From: David Howells <dhowells@redhat.com>
To: jmorris@namei.org
Cc: Eric Biggers <ebiggers@google.com>,
Stephan Mueller <smueller@chronox.de>,
linux-kernel@vger.kernel.org, dhowells@redhat.com,
linux-security-module@vger.kernel.org, keyrings@vger.kernel.org
Subject: [PATCH 20/23] KEYS: DH: ensure the KDF counter is properly aligned
Date: Thu, 08 Jun 2017 14:49:49 +0100 [thread overview]
Message-ID: <149692978940.11452.2775787299367252465.stgit@warthog.procyon.org.uk> (raw)
In-Reply-To: <149692963884.11452.7673998701432248814.stgit@warthog.procyon.org.uk>
From: Eric Biggers <ebiggers@google.com>
Accessing a 'u8[4]' through a '__be32 *' violates alignment rules. Just
make the counter a __be32 instead.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Stephan Mueller <smueller@chronox.de>
---
security/keys/dh.c | 16 +++-------------
1 file changed, 3 insertions(+), 13 deletions(-)
diff --git a/security/keys/dh.c b/security/keys/dh.c
index 1c1cac677041..63ac87d430db 100644
--- a/security/keys/dh.c
+++ b/security/keys/dh.c
@@ -130,14 +130,6 @@ static void kdf_dealloc(struct kdf_sdesc *sdesc)
kzfree(sdesc);
}
-/* convert 32 bit integer into its string representation */
-static inline void crypto_kw_cpu_to_be32(u32 val, u8 *buf)
-{
- __be32 *a = (__be32 *)buf;
-
- *a = cpu_to_be32(val);
-}
-
/*
* Implementation of the KDF in counter mode according to SP800-108 section 5.1
* as well as SP800-56A section 5.8.1 (Single-step KDF).
@@ -154,16 +146,14 @@ static int kdf_ctr(struct kdf_sdesc *sdesc, const u8 *src, unsigned int slen,
unsigned int h = crypto_shash_digestsize(desc->tfm);
int err = 0;
u8 *dst_orig = dst;
- u32 i = 1;
- u8 iteration[sizeof(u32)];
+ __be32 counter = cpu_to_be32(1);
while (dlen) {
err = crypto_shash_init(desc);
if (err)
goto err;
- crypto_kw_cpu_to_be32(i, iteration);
- err = crypto_shash_update(desc, iteration, sizeof(u32));
+ err = crypto_shash_update(desc, (u8 *)&counter, sizeof(__be32));
if (err)
goto err;
@@ -189,7 +179,7 @@ static int kdf_ctr(struct kdf_sdesc *sdesc, const u8 *src, unsigned int slen,
dlen -= h;
dst += h;
- i++;
+ counter = cpu_to_be32(be32_to_cpu(counter) + 1);
}
}
next prev parent reply other threads:[~2017-06-08 13:49 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-08 13:47 [PATCH 00/23] KEYS: Fixes David Howells
2017-06-08 13:47 ` [PATCH 01/23] security/keys: add CONFIG_KEYS_COMPAT to Kconfig David Howells
2017-06-08 13:47 ` [PATCH 02/23] security: use READ_ONCE instead of deprecated ACCESS_ONCE David Howells
2017-06-08 13:47 ` [PATCH 03/23] KEYS: fix refcount_inc() on zero David Howells
2017-06-08 13:47 ` [PATCH 04/23] X.509: Fix error code in x509_cert_parse() David Howells
2017-06-08 13:47 ` [PATCH 05/23] KEYS: Delete an error message for a failed memory allocation in get_derived_key() David Howells
2017-06-08 13:48 ` [PATCH 06/23] KEYS: put keyring if install_session_keyring_to_cred() fails David Howells
2017-06-08 13:48 ` [PATCH 07/23] KEYS: encrypted: avoid encrypting/decrypting stack buffers David Howells
2017-06-08 13:48 ` [PATCH 08/23] KEYS: encrypted: fix buffer overread in valid_master_desc() David Howells
2017-06-08 13:48 ` [PATCH 09/23] KEYS: encrypted: fix race causing incorrect HMAC calculations David Howells
2017-06-08 13:48 ` [PATCH 10/23] KEYS: encrypted: use constant-time HMAC comparison David Howells
2017-06-08 13:48 ` [PATCH 11/23] KEYS: fix dereferencing NULL payload with nonzero length David Howells
2017-06-08 13:48 ` [PATCH 12/23] KEYS: fix freeing uninitialized memory in key_update() David Howells
2017-06-08 13:48 ` [PATCH 13/23] KEYS: sanitize add_key() and keyctl() key payloads David Howells
2017-06-08 13:49 ` [PATCH 14/23] KEYS: user_defined: sanitize " David Howells
2017-06-08 13:49 ` [PATCH 15/23] KEYS: encrypted: sanitize all key material David Howells
2017-06-08 13:49 ` [PATCH 16/23] KEYS: trusted: " David Howells
2017-06-08 13:49 ` [PATCH 17/23] KEYS: sanitize key structs before freeing David Howells
2017-06-08 13:49 ` [PATCH 18/23] KEYS: DH: forbid using digest_null as the KDF hash David Howells
2017-06-08 13:49 ` [PATCH 19/23] KEYS: DH: don't feed uninitialized "otherinfo" into KDF David Howells
2017-06-08 13:49 ` David Howells [this message]
2017-06-08 13:49 ` [PATCH 21/23] KEYS: DH: add __user annotations to keyctl_kdf_params David Howells
2017-06-08 13:50 ` [PATCH 22/23] crypto : asymmetric_keys : verify_pefile:zero memory content before freeing David Howells
2017-06-08 13:50 ` [PATCH 23/23] KEYS: Convert KEYCTL_DH_COMPUTE to use the crypto KPP API David Howells
2017-06-08 14:33 ` [PATCH 00/23] KEYS: Fixes James Morris
2017-06-08 14:49 ` David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=149692978940.11452.2775787299367252465.stgit@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=ebiggers@google.com \
--cc=jmorris@namei.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).