diff options
| author | Thomas Gleixner | 2017-11-23 16:29:05 +0100 |
|---|---|---|
| committer | Thomas Gleixner | 2017-11-23 16:29:05 +0100 |
| commit | 866c9b94ef968445c52214b3748ecc52a8491bca (patch) | |
| tree | 1fd073acb9be8e89e77b35c41e2964ac6feabee6 /crypto/dh_helper.c | |
| parent | timekeeping: Remove CONFIG_GENERIC_TIME_VSYSCALL_OLD (diff) | |
| parent | treewide: Remove TIMER_FUNC_TYPE and TIMER_DATA_TYPE casts (diff) | |
| download | kernel-qcow2-linux-866c9b94ef968445c52214b3748ecc52a8491bca.tar.gz kernel-qcow2-linux-866c9b94ef968445c52214b3748ecc52a8491bca.tar.xz kernel-qcow2-linux-866c9b94ef968445c52214b3748ecc52a8491bca.zip | |
Merge tag 'for-linus-timers-conversion-final-v4.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux into timers/urgent
Pull the last batch of manual timer conversions from Kees Cook:
- final batch of "non trivial" timer conversions (multi-tree dependencies,
things Coccinelle couldn't handle, etc).
- treewide conversions via Coccinelle, in 4 steps:
- DEFINE_TIMER() functions converted to struct timer_list * argument
- init_timer() -> setup_timer()
- setup_timer() -> timer_setup()
- setup_timer() -> timer_setup() (with a single embedded structure)
- deprecated timer API removals (init_timer(), setup_*timer())
- finalization of new API (remove global casts)
Diffstat (limited to 'crypto/dh_helper.c')
| -rw-r--r-- | crypto/dh_helper.c | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/crypto/dh_helper.c b/crypto/dh_helper.c index 8ba8a3f82620..24fdb2ecaa85 100644 --- a/crypto/dh_helper.c +++ b/crypto/dh_helper.c @@ -28,12 +28,12 @@ static inline const u8 *dh_unpack_data(void *dst, const void *src, size_t size) return src + size; } -static inline int dh_data_size(const struct dh *p) +static inline unsigned int dh_data_size(const struct dh *p) { return p->key_size + p->p_size + p->g_size; } -int crypto_dh_key_len(const struct dh *p) +unsigned int crypto_dh_key_len(const struct dh *p) { return DH_KPP_SECRET_MIN_SIZE + dh_data_size(p); } @@ -83,6 +83,14 @@ int crypto_dh_decode_key(const char *buf, unsigned int len, struct dh *params) if (secret.len != crypto_dh_key_len(params)) return -EINVAL; + /* + * Don't permit the buffer for 'key' or 'g' to be larger than 'p', since + * some drivers assume otherwise. + */ + if (params->key_size > params->p_size || + params->g_size > params->p_size) + return -EINVAL; + /* Don't allocate memory. Set pointers to data within * the given buffer */ @@ -90,6 +98,14 @@ int crypto_dh_decode_key(const char *buf, unsigned int len, struct dh *params) params->p = (void *)(ptr + params->key_size); params->g = (void *)(ptr + params->key_size + params->p_size); + /* + * Don't permit 'p' to be 0. It's not a prime number, and it's subject + * to corner cases such as 'mod 0' being undefined or + * crypto_kpp_maxsize() returning 0. + */ + if (memchr_inv(params->p, 0, params->p_size) == NULL) + return -EINVAL; + return 0; } EXPORT_SYMBOL_GPL(crypto_dh_decode_key); |