1. 26 May, 2010 1 commit
  2. 20 May, 2010 1 commit
  3. 26 Apr, 2010 1 commit
  4. 03 Mar, 2010 1 commit
  5. 02 Mar, 2010 1 commit
  6. 16 Feb, 2010 1 commit
  7. 05 Aug, 2009 1 commit
  8. 14 Jul, 2009 1 commit
  9. 15 Jan, 2009 1 commit
  10. 25 Dec, 2008 1 commit
  11. 22 Aug, 2008 1 commit
    • Herbert Xu's avatar
      crypto: authenc - Avoid using clobbered request pointer · a697690b
      Herbert Xu authored
      Authenc works in two stages for encryption, it first encrypts and
      then computes an ICV.  The context memory of the request is used
      by both operations.  The problem is that when an asynchronous
      encryption completes, we will compute the ICV and then reread the
      context memory of the encryption to get the original request.
      It just happens that we have a buffer of 16 bytes in front of the
      request pointer, so ICVs of 16 bytes (such as SHA1) do not trigger
      the bug.  However, any attempt to uses a larger ICV instantly kills
      the machine when the first asynchronous encryption is completed.
      This patch fixes this by saving the request pointer before we start
      the ICV computation.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
  12. 01 May, 2008 1 commit
    • Patrick McHardy's avatar
      [CRYPTO] authenc: Fix async crypto crash in crypto_authenc_genicv() · 16161329
      Patrick McHardy authored
      crypto_authenc_givencrypt_done uses req->data as struct aead_givcrypt_request,
      while it really points to a struct aead_request, causing this crash:
      BUG: unable to handle kernel paging request at 6b6b6b6b
      IP: [<dc87517b>] :authenc:crypto_authenc_genicv+0x23/0x109
      *pde = 00000000
      Oops: 0000 [#1] PREEMPT DEBUG_PAGEALLOC
      Modules linked in: hifn_795x authenc esp4 aead xfrm4_mode_tunnel sha1_generic hmac crypto_hash]
      Pid: 3074, comm: ping Not tainted (2.6.25 #4)
      EIP: 0060:[<dc87517b>] EFLAGS: 00010296 CPU: 0
      EIP is at crypto_authenc_genicv+0x23/0x109 [authenc]
      EAX: daa04690 EBX: daa046e0 ECX: dab0a100 EDX: daa046b0
      ESI: 6b6b6b6b EDI: dc872054 EBP: c033ff60 ESP: c033ff0c
       DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
      Process ping (pid: 3074, ti=c033f000 task=db883a80 task.ti=dab6c000)
      Stack: 00000000 daa046b0 c0215a3e daa04690 dab0a100 00000000 ffffffff db9fd7f0
             dba208c0 dbbb1720 00000001 daa04720 00000001 c033ff54 c0119ca9 dc852a75
             c033ff60 c033ff60 daa046e0 00000000 00000001 c033ff6c dc87527b 00000001
      Call Trace:
       [<c0215a3e>] ? dev_alloc_skb+0x14/0x29
       [<c0119ca9>] ? printk+0x15/0x17
       [<dc87527b>] ? crypto_authenc_givencrypt_done+0x1a/0x27 [authenc]
       [<dc850cca>] ? hifn_process_ready+0x34a/0x352 [hifn_795x]
       [<dc8353c7>] ? rhine_napipoll+0x3f2/0x3fd [via_rhine]
       [<dc851a56>] ? hifn_check_for_completion+0x4d/0xa6 [hifn_795x]
       [<dc851ab9>] ? hifn_tasklet_callback+0xa/0xc [hifn_795x]
       [<c011d046>] ? tasklet_action+0x3f/0x66
       [<c011d230>] ? __do_softirq+0x38/0x7a
       [<c0105a5f>] ? do_softirq+0x3e/0x71
       [<c011d17c>] ? irq_exit+0x2c/0x65
       [<c010e0c0>] ? smp_apic_timer_interrupt+0x5f/0x6a
       [<c01042e4>] ? apic_timer_interrupt+0x28/0x30
       [<dc851640>] ? hifn_handle_req+0x44a/0x50d [hifn_795x]
      Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
  13. 10 Jan, 2008 12 commits
  14. 23 Nov, 2007 1 commit
  15. 10 Oct, 2007 2 commits
    • Herbert Xu's avatar
      [CRYPTO] authenc: Kill spaces in algorithm names · e4c5c6c9
      Herbert Xu authored
      We do not allow spaces in algorithm names or parameters.  Thanks to Joy Latten
      for pointing this out.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    • Herbert Xu's avatar
      [CRYPTO] aead: Add authenc · 3c09f17c
      Herbert Xu authored
      This patch adds the authenc algorithm which constructs an AEAD algorithm
      from an asynchronous block cipher and a hash.  The construction is done
      by concatenating the encrypted result from the cipher with the output
      from the hash, as is used by the IPsec ESP protocol.
      The authenc algorithm exists as a template with four parameters:
      	authenc(auth, authsize, enc, enckeylen).
      The authentication algorithm, the authentication size (i.e., truncating
      the output of the authentication algorithm), the encryption algorithm,
      and the encryption key length.  Both the size field and the key length
      field are in bytes.  For example, AES-128 with SHA1-HMAC would be
      represented by
      	authenc(hmac(sha1), 12, cbc(aes), 16)
      The key for the authenc algorithm is the concatenation of the keys for
      the authentication algorithm with the encryption algorithm.  For the
      above example, if a key of length 36 bytes is given, then hmac(sha1)
      would receive the first 20 bytes while the last 16 would be given to
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>