archives/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-03-08 03:44:45 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/crypto
History
David Howells eed848871c crypto/krb5: Fix change to use SG miter to use offset 
The recent patch to make the rfc3961 simplified code use sg_miter rather
than manually walking the scatterlist to hash the contents of a buffer
described by that scatterlist failed to take the starting offset into
account.

This is indicated by the selftests reporting:

    krb5: Running aes128-cts-hmac-sha256-128 mic
    krb5: !!! TESTFAIL crypto/krb5/selftest.c:446
    krb5: MIC mismatch

Fix this by calling sg_miter_skip() before doing the loop to advance
by the offset.

This only affects packet signing modes and not full encryption in RxGK
because, for full encryption, the message digest is handled inside the
authenc and krb5enc drivers.

Note: Nothing in linus/master uses the krb5lib, though the bug is there.
It is used by AF_RXRPC's RxGK implementation in -next, no need to backport.

Fixes: da6f9bf40a ("crypto: krb5 - Use SG miter instead of doing it by hand")
Reported-by: Marc Dionne <marc.dionne@auristor.com>
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Chuck Lever <chuck.lever@oracle.com>
cc: Simon Horman <horms@kernel.org>
cc: linux-afs@lists.infradead.org
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Link: https://patch.msgid.link/3824017.1745835726@warthog.procyon.org.uk
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2025-04-29 11:28:50 -07:00
..
asymmetric_keys crypto: sig - Prepare for algorithms with variable signature size 2025-02-09 18:08:12 +08:00
async_tx async_xor: Remove unused 'async_xor_val' 2025-03-15 15:08:53 +08:00
krb5 crypto/krb5: Fix change to use SG miter to use offset 2025-04-29 11:28:50 -07:00
842.c crypto: 842 - drop obsolete 'comp' implementation 2025-03-21 17:39:06 +08:00
acompress.c crypto: acomp - Fix synchronous acomp chaining fallback 2025-03-22 07:25:19 +08:00
adiantum.c module: Convert symbol namespace to string literal 2024-12-02 11:34:44 -08:00
aead.c crypto: aead - use str_yes_no() helper in crypto_aead_show() 2025-02-22 15:56:03 +08:00
aegis-neon.h crypto: aegis128-neon - add header for internal prototypes 2023-05-24 18:12:33 +08:00
aegis.h crypto: aegis128 - Move simd prototypes into aegis.h 2021-03-19 21:59:45 +11:00
aegis128-core.c crypto: scatterwalk - Change scatterwalk_next calling convention 2025-03-15 16:21:22 +08:00
aegis128-neon-inner.c crypto: aegis128-neon - add header for internal prototypes 2023-05-24 18:12:33 +08:00
aegis128-neon.c crypto: aegis128-neon - add header for internal prototypes 2023-05-24 18:12:33 +08:00
aes_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
aes_ti.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
af_alg.c crypto: Add missing MODULE_DESCRIPTION() macros 2024-05-31 17:34:56 +08:00
ahash.c crypto: ahash - Disable request chaining 2025-04-12 09:33:09 +08:00
akcipher.c crypto: akcipher - Drop sign/verify operations 2024-10-05 13:22:04 +08:00
algapi.c crypto: api - Call crypto_alg_put in crypto_unregister_alg 2025-03-21 17:39:06 +08:00
algboss.c crypto: algboss - Pass instance creation error up 2024-09-06 14:50:46 +08:00
algif_aead.c sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
algif_hash.c crypto: Add missing MODULE_DESCRIPTION() macros 2024-05-31 17:34:56 +08:00
algif_rng.c sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
algif_skcipher.c crypto: Add missing MODULE_DESCRIPTION() macros 2024-05-31 17:34:56 +08:00
ansi_cprng.c module: Convert symbol namespace to string literal 2024-12-02 11:34:44 -08:00
