2017-04-06 08:16:33

by Herbert Xu

[permalink] [raw]
Subject: [PATCH 2/4] crypto: af_alg - Allow arbitrarily long algorithm names

This patch removes the hard-coded 64-byte limit on the length
of the algorithm name through bind(2). The address length can
now exceed that. The user-space structure remains unchanged.
In order to use a longer name simply extend the salg_name array
beyond its defined 64 bytes length.

Signed-off-by: Herbert Xu <[email protected]>
---

crypto/af_alg.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/af_alg.c b/crypto/af_alg.c
index 690deca..3556d8e 100644
--- a/crypto/af_alg.c
+++ b/crypto/af_alg.c
@@ -160,11 +160,11 @@ static int alg_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
if (sock->state == SS_CONNECTED)
return -EINVAL;

- if (addr_len != sizeof(*sa))
+ if (addr_len < sizeof(*sa))
return -EINVAL;

sa->salg_type[sizeof(sa->salg_type) - 1] = 0;
- sa->salg_name[sizeof(sa->salg_name) - 1] = 0;
+ sa->salg_name[sizeof(sa->salg_name) + addr_len - sizeof(*sa) - 1] = 0;

type = alg_get_type(sa->salg_type);
if (IS_ERR(type) && PTR_ERR(type) == -ENOENT) {


2017-04-06 12:32:27

by Alexander Sverdlin

[permalink] [raw]
Subject: Re: [PATCH 2/4] crypto: af_alg - Allow arbitrarily long algorithm names

Hi!

On 06/04/17 10:16, Herbert Xu wrote:
> This patch removes the hard-coded 64-byte limit on the length
> of the algorithm name through bind(2). The address length can
> now exceed that. The user-space structure remains unchanged.
> In order to use a longer name simply extend the salg_name array
> beyond its defined 64 bytes length.
>
> Signed-off-by: Herbert Xu <[email protected]>
> ---
>
> crypto/af_alg.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/crypto/af_alg.c b/crypto/af_alg.c
> index 690deca..3556d8e 100644
> --- a/crypto/af_alg.c
> +++ b/crypto/af_alg.c
> @@ -160,11 +160,11 @@ static int alg_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
> if (sock->state == SS_CONNECTED)
> return -EINVAL;
>
> - if (addr_len != sizeof(*sa))
> + if (addr_len < sizeof(*sa))
> return -EINVAL;
>
> sa->salg_type[sizeof(sa->salg_type) - 1] = 0;
> - sa->salg_name[sizeof(sa->salg_name) - 1] = 0;
> + sa->salg_name[sizeof(sa->salg_name) + addr_len - sizeof(*sa) - 1] = 0;
>
> type = alg_get_type(sa->salg_type);
> if (IS_ERR(type) && PTR_ERR(type) == -ENOENT) {

Why should userspace ever extend the structure if salg_name is hardcoded to 64 in if_alg.h?
This patch doesn't change the behavior at all, or am I missing something?

--
Best regards,
Alexander Sverdlin.

2017-04-07 05:25:32

by Herbert Xu

[permalink] [raw]
Subject: Re: [PATCH 2/4] crypto: af_alg - Allow arbitrarily long algorithm names

On Thu, Apr 06, 2017 at 02:32:27PM +0200, Alexander Sverdlin wrote:
>
> > diff --git a/crypto/af_alg.c b/crypto/af_alg.c
> > index 690deca..3556d8e 100644
> > --- a/crypto/af_alg.c
> > +++ b/crypto/af_alg.c
> > @@ -160,11 +160,11 @@ static int alg_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
> > if (sock->state == SS_CONNECTED)
> > return -EINVAL;
> >
> > - if (addr_len != sizeof(*sa))
> > + if (addr_len < sizeof(*sa))
> > return -EINVAL;
> >
> > sa->salg_type[sizeof(sa->salg_type) - 1] = 0;
> > - sa->salg_name[sizeof(sa->salg_name) - 1] = 0;
> > + sa->salg_name[sizeof(sa->salg_name) + addr_len - sizeof(*sa) - 1] = 0;
> >
> > type = alg_get_type(sa->salg_type);
> > if (IS_ERR(type) && PTR_ERR(type) == -ENOENT) {
>
> Why should userspace ever extend the structure if salg_name is hardcoded to 64 in if_alg.h?
> This patch doesn't change the behavior at all, or am I missing something?

We cannot change the structure in the user-space API by increasing
its length because that would break backwards compatibility.

What this patch does is relax the size check so that user-space can
pass in a name that is longer than 64 bytes. This would fail on
older kernels with EINVAL. Of course, user-space must be modified
to allow for such longer names. That is beyond the scope of this
patch.

For names shorter than 64 bytes the existing API needs be respected
and user-space must pad it to exactly 64 bytes.

Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt