aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2015-06-21 22:14:19 -0400
committerHerbert Xu <herbert@gondor.apana.org.au>2015-06-22 03:49:30 -0400
commit15539de5c958d4943cc2f2f35f7e313bff5922b6 (patch)
treeb1534509e5e6f08737bc23da9eb690a34e75141f
parent9fcc704dfd7967ebfbdd1031603e4332a905994b (diff)
crypto: af_alg - Forbid the use internal algorithms
The bit CRYPTO_ALG_INTERNAL was added to stop af_alg from accessing internal algorithms. However, af_alg itself was never modified to actually stop that bit from being used by the user. Therefore the user could always override it by specifying the relevant bit in the type and/or mask. This patch silently discards the bit in both type and mask. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r--crypto/af_alg.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/crypto/af_alg.c b/crypto/af_alg.c
index f22cc56fd1b3..2bc180e02115 100644
--- a/crypto/af_alg.c
+++ b/crypto/af_alg.c
@@ -127,6 +127,7 @@ EXPORT_SYMBOL_GPL(af_alg_release);
127 127
128static int alg_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) 128static int alg_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
129{ 129{
130 const u32 forbidden = CRYPTO_ALG_INTERNAL;
130 struct sock *sk = sock->sk; 131 struct sock *sk = sock->sk;
131 struct alg_sock *ask = alg_sk(sk); 132 struct alg_sock *ask = alg_sk(sk);
132 struct sockaddr_alg *sa = (void *)uaddr; 133 struct sockaddr_alg *sa = (void *)uaddr;
@@ -151,7 +152,9 @@ static int alg_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
151 if (IS_ERR(type)) 152 if (IS_ERR(type))
152 return PTR_ERR(type); 153 return PTR_ERR(type);
153 154
154 private = type->bind(sa->salg_name, sa->salg_feat, sa->salg_mask); 155 private = type->bind(sa->salg_name,
156 sa->salg_feat & ~forbidden,
157 sa->salg_mask & ~forbidden);
155 if (IS_ERR(private)) { 158 if (IS_ERR(private)) {
156 module_put(type->owner); 159 module_put(type->owner);
157 return PTR_ERR(private); 160 return PTR_ERR(private);