anubis.c crypto: anubis - stop using cra_alignmask 2024-12-14 17:21:43 +08:00
api.c crypto: remove obsolete 'comp' compression API 2025-03-21 17:39:06 +08:00
arc4.c crypto: arc4 - Add internal state 2023-12-08 11:59:46 +08:00
aria_generic.c crypto: aria - stop using cra_alignmask 2024-12-14 17:21:43 +08:00
authenc.c crypto: authenc - stop using alignmask of ahash 2023-10-27 18:04:29 +08:00
authencesn.c crypto: authencesn - stop using alignmask of ahash 2023-10-27 18:04:29 +08:00
blake2b_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
blowfish_common.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
blowfish_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
bpf_crypto_skcipher.c crypto: bpf - Add MODULE_DESCRIPTION for skcipher 2025-03-02 15:19:43 +08:00
camellia_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
cast5_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
cast6_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
cast_common.c crypto: Add missing MODULE_DESCRIPTION() macros 2024-05-31 17:34:56 +08:00
cbc.c crypto: cbc - Ensure statesize is zero 2024-02-02 18:08:12 +08:00
ccm.c module: Convert symbol namespace to string literal 2024-12-02 11:34:44 -08:00
chacha20poly1305.c crypto: chacha20poly1305 - Annotate struct chachapoly_ctx with __counted_by() 2024-08-17 13:55:49 +08:00
chacha_generic.c crypto: lib/chacha - remove unused arch-specific init support 2025-03-21 17:39:06 +08:00
cipher.c module: Convert symbol namespace to string literal 2024-12-02 11:34:44 -08:00
cmac.c module: Convert symbol namespace to string literal 2024-12-02 11:34:44 -08:00
compress.h crypto: acomp - Move stream management into scomp layer 2025-03-15 16:21:22 +08:00
crc32_generic.c crypto: crc32 - don't unnecessarily register arch algorithms 2024-12-01 17:23:01 -08:00
crc32c_generic.c lib/crc32: remove "_le" from crc32c base and arch functions 2025-02-08 20:06:30 -08:00
cryptd.c crypto: cryptd - Only access common skcipher fields on spawn 2023-10-13 18:27:26 +08:00
crypto_engine.c treewide: Introduce kthread_run_worker[_on_cpu]() 2025-01-08 18:15:03 +01:00
crypto_null.c crypto: compress_null - drop obsolete 'comp' implementation 2025-03-21 17:39:06 +08:00
crypto_user.c crypto: remove obsolete 'comp' compression API 2025-03-21 17:39:06 +08:00
ctr.c crypto: skcipher - Make skcipher_walk src.virt.addr const 2025-03-15 16:21:22 +08:00
cts.c crypto: cts - Only access common skcipher fields on spawn 2023-10-13 18:27:27 +08:00
curve25519-generic.c crypto: Add missing MODULE_DESCRIPTION() macros 2024-05-31 17:34:56 +08:00
deflate.c crypto: deflate - drop obsolete 'comp' implementation 2025-03-21 17:39:06 +08:00
des_generic.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
dh.c crypto: dh - Check mpi_rshift errors 2024-08-17 13:55:50 +08:00
dh_helper.c crypto: dh - split out deserialization code from crypto_dh_decode() 2022-03-03 10:47:50 +12:00
drbg.c module: Convert symbol namespace to string literal 2024-12-02 11:34:44 -08:00
ecb.c module: Convert symbol namespace to string literal 2024-12-02 11:34:44 -08:00
ecc.c crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() 2025-02-09 18:08:12 +08:00
ecc_curve_defs.h crypto: ecc - Add NIST P521 curve parameters 2024-04-12 15:07:52 +08:00
ecdh.c crypto: ecdh - Initialize ctx->private_key in proper byte order 2024-04-26 17:26:09 +08:00
ecdh_helper.c crypto: ecdh - move curve_id of ECDH from the key to algorithm name 2021-03-13 00:04:03 +11:00
ecdsa-p1363.c crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() 2025-02-09 18:08:12 +08:00
