redonkable
/
remarkable-linux
1
0
Fork 0
Code Releases Activity
Fork of reMarkable kernel https://github.com/reMarkable/linux
709,459 Commits
26 Branches
0 Tags
2.7 GiB
C 97.7%
Assembly 1.6%
Makefile 0.3%
Perl 0.1%
 
 
 
 
Go to file
Eric Biggers 9c36498f74 crypto: chacha20poly1305 - validate the digest size 
commit e57121d08c upstream.

If the rfc7539 template was instantiated with a hash algorithm with
digest size larger than 16 bytes (POLY1305_DIGEST_SIZE), then the digest
overran the 'tag' buffer in 'struct chachapoly_req_ctx', corrupting the
subsequent memory, including 'cryptlen'.  This caused a crash during
crypto_skcipher_decrypt().

Fix it by, when instantiating the template, requiring that the
underlying hash algorithm has the digest size expected for Poly1305.

Reproducer:

    #include <linux/if_alg.h>
    #include <sys/socket.h>
    #include <unistd.h>

    int main()
    {
            int algfd, reqfd;
            struct sockaddr_alg addr = {
                    .salg_type = "aead",
                    .salg_name = "rfc7539(chacha20,sha256)",
            };
            unsigned char buf[32] = { 0 };

            algfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
            bind(algfd, (void *)&addr, sizeof(addr));
            setsockopt(algfd, SOL_ALG, ALG_SET_KEY, buf, sizeof(buf));
            reqfd = accept(algfd, 0, 0);
            write(reqfd, buf, 16);
            read(reqfd, buf, 16);
    }

Reported-by: syzbot <syzkaller@googlegroups.com>
Fixes: 71ebc4d1b2 ("crypto: chacha20poly1305 - Add a ChaCha20-Poly1305 AEAD construction, RFC7539")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2018-01-10 09:31:18 +01:00
Documentation x86/kaslr: Fix the vaddr_end mess 2018-01-10 09:31:16 +01:00
arch efi/capsule-loader: Reinstate virtual capsule mapping 2018-01-10 09:31:18 +01:00
block block: don't let passthrough IO go into .make_request_fn() 2018-01-02 20:31:05 +01:00
certs License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
crypto crypto: chacha20poly1305 - validate the digest size 2018-01-10 09:31:18 +01:00
drivers crypto: n2 - cure use after free 2018-01-10 09:31:18 +01:00
firmware License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fs btrfs: fix refcount_t usage when deleting btrfs_delayed_nodes 2018-01-10 09:31:17 +01:00
include efi/capsule-loader: Reinstate virtual capsule mapping 2018-01-10 09:31:18 +01:00
init x86/mm/pti: Add infrastructure for page table isolation 2018-01-02 20:30:56 +01:00
ipc License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
kernel kernel/acct.c: fix the acct->needcheck check in check_free_space() 2018-01-10 09:31:17 +01:00
lib x86/unwind: Rename unwinder config options to 'CONFIG_UNWINDER_*' 2017-12-25 14:26:13 +01:00
mm mm/sparse.c: wrong allocation for mem_section 2018-01-10 09:31:17 +01:00
net Revert "xfrm: Fix stack-out-of-bounds read in xfrm_state_find." 2018-01-05 15:48:58 +01:00
samples samples/bpf: adjust rlimit RLIMIT_MEMLOCK for xdp1 2017-12-20 10:10:31 +01:00
scripts linux/compiler.h: Split into compiler.h and compiler_types.h 2017-12-25 14:26:33 +01:00
security capabilities: fix buffer overread on very short xattr 2018-01-05 15:48:57 +01:00
sound ALSA: hda - Fix missing COEF init for ALC225/295/299 2018-01-02 20:31:05 +01:00
tools usbip: fix usbip bind writing random string after command in match_busid 2018-01-02 20:31:13 +01:00
usr initramfs: fix initramfs rebuilds w/ compression after disabling 2017-11-03 07:39:19 -07:00
virt KVM: arm/arm64: Fix HYP unmapping going off limits 2017-12-29 17:53:48 +01:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore Add hch to .get_maintainer.ignore 2015-08-21 14:30:10 -07:00
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore kbuild: Add support to generate LLVM assembly files 2017-04-25 08:13:52 +09:00
.mailmap .mailmap: Add Maciej W. Rozycki's Imagination e-mail address 2017-11-10 12:16:15 -08:00
COPYING
CREDITS MAINTAINERS: update TPM driver infrastructure changes 2017-11-09 17:58:40 -08:00
Kbuild License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Kconfig License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
MAINTAINERS Merge branch 'akpm' (patches from Andrew) 2017-11-09 18:26:51 -08:00
Makefile Linux 4.14.12 2018-01-05 15:48:59 +01:00
README README: add a new README file, pointing to the Documentation/ 2016-10-24 08:12:35 -02:00

README 

Linux kernel
============

This file was moved to Documentation/admin-guide/README.rst

Please notice that there are several guides for kernel developers and users.
These guides can be rendered in a number of formats, like HTML and PDF.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.