diff options
author | Srinivasarao P <spathi@codeaurora.org> | 2019-01-29 15:49:08 +0530 |
---|---|---|
committer | Srinivasarao P <spathi@codeaurora.org> | 2019-01-29 16:37:33 +0530 |
commit | dd21e159de67974e3de0791a7175edb4fb2ce7a1 (patch) | |
tree | 92bfc66c2fe47144ecae85e8425ab25d7728a3df /crypto | |
parent | cf61d4f2ea8417b5686926524842159e9f24ebd0 (diff) | |
parent | b3e9e81ee06831ae8c3e7ccfd27b2337ae2ff114 (diff) |
Merge android-4.4.172 (b3e9e81) into msm-4.4
* refs/heads/tmp-b3e9e81
Linux 4.4.172
ipmi:ssif: Fix handling of multi-part return messages
net: speed up skb_rbtree_purge()
mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps
mm/page-writeback.c: don't break integrity writeback on ->writepage() error
ocfs2: fix panic due to unrecovered local alloc
scsi: megaraid: fix out-of-bound array accesses
sysfs: Disable lockdep for driver bind/unbind files
ALSA: bebob: fix model-id of unit for Apogee Ensemble
dm snapshot: Fix excessive memory usage and workqueue stalls
dm kcopyd: Fix bug causing workqueue stalls
perf parse-events: Fix unchecked usage of strncpy()
perf svghelper: Fix unchecked usage of strncpy()
perf intel-pt: Fix error with config term "pt=0"
mmc: atmel-mci: do not assume idle after atmci_request_end
kconfig: fix memory leak when EOF is encountered in quotation
kconfig: fix file name and line number of warn_ignored_character()
clk: imx6q: reset exclusive gates on init
scsi: target: use consistent left-aligned ASCII INQUIRY data
net: call sk_dst_reset when set SO_DONTROUTE
media: firewire: Fix app_info parameter type in avc_ca{,_app}_info
powerpc/pseries/cpuidle: Fix preempt warning
pstore/ram: Do not treat empty buffers as valid
jffs2: Fix use of uninitialized delayed_work, lockdep breakage
arm64: perf: set suppress_bind_attrs flag to true
MIPS: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur
writeback: don't decrement wb->refcnt if !wb->bdi
e1000e: allow non-monotonic SYSTIM readings
platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey
xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE
ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses
ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address
r8169: Add support for new Realtek Ethernet
media: vb2: be sure to unlock mutex on errors
drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock
loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl()
loop: Get rid of loop_index_mutex
loop: Fold __loop_release into loop_release
block/loop: Use global lock for ioctl() operation.
tipc: fix uninit-value in tipc_nl_compat_doit
tipc: fix uninit-value in tipc_nl_compat_name_table_dump
tipc: fix uninit-value in tipc_nl_compat_link_set
tipc: fix uninit-value in tipc_nl_compat_bearer_enable
tipc: fix uninit-value in tipc_nl_compat_link_reset_stats
sctp: allocate sctp_sockaddr_entry with kzalloc
selinux: fix GPF on invalid policy
sunrpc: handle ENOMEM in rpcb_getport_async
media: vb2: vb2_mmap: move lock up
LSM: Check for NULL cred-security on free
media: vivid: set min width/height to a value > 0
media: vivid: fix error handling of kthread_run
omap2fb: Fix stack memory disclosure
Disable MSI also when pcie-octeon.pcie_disable on
mfd: tps6586x: Handle interrupts on suspend
mips: fix n32 compat_ipc_parse_version
scsi: sd: Fix cache_type_store()
Yama: Check for pid death before checking ancestry
btrfs: wait on ordered extents on abort cleanup
crypto: authenc - fix parsing key with misaligned rta_len
crypto: authencesn - Avoid twice completion call in decrypt path
ip: on queued skb use skb_header_pointer instead of pskb_may_pull
packet: Do not leak dev refcounts on error exit
net: bridge: fix a bug on using a neighbour cache entry without checking its state
ipv6: fix kernel-infoleak in ipv6_local_error()
arm64: Don't trap host pointer auth use to EL2
arm64/kvm: consistently handle host HCR_EL2 flags
proc: Remove empty line in /proc/self/status
media: em28xx: Fix misplaced reset of dev->v4l::field_count