ecdsa-x962.c crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() 2025-02-09 18:08:12 +08:00
ecdsa.c crypto: ecdsa - Support P1363 signature decoding 2024-10-05 13:22:05 +08:00
ecdsasignature.asn1 crypto: ecdsa - Add support for ECDSA signature verification 2021-03-26 19:41:58 +11:00
echainiv.c crypto: geniv - remove unneeded arguments from aead_geniv_alloc() 2020-07-16 21:49:07 +10:00
ecrdsa.c crypto: ecrdsa - Fix signature size calculation 2024-10-05 13:22:05 +08:00
ecrdsa_defs.h crypto: ecc - Add nbits field to ecc_curve structure 2024-04-12 15:07:52 +08:00
ecrdsa_params.asn1 crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm 2019-04-18 22:15:02 +08:00
ecrdsa_pub_key.asn1 crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm 2019-04-18 22:15:02 +08:00
essiv.c crypto: essiv - Replace memcpy() + NUL-termination with strscpy() 2025-03-21 17:39:06 +08:00
fcrypt.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
fips.c treewide: const qualify ctl_tables where applicable 2025-01-28 13:48:37 +01:00
gcm.c crypto: gcm - stop using alignmask of ahash 2023-10-27 18:04:29 +08:00
geniv.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
ghash-generic.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
hash.h crypto: remove CONFIG_CRYPTO_STATS 2024-04-02 10:49:38 +08:00
hash_info.c crypto: FIPS 202 SHA-3 register in hash info for IMA 2023-10-27 18:04:30 +08:00
hctr2.c module: Convert symbol namespace to string literal 2024-12-02 11:34:44 -08:00
hkdf.c crypto,fs: Separate out hkdf_extract() and hkdf_expand() 2025-03-20 16:53:53 -07:00
hmac.c crypto: hmac - remove unnecessary alignment logic 2023-10-27 18:04:24 +08:00
internal.h crypto: api - Add cra_type->destroy hook 2025-03-15 16:21:22 +08:00
jitterentropy-kcapi.c crypto: jitter - Use kvfree_sensitive() to fix Coccinelle warning 2024-04-05 15:46:33 +08:00
jitterentropy-testing.c crypto: jitter - output full sample from test interface 2024-10-19 08:44:30 +08:00
jitterentropy.c crypto: jitter - Use min() to simplify jent_read_entropy() 2024-08-30 18:22:30 +08:00
jitterentropy.h crypto: jitter - output full sample from test interface 2024-10-19 08:44:30 +08:00
Kconfig This update includes the following changes: 2025-03-29 10:01:55 -07:00
kdf_sp800108.c crypto: kdf - silence noisy self-test 2022-11-25 17:39:18 +08:00
khazad.c crypto: khazad - stop using cra_alignmask 2024-12-14 17:21:44 +08:00
kpp.c crypto: remove CONFIG_CRYPTO_STATS 2024-04-02 10:49:38 +08:00
krb5enc.c crypto: Add 'krb5enc' hash and cipher AEAD algorithm 2025-03-02 21:39:34 +00:00
lrw.c crypto: skcipher - Make skcipher_walk src.virt.addr const 2025-03-15 16:21:22 +08:00
lskcipher.c crypto: remove CONFIG_CRYPTO_STATS 2024-04-02 10:49:38 +08:00
lz4.c crypto: lz4 - drop obsolete 'comp' implementation 2025-03-21 17:39:06 +08:00
lz4hc.c crypto: lz4hc - drop obsolete 'comp' implementation 2025-03-21 17:39:06 +08:00
lzo-rle.c crypto: lzo-rle - drop obsolete 'comp' implementation 2025-03-21 17:39:06 +08:00
lzo.c crypto: lzo - drop obsolete 'comp' implementation 2025-03-21 17:39:06 +08:00
Makefile This update includes the following changes: 2025-03-29 10:01:55 -07:00
md4.c crypto: make all generic algorithms set cra_driver_name 2019-06-13 14:31:39 +08:00
md5.c crypto: md5 - remove unused macros 2020-02-28 08:43:21 +08:00
michael_mic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
nhpoly1305.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
pcbc.c crypto: skcipher - Make skcipher_walk src.virt.addr const 2025-03-15 16:21:22 +08:00
pcrypt.c crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY 2024-10-28 18:32:36 +08:00
poly1305_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
polyval-generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
proc.c crypto: remove obsolete 'comp' compression API 2025-03-21 17:39:06 +08:00
ripemd.h crypto: rmd320 - remove RIPE-MD 320 hash algorithm 2021-01-29 16:07:04 +11:00
rmd160.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
rng.c crypto: remove CONFIG_CRYPTO_STATS 2024-04-02 10:49:38 +08:00
rsa-pkcs1pad.c crypto: rsassa-pkcs1 - Migrate to sig_alg backend 2024-10-05 13:22:04 +08:00
rsa.c crypto: rsassa-pkcs1 - Migrate to sig_alg backend 2024-10-05 13:22:04 +08:00
rsa_helper.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
rsaprivkey.asn1 treewide: Add SPDX identifier to IETF ASN.1 modules 2023-10-27 18:04:28 +08:00
rsapubkey.asn1 treewide: Add SPDX identifier to IETF ASN.1 modules 2023-10-27 18:04:28 +08:00
rsassa-pkcs1.c crypto: sig - Prepare for algorithms with variable signature size 2025-02-09 18:08:12 +08:00
scatterwalk.c crypto: scatterwalk - Add memcpy_sglist 2025-03-15 16:21:22 +08:00
scompress.c crypto: scomp - Fix off-by-one bug when calculating last page 2025-04-23 09:32:57 +08:00
seed.c crypto: seed - stop using cra_alignmask 2024-12-14 17:21:44 +08:00
seqiv.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
serpent_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
sha1_generic.c crypto: sha - split sha.h into sha1.h and sha2.h 2020-11-20 14:45:33 +11:00
sha3_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
sha256_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
sha512_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
shash.c crypto: remove CONFIG_CRYPTO_STATS 2024-04-02 10:49:38 +08:00
sig.c crypto: sig - Set maskset to CRYPTO_ALG_TYPE_MASK 2024-12-10 13:44:21 +08:00
simd.c crypto: simd - Do not call crypto_alloc_tfm during registration 2024-08-24 21:39:15 +08:00
skcipher.c crypto: scatterwalk - simplify map and unmap calling convention 2025-03-21 17:33:38 +08:00
skcipher.h crypto: remove CONFIG_CRYPTO_STATS 2024-04-02 10:49:38 +08:00
sm3.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
sm3_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
sm4.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
sm4_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
streebog_generic.c crypto: streebog - remove two unused variables 2019-08-15 21:52:14 +10:00
tcrypt.c This update includes the following changes: 2025-03-29 10:01:55 -07:00
tcrypt.h crypto: tcrypt - include larger key sizes in RFC4106 benchmark 2023-01-20 18:29:31 +08:00
tea.c crypto: tea - stop using cra_alignmask 2024-12-14 17:21:43 +08:00
testmgr.c Revert "crypto: testmgr - Add multibuffer acomp testing" 2025-04-19 11:07:58 +08:00
testmgr.h This update includes the following changes: 2025-03-29 10:01:55 -07:00
twofish_common.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
twofish_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
wp512.c crypto: wp512 - disable kmsan checks in wp512_process_buffer() 2022-12-30 22:56:27 +08:00
xcbc.c module: Convert symbol namespace to string literal 2024-12-02 11:34:44 -08:00
xctr.c crypto: skcipher - Make skcipher_walk src.virt.addr const 2025-03-15 16:21:22 +08:00
xor.c crypto: xor - fix template benchmarking 2024-08-02 20:53:25 +08:00
xts.c crypto: skcipher - Make skcipher_walk src.virt.addr const 2025-03-15 16:21:22 +08:00
xxhash_generic.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
zstd.c crypto: zstd - drop obsolete 'comp' implementation 2025-03-21 17:39:06 +08:00