
crypto: user - lock crypto_alg_list on alg dump
2016-02-06 15:23:55 +08:00
crypto_wq.c
crypto: crypto_wq - Fix late crypto work queue initialization
2014-03-21 21:54:28 +08:00
ctr.c
crypto: include crypto- module prefix in template
2014-11-26 20:06:30 +08:00
cts.c
crypto: cts - Weed out non-CBC algorithms
2015-01-20 14:44:15 +11:00
deflate.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
des_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
drbg.c
crypto: drbg - constify drbg_state_ops structures
2015-12-10 22:39:44 +08:00
ecb.c
crypto: include crypto- module prefix in template
2014-11-26 20:06:30 +08:00
echainiv.c
crypto: echainiv - Use generic geniv init/exit helpers
2015-08-17 16:53:46 +08:00
eseqiv.c
crypto: eseqiv - Offer normal cipher functionality without RNG
2015-06-22 15:49:28 +08:00
fcrypt.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
fips.c
crypto: fips - Move fips_enabled sysctl into fips.c
2015-04-23 14:18:09 +08:00
gcm.c
Merge branch 'for-4.3/sg' of git://git.kernel.dk/linux-block
2015-09-02 13:22:38 -07:00
gf128mul.c
crypto: gf128mul - fix call to memset()
2011-07-08 17:21:21 +08:00
ghash-generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
hash_info.c
keys, trusted: select hash algorithm for TPM2 chips
2015-12-20 15:27:12 +02:00
hmac.c
crypto: include crypto- module prefix in template
2014-11-26 20:06:30 +08:00
internal.h
crypto: api - Remove linux/fips.h from internal.h
2015-04-23 14:18:10 +08:00
jitterentropy-kcapi.c
crypto: jitterentropy - remove unnecessary information from a comment
2015-10-14 22:23:16 +08:00
jitterentropy.c
crypto: jitterentropy - Delete unnecessary checks before the function call "kzfree"
2015-06-25 23:18:33 +08:00
Kconfig
crypto: ghash,poly1305 - select CRYPTO_HASH where needed
2016-01-26 22:27:31 +08:00
keywrap.c
crypto: keywrap - add key wrapping block chaining mode
2015-10-15 21:05:04 +08:00
khazad.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
lrw.c
crypto: include crypto- module prefix in template
2014-11-26 20:06:30 +08:00
lz4.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
lz4hc.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
lzo.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
Makefile
crypto: rsa - RSA padding algorithm
2015-12-09 20:03:57 +08:00
mcryptd.c
crypto: mcryptd - use list_first_entry_or_null()
2015-11-23 20:55:51 +08:00
md4.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
md5.c
crypto: hash - add zero length message hash for shax and md5
2015-12-22 20:43:35 +08:00
memneq.c
crypto: memneq - fix for archs without efficient unaligned access
2013-12-09 20:09:12 +08:00
michael_mic.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
pcbc.c
crypto: include crypto- module prefix in template
2014-11-26 20:06:30 +08:00
pcompress.c
crypto: pcomp - Use crypto_alg_extsize helper
2015-04-21 10:19:55 +08:00
pcrypt.c
crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag
2015-08-17 16:53:53 +08:00
poly1305_generic.c
crypto: poly1305 - Export common Poly1305 helpers
2015-07-17 21:20:26 +08:00
proc.c
crypto: fips - Move fips_enabled sysctl into fips.c
2015-04-23 14:18:09 +08:00
ripemd.h
rmd128.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
rmd160.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
rmd256.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
rmd320.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
rng.c
crypto: rng - Do not free default RNG when it becomes unused
2015-06-22 15:49:18 +08:00
rsa_helper.c
crypto: akcipher - Changes to asymmetric key API
2015-10-14 22:23:16 +08:00
rsa-pkcs1pad.c
crypto: rsa-pkcs1pad - don't allocate buffer on stack
2015-12-22 20:43:24 +08:00
rsa.c
crypto: rsa - RSA padding algorithm
2015-12-09 20:03:57 +08:00
rsaprivkey.asn1
crypto: akcipher - Changes to asymmetric key API
2015-10-14 22:23:16 +08:00
rsapubkey.asn1
crypto: akcipher - Changes to asymmetric key API
2015-10-14 22:23:16 +08:00
salsa20_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
scatterwalk.c
crypto: scatterwalk - Hide PageSlab call to optimise away flush_dcache_page
2015-06-03 10:51:25 +08:00
seed.c
crypto: prefix module autoloading with "crypto-"
2014-11-24 22:43:57 +08:00
seqiv.c
crypto: seqiv - Use generic geniv init/exit helpers
2015-08-17 16:53:46 +08:00
serpent_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
sha1_generic.c
crypto: hash - add zero length message hash for shax and md5
2015-12-22 20:43:35 +08:00
sha256_generic.c
crypto: hash - add zero length message hash for shax and md5
2015-12-22 20:43:35 +08:00
sha512_generic.c
crypto: sha512-generic - move to generic glue implementation
2015-04-10 21:39:41 +08:00
shash.c
crypto: shash - Fix has_key setting
2016-01-27 20:25:13 +08:00
skcipher.c
crypto: skcipher - Add crypto_skcipher_has_setkey
2016-01-18 18:16:12 +08:00
tcrypt.c
crypto: tcrypt - fix keysize argument of test_aead_speed for gcm(aes)
2015-11-23 20:55:52 +08:00
tcrypt.h
crypto: tcrypt - Add ChaCha20/Poly1305 speed tests
2015-07-17 21:20:20 +08:00
tea.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
testmgr.c
crypto: keywrap - add testmgr support
2015-10-15 21:05:08 +08:00
testmgr.h
crypto: keywrap - add testmgr support
2015-10-15 21:05:08 +08:00
tgr192.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
twofish_common.c
crypto: twofish-x86_64-3way - add lrw support
2011-11-09 11:53:32 +08:00
twofish_generic.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
vmac.c
crypto: include crypto- module prefix in template
2014-11-26 20:06:30 +08:00
wp512.c
crypto: add missing crypto module aliases
2015-01-13 22:29:11 +11:00
xcbc.c
crypto: include crypto- module prefix in template
2014-11-26 20:06:30 +08:00
xor.c
add further __init annotations to crypto/xor.c
2012-10-11 13:42:32 +11:00
xts.c
crypto: include crypto- module prefix in template
2014-11-26 20:06:30 +08:00
zlib.c
crypto: pcomp - Constify (de)compression parameters
2015-05-01 11:16:37 +08:00