From: Greg Kroah-Hartman Date: Wed, 14 Feb 2018 18:58:31 +0000 (+0100) Subject: 4.4-stable patches X-Git-Tag: v4.15.4~30 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=039b251f371f305cf005e722ee4c46c9a0aea306;p=thirdparty%2Fkernel%2Fstable-queue.git 4.4-stable patches added patches: crypto-cryptd-pass-through-absence-of-setkey.patch crypto-hash-introduce-crypto_hash_alg_has_setkey.patch crypto-mcryptd-pass-through-absence-of-setkey.patch crypto-poly1305-remove-setkey-method.patch --- diff --git a/queue-4.4/crypto-cryptd-pass-through-absence-of-setkey.patch b/queue-4.4/crypto-cryptd-pass-through-absence-of-setkey.patch new file mode 100644 index 00000000000..e5d758b4261 --- /dev/null +++ b/queue-4.4/crypto-cryptd-pass-through-absence-of-setkey.patch @@ -0,0 +1,34 @@ +From 841a3ff329713f796a63356fef6e2f72e4a3f6a3 Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Wed, 3 Jan 2018 11:16:23 -0800 +Subject: crypto: cryptd - pass through absence of ->setkey() + +From: Eric Biggers + +commit 841a3ff329713f796a63356fef6e2f72e4a3f6a3 upstream. + +When the cryptd template is used to wrap an unkeyed hash algorithm, +don't install a ->setkey() method to the cryptd instance. This change +is necessary for cryptd to keep working with unkeyed hash algorithms +once we start enforcing that ->setkey() is called when present. + +Signed-off-by: Eric Biggers +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/cryptd.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/crypto/cryptd.c ++++ b/crypto/cryptd.c +@@ -654,7 +654,8 @@ static int cryptd_create_hash(struct cry + inst->alg.finup = cryptd_hash_finup_enqueue; + inst->alg.export = cryptd_hash_export; + inst->alg.import = cryptd_hash_import; +- inst->alg.setkey = cryptd_hash_setkey; ++ if (crypto_shash_alg_has_setkey(salg)) ++ inst->alg.setkey = cryptd_hash_setkey; + inst->alg.digest = cryptd_hash_digest_enqueue; + + err = ahash_register_instance(tmpl, inst); diff --git a/queue-4.4/crypto-hash-introduce-crypto_hash_alg_has_setkey.patch b/queue-4.4/crypto-hash-introduce-crypto_hash_alg_has_setkey.patch new file mode 100644 index 00000000000..19641e71cb3 --- /dev/null +++ b/queue-4.4/crypto-hash-introduce-crypto_hash_alg_has_setkey.patch @@ -0,0 +1,55 @@ +From cd6ed77ad5d223dc6299fb58f62e0f5267f7e2ba Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Wed, 3 Jan 2018 11:16:22 -0800 +Subject: crypto: hash - introduce crypto_hash_alg_has_setkey() + +From: Eric Biggers + +commit cd6ed77ad5d223dc6299fb58f62e0f5267f7e2ba upstream. + +Templates that use an shash spawn can use crypto_shash_alg_has_setkey() +to determine whether the underlying algorithm requires a key or not. +But there was no corresponding function for ahash spawns. Add it. + +Note that the new function actually has to support both shash and ahash +algorithms, since the ahash API can be used with either. + +Signed-off-by: Eric Biggers +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/ahash.c | 11 +++++++++++ + include/crypto/internal/hash.h | 2 ++ + 2 files changed, 13 insertions(+) + +--- a/crypto/ahash.c ++++ b/crypto/ahash.c +@@ -637,5 +637,16 @@ struct hash_alg_common *ahash_attr_alg(s + } + EXPORT_SYMBOL_GPL(ahash_attr_alg); + ++bool crypto_hash_alg_has_setkey(struct hash_alg_common *halg) ++{ ++ struct crypto_alg *alg = &halg->base; ++ ++ if (alg->cra_type != &crypto_ahash_type) ++ return crypto_shash_alg_has_setkey(__crypto_shash_alg(alg)); ++ ++ return __crypto_ahash_alg(alg)->setkey != NULL; ++} ++EXPORT_SYMBOL_GPL(crypto_hash_alg_has_setkey); ++ + MODULE_LICENSE("GPL"); + MODULE_DESCRIPTION("Asynchronous cryptographic hash type"); +--- a/include/crypto/internal/hash.h ++++ b/include/crypto/internal/hash.h +@@ -91,6 +91,8 @@ static inline bool crypto_shash_alg_has_ + return alg->setkey != shash_no_setkey; + } + ++bool crypto_hash_alg_has_setkey(struct hash_alg_common *halg); ++ + int crypto_init_ahash_spawn(struct crypto_ahash_spawn *spawn, + struct hash_alg_common *alg, + struct crypto_instance *inst); diff --git a/queue-4.4/crypto-mcryptd-pass-through-absence-of-setkey.patch b/queue-4.4/crypto-mcryptd-pass-through-absence-of-setkey.patch new file mode 100644 index 00000000000..12fa30ef9ae --- /dev/null +++ b/queue-4.4/crypto-mcryptd-pass-through-absence-of-setkey.patch @@ -0,0 +1,34 @@ +From fa59b92d299f2787e6bae1ff078ee0982e80211f Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Wed, 3 Jan 2018 11:16:24 -0800 +Subject: crypto: mcryptd - pass through absence of ->setkey() + +From: Eric Biggers + +commit fa59b92d299f2787e6bae1ff078ee0982e80211f upstream. + +When the mcryptd template is used to wrap an unkeyed hash algorithm, +don't install a ->setkey() method to the mcryptd instance. This change +is necessary for mcryptd to keep working with unkeyed hash algorithms +once we start enforcing that ->setkey() is called when present. + +Signed-off-by: Eric Biggers +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/mcryptd.