Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/crypto
History
Shivani Agarwal 6f6e309328 crypto: af_alg - zero initialize memory allocated via sock_kmalloc 
Several crypto user API contexts and requests allocated with
sock_kmalloc() were left uninitialized, relying on callers to
set fields explicitly. This resulted in the use of uninitialized
data in certain error paths or when new fields are added in the
future.

The ACVP patches also contain two user-space interface files:
algif_kpp.c and algif_akcipher.c. These too rely on proper
initialization of their context structures.

A particular issue has been observed with the newly added
'inflight' variable introduced in af_alg_ctx by commit:

  67b164a871 ("crypto: af_alg - Disallow multiple in-flight AIO requests")

Because the context is not memset to zero after allocation,
the inflight variable has contained garbage values. As a result,
af_alg_alloc_areq() has incorrectly returned -EBUSY randomly when
the garbage value was interpreted as true:

  https://github.com/gregkh/linux/blame/master/crypto/af_alg.c#L1209

The check directly tests ctx->inflight without explicitly
comparing against true/false. Since inflight is only ever set to
true or false later, an uninitialized value has triggered
-EBUSY failures. Zero-initializing memory allocated with
sock_kmalloc() ensures inflight and other fields start in a known
state, removing random issues caused by uninitialized data.

Fixes: fe869cdb89 ("crypto: algif_hash - User-space interface for hash operations")
Fixes: 5afdfd22e6 ("crypto: algif_rng - add random number generator support")
Fixes: 2d97591ef4 ("crypto: af_alg - consolidation of duplicate code")
Fixes: 67b164a871 ("crypto: af_alg - Disallow multiple in-flight AIO requests")
Cc: stable@vger.kernel.org
Signed-off-by: Shivani Agarwal <shivani.agarwal@broadcom.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
 		2025-10-17 16:03:57 +08:00
..
asymmetric_keys This update includes the following changes: 2025-10-04 14:59:29 -07:00
async_tx lib/raid6: replace custom zero page with ZERO_PAGE 2025-07-09 22:57:54 -07:00
krb5 crypto: krb5 - Fix memory leak in krb5_test_one_prf() 2025-07-18 20:52:00 +10:00
842.c crypto: comp - Use same definition of context alloc and free ops 2025-09-20 20:21:03 +08:00
Kconfig crypto: drbg - Export CTR DRBG DF functions 2025-10-17 16:03:57 +08:00
Makefile crypto: drbg - Export CTR DRBG DF functions 2025-10-17 16:03:57 +08:00
acompress.c crypto: api - Rename CRYPTO_ALG_REQ_CHAIN to CRYPTO_ALG_REQ_VIRT 2025-05-05 18:20:45 +08:00
adiantum.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
aead.c crypto: api - Add support for duplicating algorithms before registration 2025-04-16 15:36:24 +08:00
aegis-neon.h crypto: aegis128-neon - add header for internal prototypes 2023-05-24 18:12:33 +08:00
aegis.h
aegis128-core.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
aegis128-neon-inner.c crypto: aegis128-neon - add header for internal prototypes 2023-05-24 18:12:33 +08:00
aegis128-neon.c crypto: aegis128-neon - add header for internal prototypes 2023-05-24 18:12:33 +08:00
aes_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
aes_ti.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
af_alg.c crypto: af_alg - zero initialize memory allocated via sock_kmalloc 2025-10-17 16:03:57 +08:00
ahash.c crypto: remove nth_page() usage within SG entry 2025-09-21 14:22:09 -07:00
akcipher.c crypto: api - Add support for duplicating algorithms before registration 2025-04-16 15:36:24 +08:00
algapi.c crypto: algapi - Add driver template support to crypto_inst_setname 2025-05-19 13:48:20 +08:00
algboss.c crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS 2025-05-12 13:33:14 +08:00
algif_aead.c crypto: algif_aead - use memcpy_sglist() instead of null skcipher 2025-05-12 13:32:53 +08:00
algif_hash.c crypto: af_alg - zero initialize memory allocated via sock_kmalloc 2025-10-17 16:03:57 +08:00
algif_rng.c crypto: af_alg - zero initialize memory allocated via sock_kmalloc 2025-10-17 16:03:57 +08:00
algif_skcipher.c crypto: Add missing MODULE_DESCRIPTION() macros 2024-05-31 17:34:56 +08:00
ansi_cprng.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
anubis.c crypto: anubis - simplify return statement in anubis_mod_init 2025-09-20 20:21:04 +08:00
api.c crypto: api - Redo lookup on EEXIST 2025-05-23 19:25:47 +08:00
arc4.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
aria_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
authenc.c crypto: authenc - use memcpy_sglist() instead of null skcipher 2025-05-12 13:32:53 +08:00
authencesn.c crypto: authenc - use memcpy_sglist() instead of null skcipher 2025-05-12 13:32:53 +08:00
blake2b_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
blowfish_common.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
blowfish_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
bpf_crypto_skcipher.c crypto: bpf - Add MODULE_DESCRIPTION for skcipher 2025-03-02 15:19:43 +08:00
camellia_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
cast5_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
cast6_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
cast_common.c crypto: Add missing MODULE_DESCRIPTION() macros 2024-05-31 17:34:56 +08:00
cbc.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
ccm.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
chacha.c crypto: chacha - register only "-lib" drivers 2025-08-29 09:50:19 -07:00
chacha20poly1305.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
cipher.c module: Convert symbol namespace to string literal 2024-12-02 11:34:44 -08:00
cmac.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
compress.h crypto: acomp - Move stream management into scomp layer 2025-03-15 16:21:22 +08:00
crc32.c crypto/crc32[c]: register only "-lib" drivers 2025-06-30 09:31:56 -07:00
crc32c.c crypto/crc32[c]: register only "-lib" drivers 2025-06-30 09:31:56 -07:00
cryptd.c crypto: cryptd - WQ_PERCPU added to alloc_workqueue users 2025-09-13 12:11:06 +08:00
crypto_engine.c crypto: engine - remove {prepare,unprepare}_crypt_hardware callbacks 2025-07-18 20:52:00 +10:00
crypto_null.c crypto: null - use memcpy_sglist() 2025-05-12 13:32:53 +08:00
crypto_user.c crypto: remove obsolete 'comp' compression API 2025-03-21 17:39:06 +08:00
ctr.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
cts.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
deflate.c crypto: acomp - Fix CFI failure due to type punning 2025-07-18 20:52:00 +10:00
des_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
df_sp80090a.c crypto: drbg - Replace AES cipher calls with library calls 2025-10-17 16:03:57 +08:00
dh.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
dh_helper.c
drbg.c crypto: drbg - Replace AES cipher calls with library calls 2025-10-17 16:03:57 +08:00
ecb.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
ecc.c crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() 2025-02-09 18:08:12 +08:00
ecc_curve_defs.h crypto: ecc - Add NIST P521 curve parameters 2024-04-12 15:07:52 +08:00
ecdh.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
ecdh_helper.c
ecdsa-p1363.c crypto: ecdsa - Fix NIST P521 key size reported by KEYCTL_PKEY_QUERY 2025-04-16 15:16:21 +08:00
ecdsa-x962.c crypto: ecdsa - Fix NIST P521 key size reported by KEYCTL_PKEY_QUERY 2025-04-16 15:16:21 +08:00
ecdsa.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
ecdsasignature.asn1
echainiv.c crypto: geniv - use memcpy_sglist() instead of null skcipher 2025-05-12 13:32:53 +08:00
ecrdsa.c crypto: ecdsa - Fix NIST P521 key size reported by KEYCTL_PKEY_QUERY 2025-04-16 15:16:21 +08:00
ecrdsa_defs.h crypto: ecc - Add nbits field to ecc_curve structure 2024-04-12 15:07:52 +08:00
ecrdsa_params.asn1
ecrdsa_pub_key.asn1
essiv.c crypto: essiv - Check ssize for decryption and in-place encryption 2025-10-09 15:02:35 +08:00
fcrypt.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
fips.c crypto: fips - replace simple_strtol with kstrtoint to improve fips_enable 2025-10-17 16:03:57 +08:00
gcm.c crypto: gcm - use memcpy_sglist() instead of null skcipher 2025-05-12 13:32:53 +08:00
geniv.c crypto: geniv - use memcpy_sglist() instead of null skcipher 2025-05-12 13:32:53 +08:00
ghash-generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
hash.h crypto: remove CONFIG_CRYPTO_STATS 2024-04-02 10:49:38 +08:00
hctr2.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
hkdf.c crypto: hkdf - move to late_initcall 2025-06-11 10:59:45 +08:00
hmac.c crypto: hmac - Add ahash support 2025-05-19 13:48:20 +08:00
internal.h crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS 2025-05-12 13:33:14 +08:00
jitterentropy-kcapi.c crypto: jitter - Mark intermediary memory as clean 2025-08-30 15:43:25 +08:00
jitterentropy-testing.c crypto: jitter - output full sample from test interface 2024-10-19 08:44:30 +08:00
jitterentropy.c crypto: jitter - replace ARRAY_SIZE definition with header include 2025-07-18 20:52:01 +10:00
jitterentropy.h crypto: jitter - output full sample from test interface 2024-10-19 08:44:30 +08:00
kdf_sp800108.c crypto: testmgr - replace CRYPTO_MANAGER_DISABLE_TESTS with CRYPTO_SELFTESTS 2025-05-12 13:33:14 +08:00
khazad.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
kpp.c crypto: api - Add support for duplicating algorithms before registration 2025-04-16 15:36:24 +08:00
krb5enc.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
lrw.c crypto: lrw - Only add ecb if it is not already there 2025-05-19 13:48:20 +08:00
lskcipher.c crypto: api - Add support for duplicating algorithms before registration 2025-04-16 15:36:24 +08:00
lz4.c crypto: comp - Use same definition of context alloc and free ops 2025-09-20 20:21:03 +08:00
lz4hc.c crypto: comp - Use same definition of context alloc and free ops 2025-09-20 20:21:03 +08:00
lzo-rle.c crypto: comp - Use same definition of context alloc and free ops 2025-09-20 20:21:03 +08:00
lzo.c crypto: comp - Use same definition of context alloc and free ops 2025-09-20 20:21:03 +08:00
md4.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
md5.c crypto: md5 - Implement export_core() and import_core() 2025-09-08 09:47:38 -07:00
michael_mic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
nhpoly1305.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
pcbc.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
pcrypt.c crypto: pcrypt - Optimize pcrypt_aead_init_tfm() 2025-06-13 17:26:17 +08:00
polyval-generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
proc.c crypto: remove obsolete 'comp' compression API 2025-03-21 17:39:06 +08:00
ripemd.h
rmd160.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
rng.c crypto: rng - Ensure set_ent is always present 2025-10-06 10:17:07 +08:00
rsa-pkcs1pad.c crypto: rsassa-pkcs1 - Migrate to sig_alg backend 2024-10-05 13:22:04 +08:00
rsa.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
rsa_helper.c
rsaprivkey.asn1 treewide: Add SPDX identifier to IETF ASN.1 modules 2023-10-27 18:04:28 +08:00
rsapubkey.asn1 treewide: Add SPDX identifier to IETF ASN.1 modules 2023-10-27 18:04:28 +08:00
rsassa-pkcs1.c crypto: ecdsa - Fix NIST P521 key size reported by KEYCTL_PKEY_QUERY 2025-04-16 15:16:21 +08:00
scatterwalk.c crypto: scatterwalk - Move skcipher walk and use it for memcpy_sglist 2025-04-28 19:45:26 +08:00
scompress.c crypto: remove nth_page() usage within SG entry 2025-09-21 14:22:09 -07:00
seed.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
seqiv.c crypto: geniv - use memcpy_sglist() instead of null skcipher 2025-05-12 13:32:53 +08:00
serpent_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
sha1.c crypto: sha1 - Implement export_core() and import_core() 2025-09-02 19:02:35 -07:00
sha3_generic.c crypto: sha3-generic - Use API partial block handling 2025-04-23 15:52:46 +08:00
sha256.c crypto: sha256 - Implement export_core() and import_core() 2025-09-02 19:02:37 -07:00
sha512.c crypto: sha512 - Implement export_core() and import_core() 2025-09-02 19:02:39 -07:00
shash.c crypto: shash - Fix buffer overrun in import function 2025-05-27 13:43:32 +08:00
sig.c crypto: api - Add support for duplicating algorithms before registration 2025-04-16 15:36:24 +08:00
simd.c crypto: simd - Do not call crypto_alloc_tfm during registration 2024-08-24 21:39:15 +08:00
skcipher.c crypto: skcipher - Fix reqsize handling 2025-10-08 16:13:07 +08:00
skcipher.h crypto: remove CONFIG_CRYPTO_STATS 2024-04-02 10:49:38 +08:00
sm3_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
sm4.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
sm4_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
streebog_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
tcrypt.c crypto: tcrypt - rename CRYPTO_TEST to CRYPTO_BENCHMARK 2025-05-12 13:32:53 +08:00
tcrypt.h crypto: tcrypt - rename CRYPTO_TEST to CRYPTO_BENCHMARK 2025-05-12 13:32:53 +08:00
tea.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
testmgr.c This push contains the following changes: 2025-10-08 09:38:31 -07:00
testmgr.h crypto: testmgr - Remove curve25519 kpp tests 2025-09-06 14:45:49 -07:00
twofish_common.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
twofish_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
wp512.c crypto: wp512 - Use API partial block handling 2025-06-23 16:56:56 +08:00
xcbc.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
xctr.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
xor.c crypto: xor - fix template benchmarking 2024-08-02 20:53:25 +08:00
xts.c crypto: xts - Only add ecb if it is not already there 2025-05-19 13:48:20 +08:00
xxhash_generic.c Revert "crypto: run initcalls for generic implementations earlier" 2025-05-05 18:20:44 +08:00
zstd.c crypto: zstd - Fix compression bug caused by truncation 2025-10-02 15:02:44 +08:00