f2fs: fix validation of the block count in sanity_check_raw_super
f2fs: fix missing up_read
f2fs: fix invalid memory access
f2fs: fix to do sanity check with cp_pack_start_sum
f2fs: fix to do sanity check with block address in main area v2
f2fs: fix to do sanity check with block address in main area
f2fs: fix to do sanity check with reserved blkaddr of inline inode
f2fs: fix to do sanity check with node footer and iblocks
f2fs: Add sanity_check_inode() function
f2fs: fix to do sanity check with user_block_count
f2fs: fix to do sanity check with secs_per_zone
f2fs: introduce and spread verify_blkaddr
f2fs: clean up with is_valid_blkaddr()
f2fs: enhance sanity_check_raw_super() to avoid potential overflow
f2fs: sanity check on sit entry
f2fs: check blkaddr more accuratly before issue a bio
f2fs: return error during fill_super
f2fs: fix race condition in between free nid allocator/initializer
f2fs: free meta pages if sanity check for ckpt is failed
f2fs: detect wrong layout
f2fs: fix to determine start_cp_addr by sbi->cur_cp_pack
f2fs: put directory inodes before checkpoint in roll-forward recovery
f2fs: introduce get_checkpoint_version for cleanup
f2fs: use crc and cp version to determine roll-forward recovery
f2fs: avoid unneeded loop in build_sit_entries
f2fs: not allow to write illegal blkaddr
f2fs: fix to avoid reading out encrypted data in page cache
f2fs: fix inode cache leak
f2fs: factor out fsync inode entry operations
f2fs: remove an obsolete variable
f2fs: give -EINVAL for norecovery and rw mount
f2fs: fix to convert inline directory correctly
f2fs: move sanity checking of cp into get_valid_checkpoint
f2fs: cover more area with nat_tree_lock
f2fs: clean up argument of recover_data
can: gw: ensure DLC boundaries after CAN frame modification
tty/ldsem: Wake up readers after timed out down_write()
UPSTREAM: dm: do not allow readahead to limit IO size
UPSTREAM: readahead: stricter check for bdi io_pages
UPSTREAM: mm: don't cap request size based on read-ahead setting
ANDROID: Fix cuttlefish redundant vsock connection.
UPSTREAM: loop: drop caches if offset or block_size are changed
Conflicts:
arch/arm64/kvm/hyp.S
Fixed compilation issue due to variable 'backing_dev_info',
which got changed to pointer in downstream.
Change-Id: I8baa569fe9fc13ed5a7e863e5ad1fb8cf1cd469e
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/authenc.c | 14 | ||||
-rw-r--r-- | crypto/authencesn.c | 2 |
2 files changed, 12 insertions, 4 deletions
diff --git a/crypto/authenc.c b/crypto/authenc.c index b7290c5b1eaa..5c25005ff398 100644 --- a/crypto/authenc.c +++ b/crypto/authenc.c @@ -58,14 +58,22 @@ int crypto_authenc_extractkeys(struct crypto_authenc_keys *keys, const u8 *key, return -EINVAL; if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM) return -EINVAL; - if (RTA_PAYLOAD(rta) < sizeof(*param)) + + /* + * RTA_OK() didn't align the rtattr's payload when validating that it + * fits in the buffer. Yet, the keys should start on the next 4-byte + * aligned boundary. To avoid confusion, require that the rtattr + * payload be exactly the param struct, which has a 4-byte aligned size. + */ + if (RTA_PAYLOAD(rta) != sizeof(*param)) return -EINVAL; + BUILD_BUG_ON(sizeof(*param) % RTA_ALIGNTO); param = RTA_DATA(rta); keys->enckeylen = be32_to_cpu(param->enckeylen); - key += RTA_ALIGN(rta->rta_len); - keylen -= RTA_ALIGN(rta->rta_len); + key += rta->rta_len; + keylen -= rta->rta_len; if (keylen < keys->enckeylen) return -EINVAL; diff --git a/crypto/authencesn.c b/crypto/authencesn.c index fa0c4567f697..5fdf3e532310 100644 --- a/crypto/authencesn.c +++ b/crypto/authencesn.c @@ -276,7 +276,7 @@ static void authenc_esn_verify_ahash_done(struct crypto_async_request *areq, struct aead_request *req = areq->data; err = err ?: crypto_authenc_esn_decrypt_tail(req, 0); - aead_request_complete(req, err); + authenc_esn_request_complete(req, err); } static int crypto_authenc_esn_decrypt(struct aead_request *req) |