kpriv/linux-hardened
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Minimal supplement to upstream Kernel Self Protection Project changes. Features already provided by SELinux + Yama and archs other than multiarch arm64 / x86_64 aren't in scope. Only tags have stable history. Shared IRC channel with KSPP: irc.libera.chat #linux-hardening
824841 commits 8 branches 1594 tags 3.2 GiB
C 97.7%
Assembly 1.2%
Shell 0.4%
Makefile 0.3%
Python 0.2%
Other 0.1%
Find a file
Christian Lamparter 7e92e1717e crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues 
Currently, crypto4xx CFB and OFB AES ciphers are
failing testmgr's test vectors.

|cfb-aes-ppc4xx encryption overran dst buffer on test vector 3, cfg="in-place"
|ofb-aes-ppc4xx encryption overran dst buffer on test vector 1, cfg="in-place"

This is because of a very subtile "bug" in the hardware that
gets indirectly mentioned in 18.1.3.5 Encryption/Decryption
of the hardware spec:

the OFB and CFB modes for AES are listed there as operation
modes for >>> "Block ciphers" <<<. Which kind of makes sense,
but we would like them to be considered as stream ciphers just
like the CTR mode.

To workaround this issue and stop the hardware from causing
"overran dst buffer" on crypttexts that are not a multiple
of 16 (AES_BLOCK_SIZE), we force the driver to use the scatter
buffers as the go-between.

As a bonus this patch also kills redundant pd_uinfo->num_gd
and pd_uinfo->num_sd setters since the value has already been
set before.

Cc: stable@vger.kernel.org
Fixes: f2a13e7cba ("crypto: crypto4xx - enable AES RFC3686, ECB, CFB and OFB offloads")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2019-05-03 14:03:29 +08:00
arch crypto: shash - remove shash_desc::flags 2019-04-25 15:38:12 +08:00
block for-5.1/block-post-20190315 2019-03-16 12:36:39 -07:00
certs kexec, KEYS: Make use of platform keyring for signature verify 2019-02-04 17:34:07 -05:00
crypto crypto: ecrdsa - select ASN1 and OID_REGISTRY for EC-RDSA 2019-04-25 15:40:39 +08:00
Documentation crypto: shash - remove shash_desc::flags 2019-04-25 15:38:12 +08:00
drivers crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues 2019-05-03 14:03:29 +08:00
fs crypto: shash - remove shash_desc::flags 2019-04-25 15:38:12 +08:00
include crypto: shash - remove shash_desc::flags 2019-04-25 15:38:12 +08:00
init init/main: add checks for the return value of memblock_alloc*() 2019-03-12 10:04:02 -07:00
ipc Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-03-12 14:08:19 -07:00
kernel crypto: shash - remove shash_desc::flags 2019-04-25 15:38:12 +08:00
lib crypto: shash - remove shash_desc::flags 2019-04-25 15:38:12 +08:00
LICENSES LICENSES: Add GCC runtime library exception text 2019-01-16 14:54:15 -07:00
mm device-dax for 5.1 2019-03-16 13:05:32 -07:00
net crypto: shash - remove shash_desc::flags 2019-04-25 15:38:12 +08:00
samples Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-03-11 08:54:01 -07:00
scripts kconfig: remove stale lxdialog/.gitignore 2019-03-17 15:47:02 +09:00
security crypto: shash - remove shash_desc::flags 2019-04-25 15:38:12 +08:00
sound sound fixes for 5.1-rc1 2019-03-15 14:05:00 -07:00
tools pidfd patches for v5.1-rc1 2019-03-16 13:47:14 -07:00
usr user/Makefile: Fix typo and capitalization in comment section 2018-12-11 00:18:03 +09:00
virt ARM: some cleanups, direct physical timer assignment, cache sanitization 2019-03-15 15:00:28 -07:00
.clang-format Merge branch 'work.iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-03-12 13:43:42 -07:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore kbuild: Add support for DT binding schema checks 2018-12-13 09:41:32 -06:00
.mailmap .mailmap: Add Mathieu Othacehe 2019-02-21 11:41:19 +00:00
COPYING COPYING: use the new text with points to the license files 2018-03-23 12:41:45 -06:00
CREDITS Char/Misc driver patches for 5.1-rc1 2019-03-06 14:18:59 -08:00
Kbuild Kbuild updates for v5.1 2019-03-10 17:48:21 -07:00
Kconfig kconfig: move the "Executable file formats" menu to fs/Kconfig.binfmt 2018-08-02 08:06:55 +09:00
MAINTAINERS ARM: some cleanups, direct physical timer assignment, cache sanitization 2019-03-15 15:00:28 -07:00
Makefile Linux 5.1-rc1 2019-03-17 14:22:26 -07:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.