redonkable
/
remarkable-linux
1
0
Fork 0
Code Releases Activity
remarkable-linux/arch
History
Eric Biggers e73828389b crypto: x86/sha256-mb - fix digest copy in sha256_mb_mgr_get_comp_job_avx2() 
commit af839b4e54 upstream.

There is a copy-paste error where sha256_mb_mgr_get_comp_job_avx2()
copies the SHA-256 digest state from sha256_mb_mgr::args::digest to
job_sha256::result_digest.  Consequently, the sha256_mb algorithm
sometimes calculates the wrong digest.  Fix it.

Reproducer using AF_ALG:

    #include <assert.h>
    #include <linux/if_alg.h>
    #include <stdio.h>
    #include <string.h>
    #include <sys/socket.h>
    #include <unistd.h>

    static const __u8 expected[32] =
        "\xad\x7f\xac\xb2\x58\x6f\xc6\xe9\x66\xc0\x04\xd7\xd1\xd1\x6b\x02"
        "\x4f\x58\x05\xff\x7c\xb4\x7c\x7a\x85\xda\xbd\x8b\x48\x89\x2c\xa7";

    int main()
    {
        int fd;
        struct sockaddr_alg addr = {
            .salg_type = "hash",
            .salg_name = "sha256_mb",
        };
        __u8 data[4096] = { 0 };
        __u8 digest[32];
        int ret;
        int i;

        fd = socket(AF_ALG, SOCK_SEQPACKET, 0);
        bind(fd, (void *)&addr, sizeof(addr));
        fork();
        fd = accept(fd, 0, 0);
        do {
            ret = write(fd, data, 4096);
            assert(ret == 4096);
            ret = read(fd, digest, 32);
            assert(ret == 32);
        } while (memcmp(digest, expected, 32) == 0);

        printf("wrong digest: ");
        for (i = 0; i < 32; i++)
            printf("%02x", digest[i]);
        printf("\n");
    }

Output was:

    wrong digest: ad7facb2000000000000000000000000ffffffef7cb47c7a85dabd8b48892ca7

Fixes: 172b1d6b5a ("crypto: sha256-mb - fix ctx pointer and digest copy")
Cc: <stable@vger.kernel.org> # v4.8+
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2018-08-17 21:01:10 +02:00
..
alpha alpha: fix osf_wait4() breakage 2018-07-25 11:25:11 +02:00
arc ARC: mm: allow mprotect to make stack mappings executable 2018-07-25 11:25:08 +02:00
arm ARM: dts: imx6sx: fix irq for pcie bridge 2018-08-15 18:12:49 +02:00
arm64 arm64: defconfig: Enable Rockchip io-domain driver 2018-08-03 07:50:38 +02:00
blackfin pinctrl: adi2: Fix Kconfig build problem 2017-12-20 10:10:34 +01:00
c6x License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
cris bug.h: work around GCC PR82365 in BUG() 2018-05-30 07:52:00 +02:00
frv License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
h8300 h8300: remove extraneous __BIG_ENDIAN definition 2018-03-28 18:24:38 +02:00
hexagon hexagon: export csum_partial_copy_nocheck 2018-06-21 04:02:52 +09:00
ia64 ia64/err-inject: Use get_user_pages_fast() 2018-05-30 07:52:11 +02:00
m32r m32r: fix endianness constraints 2018-02-28 10:19:44 +01:00
m68k m68k/mac: Fix SWIM memory resource end address 2018-07-03 11:24:46 +02:00
metag .gitignore: move *.dtb and *.dtb.S patterns to the top-level .gitignore 2018-02-13 10:19:46 +01:00
microblaze microblaze: Fix simpleImage format generation 2018-08-03 07:50:40 +02:00
mips MIPS: Fix off-by-one in pci_resource_to_user() 2018-07-28 07:55:41 +02:00
mn10300 mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy 2018-02-16 20:23:11 +01:00
nios2 .gitignore: move *.dtb and *.dtb.S patterns to the top-level .gitignore 2018-02-13 10:19:46 +01:00
openrisc kmemcheck: remove annotations 2018-02-22 15:42:23 +01:00
parisc parisc: Define mb() and add memory barriers to assembler unlock sequences 2018-08-15 18:12:46 +02:00
powerpc powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet 2018-08-03 07:50:34 +02:00
s390 perf: fix invalid bit in diagnostic entry 2018-08-03 07:50:36 +02:00
score License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
sh sh: fix build failure for J2 cpu with SMP disabled 2018-06-21 04:02:54 +09:00
sparc sparc64: Make atomic_xchg() an inline function rather than a macro. 2018-05-30 07:52:25 +02:00
tile fcntl: don't cap l_start and l_end values for F_GETLK64 in compat syscall 2017-12-17 15:07:59 +01:00
um um: Use POSIX ucontext_t instead of struct ucontext 2018-04-24 09:36:33 +02:00
unicore32 kmemcheck: stop using GFP_NOTRACK and SLAB_NOTRACK 2018-02-22 15:42:23 +01:00
x86 crypto: x86/sha256-mb - fix digest copy in sha256_mb_mgr_get_comp_job_avx2() 2018-08-17 21:01:10 +02:00
xtensa signal/xtensa: Consistenly use SIGBUS in do_unaligned_user 2018-07-03 11:24:47 +02:00
.gitignore
Kconfig cpu/hotplug: Provide knobs to control SMT 2018-08-15 18:12:52 +02:00