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/crypto/mcryptd.c ++++ b/crypto/mcryptd.c +@@ -540,7 +540,8 @@ static int mcryptd_create_hash(struct cr + inst->alg.finup = mcryptd_hash_finup_enqueue; + inst->alg.export = mcryptd_hash_export; + inst->alg.import = mcryptd_hash_import; +- inst->alg.setkey = mcryptd_hash_setkey; ++ if (crypto_hash_alg_has_setkey(halg)) ++ inst->alg.setkey = mcryptd_hash_setkey; + inst->alg.digest = mcryptd_hash_digest_enqueue; + + err = ahash_register_instance(tmpl, inst); diff --git a/queue-4.4/crypto-poly1305-remove-setkey-method.patch b/queue-4.4/crypto-poly1305-remove-setkey-method.patch new file mode 100644 index 00000000000..38723f8b47e --- /dev/null +++ b/queue-4.4/crypto-poly1305-remove-setkey-method.patch @@ -0,0 +1,90 @@ +From a16e772e664b9a261424107784804cffc8894977 Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Wed, 3 Jan 2018 11:16:25 -0800 +Subject: crypto: poly1305 - remove ->setkey() method + +From: Eric Biggers + +commit a16e772e664b9a261424107784804cffc8894977 upstream. + +Since Poly1305 requires a nonce per invocation, the Linux kernel +implementations of Poly1305 don't use the crypto API's keying mechanism +and instead expect the key and nonce as the first 32 bytes of the data. +But ->setkey() is still defined as a stub returning an error code. This +prevents Poly1305 from being used through AF_ALG and will also break it +completely once we start enforcing that all crypto API users (not just +AF_ALG) call ->setkey() if present. + +Fix it by removing crypto_poly1305_setkey(), leaving ->setkey as NULL. + +Signed-off-by: Eric Biggers +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/crypto/poly1305_glue.c | 1 - + crypto/poly1305_generic.c | 17 +++++------------ + include/crypto/poly1305.h | 2 -- + 3 files changed, 5 insertions(+), 15 deletions(-) + +--- a/arch/x86/crypto/poly1305_glue.c ++++ b/arch/x86/crypto/poly1305_glue.c +@@ -164,7 +164,6 @@ static struct shash_alg alg = { + .init = poly1305_simd_init, + .update = poly1305_simd_update, + .final = crypto_poly1305_final, +- .setkey = crypto_poly1305_setkey, + .descsize = sizeof(struct poly1305_simd_desc_ctx), + .base = { + .cra_name = "poly1305", +--- a/crypto/poly1305_generic.c ++++ b/crypto/poly1305_generic.c +@@ -51,17 +51,6 @@ int crypto_poly1305_init(struct shash_de + } + EXPORT_SYMBOL_GPL(crypto_poly1305_init); + +-int crypto_poly1305_setkey(struct crypto_shash *tfm, +- const u8 *key, unsigned int keylen) +-{ +- /* Poly1305 requires a unique key for each tag, which implies that +- * we can't set it on the tfm that gets accessed by multiple users +- * simultaneously. Instead we expect the key as the first 32 bytes in +- * the update() call. */ +- return -ENOTSUPP; +-} +-EXPORT_SYMBOL_GPL(crypto_poly1305_setkey); +- + static void poly1305_setrkey(struct poly1305_desc_ctx *dctx, const u8 *key) + { + /* r &= 0xffffffc0ffffffc0ffffffc0fffffff */ +@@ -80,6 +69,11 @@ static void poly1305_setskey(struct poly + dctx->s[3] = le32_to_cpuvp(key + 12); + } + ++/* ++ * Poly1305 requires a unique key for each tag, which implies that we can't set ++ * it on the tfm that gets accessed by multiple users simultaneously. Instead we ++ * expect the key as the first 32 bytes in the update() call. ++ */ + unsigned int crypto_poly1305_setdesckey(struct poly1305_desc_ctx *dctx, + const u8 *src, unsigned int srclen) + { +@@ -285,7 +279,6 @@ static struct shash_alg poly1305_alg = { + .init = crypto_poly1305_init, + .update = crypto_poly1305_update, + .final = crypto_poly1305_final, +- .setkey = crypto_poly1305_setkey, + .descsize = sizeof(struct poly1305_desc_ctx), + .base = { + .cra_name = "poly1305", +--- a/include/crypto/poly1305.h ++++ b/include/crypto/poly1305.h +@@ -30,8 +30,6 @@ struct poly1305_desc_ctx { + }; + + int crypto_poly1305_init(struct shash_desc *desc); +-int crypto_poly1305_setkey(struct crypto_shash *tfm, +- const u8 *key, unsigned int keylen); + unsigned int crypto_poly1305_setdesckey(struct poly1305_desc_ctx *dctx, + const u8 *src, unsigned int srclen); + int crypto_poly1305_update(struct shash_desc *desc, diff --git a/queue-4.4/series b/queue-4.4/series index a2f5443cfbe..9c5726c667d 100644 --- a/queue-4.4/series +++ b/queue-4.4/series @@ -64,3 +64,7 @@ kernfs-fix-regression-in-kernfs_fop_write-caused-by-wrong-type.patch ahci-annotate-pci-ids-for-mobile-intel-chipsets-as-such.patch ahci-add-pci-ids-for-intel-bay-trail-cherry-trail-and-apollo-lake-ahci.patch ahci-add-intel-cannon-lake-pch-h-pci-id.patch +crypto-hash-introduce-crypto_hash_alg_has_setkey.patch +crypto-cryptd-pass-through-absence-of-setkey.patch +crypto-mcryptd-pass-through-absence-of-setkey.patch +crypto-poly1305-remove-setkey-method.patch