2007-12-11 03:50:32

by Herbert Xu

Subject: [PATCH 6/8] [CRYPTO] api: Sanitise mask when allocating ablkcipher/hash

[CRYPTO] api: Sanitise mask when allocating ablkcipher/hash

When allocating ablkcipher/hash objects, we use a mask that's wider than
the usual type mask. This patch sanitises the mask supplied by the user
so we don't end up using a narrower mask which may lead to unintended
results.

Signed-off-by: Herbert Xu <[email protected]>
---

include/linux/crypto.h | 4 ++++
1 files changed, 4 insertions(+)

diff --git a/include/linux/crypto.h b/include/linux/crypto.h
index 48aa595..ef7642e 100644
--- a/include/linux/crypto.h
+++ b/include/linux/crypto.h
@@ -532,6 +532,7 @@ static inline struct crypto_ablkcipher *crypto_alloc_ablkcipher(
const char *alg_name, u32 type, u32 mask)
{
type &= ~CRYPTO_ALG_TYPE_MASK;
+ mask &= ~CRYPTO_ALG_TYPE_MASK;
type |= CRYPTO_ALG_TYPE_BLKCIPHER;
mask |= CRYPTO_ALG_TYPE_BLKCIPHER_MASK;

@@ -554,6 +555,7 @@ static inline int crypto_has_ablkcipher(const char *alg_name, u32 type,
u32 mask)
{
type &= ~CRYPTO_ALG_TYPE_MASK;
+ mask &= ~CRYPTO_ALG_TYPE_MASK;
type |= CRYPTO_ALG_TYPE_BLKCIPHER;
mask |= CRYPTO_ALG_TYPE_BLKCIPHER_MASK;

@@ -1086,6 +1088,7 @@ static inline struct crypto_hash *crypto_alloc_hash(const char *alg_name,
u32 type, u32 mask)
{
type &= ~CRYPTO_ALG_TYPE_MASK;
+ mask &= ~CRYPTO_ALG_TYPE_MASK;
type |= CRYPTO_ALG_TYPE_HASH;
mask |= CRYPTO_ALG_TYPE_HASH_MASK;

@@ -1105,6 +1108,7 @@ static inline void crypto_free_hash(struct crypto_hash *tfm)
static inline int crypto_has_hash(const char *alg_name, u32 type, u32 mask)
{
type &= ~CRYPTO_ALG_TYPE_MASK;
+ mask &= ~CRYPTO_ALG_TYPE_MASK;
type |= CRYPTO_ALG_TYPE_HASH;
mask |= CRYPTO_ALG_TYPE_HASH_MASK;