All of lore.kernel.org
 help / color / mirror / Atom feed
* crypto: prefix additional module autoloading with "crypto-"
@ 2021-07-08  4:33 iLifetruth
  2021-07-16  7:38 ` Herbert Xu
  0 siblings, 1 reply; 2+ messages in thread
From: iLifetruth @ 2021-07-08  4:33 UTC (permalink / raw)
  To: Herbert Xu, David S. Miller, linux-crypto, linux-kernel; +Cc: Qiang Liu, yajin

Hi, in the latest version of linux kernel, we may have found some
additional incomplete fixed crypto-related modules related to
CVE-2013-7421.

==========
The upstream commit 5d26a105b5a7 ("crypto: prefix module autoloading
with "crypto-"")  provided the fixing patch for CVE-2013-7421 about 7
years ago on 2014-11-24.

This patch changed the automatic module loading when requesting crypto
algorithms to prefix all module requests with "crypto-", so we can
never run the risk of exposing module auto-loading to userspace via a
crypto API, as demonstrated by Mathias Krause:
        https://lkml.org/lkml/2013/3/4/70

=========
And the common fix pattern we found in each crypto-related module is as follows:
1. linux/drivers/crypto/padlock-aes.c
       -MODULE_ALIAS("aes");
       +MODULE_ALIAS_CRYPTO("aes");

or in another module:

2. linux/drivers/crypto/qat/qat_common/adf_ctl_drv.c
      -MODULE_ALIAS("intel_qat");
      +MODULE_ALIAS_CRYPTO("intel_qat");
...

==========
Even though commit 5d26a105b5a7 added those aliases for a large number
of modules,  it is still missing some newly added crypto-related
modules.
For example:
1. for file linux/drivers/crypto/amcc/crypto4xx_trng.c in line 129,
Module_ALIAS is used instead of MODULE_ALIAS_CRYPTO
           MODULE_ALIAS("ppc4xx_rng");
     In fact, ppc4xx-rng was integrated into crypto4xx on 2016-04-18
by commit 5343e674f32fb8, which was committed about 2 years later than
the security bug fixing patch(5d26a105b5a7) committed on 2014-11-24

More modules that may not have been fixed are as follows:
2. linux/crypto/crypto_user_base.c
        MODULE_ALIAS("net-pf-16-proto-21");
3. linux/drivers/crypto/mxs-dcp.c
        MODULE_ALIAS("platform:mxs-dcp");
4. linux/drivers/crypto/omap-sham.c
        MODULE_ALIAS("platform:omap-sham");
5. linux/drivers/crypto/qcom-rng.c
        MODULE_ALIAS("platform:" KBUILD_MODNAME);
6. linux/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-core.c
        MODULE_ALIAS("platform:sun4i-ss");
7. linux/drivers/crypto/marvell/cesa/cesa.c
        MODULE_ALIAS("platform:mv_crypto");
8. linux/drivers/crypto/qce/core.c
        MODULE_ALIAS("platform:" KBUILD_MODNAME);

==========
Now, shall we port the fix pattern to these modules from the patch of
CVE-2013-7421?
We would like to contact you to confirm this problem.

Thank you!

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: crypto: prefix additional module autoloading with "crypto-"
  2021-07-08  4:33 crypto: prefix additional module autoloading with "crypto-" iLifetruth
@ 2021-07-16  7:38 ` Herbert Xu
  0 siblings, 0 replies; 2+ messages in thread
From: Herbert Xu @ 2021-07-16  7:38 UTC (permalink / raw)
  To: iLifetruth; +Cc: David S. Miller, linux-crypto, linux-kernel, Qiang Liu, yajin

On Thu, Jul 08, 2021 at 12:33:47PM +0800, iLifetruth wrote:
>
> =========
> And the common fix pattern we found in each crypto-related module is as follows:
> 1. linux/drivers/crypto/padlock-aes.c
>        -MODULE_ALIAS("aes");
>        +MODULE_ALIAS_CRYPTO("aes");

This is already fixed in the current kernel.

> or in another module:
> 
> 2. linux/drivers/crypto/qat/qat_common/adf_ctl_drv.c
>       -MODULE_ALIAS("intel_qat");
>       +MODULE_ALIAS_CRYPTO("intel_qat");

This is not a bug.  The _CRYPTO suffix only applies to the ones
that are algorithm names.  intel_qat is not the name of an algorithm.

> ==========
> Even though commit 5d26a105b5a7 added those aliases for a large number
> of modules,  it is still missing some newly added crypto-related
> modules.
> For example:
> 1. for file linux/drivers/crypto/amcc/crypto4xx_trng.c in line 129,
> Module_ALIAS is used instead of MODULE_ALIAS_CRYPTO
>            MODULE_ALIAS("ppc4xx_rng");
>      In fact, ppc4xx-rng was integrated into crypto4xx on 2016-04-18
> by commit 5343e674f32fb8, which was committed about 2 years later than
> the security bug fixing patch(5d26a105b5a7) committed on 2014-11-24
> 
> More modules that may not have been fixed are as follows:
> 2. linux/crypto/crypto_user_base.c
>         MODULE_ALIAS("net-pf-16-proto-21");
> 3. linux/drivers/crypto/mxs-dcp.c
>         MODULE_ALIAS("platform:mxs-dcp");
> 4. linux/drivers/crypto/omap-sham.c
>         MODULE_ALIAS("platform:omap-sham");
> 5. linux/drivers/crypto/qcom-rng.c
>         MODULE_ALIAS("platform:" KBUILD_MODNAME);
> 6. linux/drivers/crypto/allwinner/sun4i-ss/sun4i-ss-core.c
>         MODULE_ALIAS("platform:sun4i-ss");
> 7. linux/drivers/crypto/marvell/cesa/cesa.c
>         MODULE_ALIAS("platform:mv_crypto");
> 8. linux/drivers/crypto/qce/core.c
>         MODULE_ALIAS("platform:" KBUILD_MODNAME);

Nor are any of these algorithm names.

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-07-16  7:38 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-08  4:33 crypto: prefix additional module autoloading with "crypto-" iLifetruth
2021-07-16  7:38 ` Herbert Xu

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.