5 files changed, 64 insertions, 23 deletions
diff --git a/security/keys/big_key.c b/security/keys/big_key.c
index 933623784ccd..2806e70d7f8f 100644
--- a/security/keys/big_key.c
+++ b/security/keys/big_key.c
@@ -22,6 +22,7 @@
 #include <keys/user-type.h>
 #include <keys/big_key-type.h>
 #include <crypto/aead.h>
+#include <crypto/gcm.h>
 struct big_key_buf {
        unsigned int            nr_pages;
@@ -85,6 +86,7 @@ struct key_type key_type_big_key = {
 * Crypto names for big_key data authenticated encryption
 */
 static const char big_key_alg_name[] = "gcm(aes)";
+#define BIG_KEY_IV_SIZE         GCM_AES_IV_SIZE
 /*
 * Crypto algorithms for big_key data authenticated encryption
@@ -109,7 +111,7 @@ static int big_key_crypt(enum big_key_op op, struct big_key_buf *buf, size_t dat
         * an .update function, so there's no chance we'll wind up reusing the
         * key to encrypt updated data. Simply put: one key, one encryption.
         */
-        u8 zero_nonce[crypto_aead_ivsize(big_key_aead)];
+        u8 zero_nonce[BIG_KEY_IV_SIZE];
        aead_req = aead_request_alloc(big_key_aead, GFP_KERNEL);
        if (!aead_req)
@@ -425,6 +427,13 @@ static int __init big_key_init(void)
                pr_err("Can't alloc crypto: %d\n", ret);
                return ret;
        }
+        if (unlikely(crypto_aead_ivsize(big_key_aead) != BIG_KEY_IV_SIZE)) {
+                WARN(1, "big key algorithm changed?");
+                ret = -EINVAL;
+                goto free_aead;
+        }
        ret = crypto_aead_setauthsize(big_key_aead, ENC_AUTHTAG_SIZE);
        if (ret < 0) {
                pr_err("Can't set crypto auth tag len: %d\n", ret);
diff --git a/security/keys/dh.c b/security/keys/dh.c
index d1ea9f325f94..f7403821db7f 100644
--- a/security/keys/dh.c
+++ b/security/keys/dh.c
@@ -162,8 +162,8 @@ static int kdf_ctr(struct kdf_sdesc *sdesc, const u8 *src, unsigned int slen,
                        goto err;
                if (zlen && h) {
-                        u8 tmpbuffer[h];
+                        u8 tmpbuffer[32];
-                        size_t chunk = min_t(size_t, zlen, h);
+                        size_t chunk = min_t(size_t, zlen, sizeof(tmpbuffer));
                        memset(tmpbuffer, 0, chunk);
                        do {
@@ -173,7 +173,7 @@ static int kdf_ctr(struct kdf_sdesc *sdesc, const u8 *src, unsigned int slen,
                                        goto err;
                                zlen -= chunk;
-                                chunk = min_t(size_t, zlen, h);
+                                chunk = min_t(size_t, zlen, sizeof(tmpbuffer));
                        } while (zlen);
                }
@@ -183,24 +183,13 @@ static int kdf_ctr(struct kdf_sdesc *sdesc, const u8 *src, unsigned int slen,
                                goto err;
                }
-                if (dlen < h) {
+                err = crypto_shash_final(desc, dst);
-                        u8 tmpbuffer[h];
+                if (err)
+                        goto err;
-                        err = crypto_shash_final(desc, tmpbuffer);
-                        if (err)
-                                goto err;
-                        memcpy(dst, tmpbuffer, dlen);
-                        memzero_explicit(tmpbuffer, h);
-                        return 0;
-                } else {
-                        err = crypto_shash_final(desc, dst);
-                        if (err)
-                                goto err;
-                        dlen -= h;
+                dlen -= h;
-                        dst += h;
+                dst += h;
-                        counter = cpu_to_be32(be32_to_cpu(counter) + 1);
+                counter = cpu_to_be32(be32_to_cpu(counter) + 1);
-                }
        }
        return 0;
@@ -216,14 +205,16 @@ static int keyctl_dh_compute_kdf(struct kdf_sdesc *sdesc,
 {
        uint8_t *outbuf = NULL;
        int ret;
+        size_t outbuf_len = round_up(buflen,
+                                     crypto_shash_digestsize(sdesc->shash.tfm));
-        outbuf = kmalloc(buflen, GFP_KERNEL);
+        outbuf = kmalloc(outbuf_len, GFP_KERNEL);
        if (!outbuf) {
                ret = -ENOMEM;
                goto err;
        }
-        ret = kdf_ctr(sdesc, kbuf, kbuflen, outbuf, buflen, lzero);
+        ret = kdf_ctr(sdesc, kbuf, kbuflen, outbuf, outbuf_len, lzero);
        if (ret)
                goto err;
diff --git a/security/security.c b/security/security.c
index 7bc2fde023a7..68f46d849abe 100644
--- a/security/security.c
+++ b/security/security.c
@@ -1358,6 +1358,12 @@ int security_socket_post_create(struct socket *sock, int family,
                                                protocol, kern);
 }
+int security_socket_socketpair(struct socket *socka, struct socket *sockb)
+{
+        return call_int_hook(socket_socketpair, 0, socka, sockb);
+}
+EXPORT_SYMBOL(security_socket_socketpair);
 int security_socket_bind(struct socket *sock, struct sockaddr *address, int addrlen)
 {
        return call_int_hook(socket_bind, 0, sock, address, addrlen);
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 99c4675952f7..7df0f2ee1e88 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -4580,6 +4580,18 @@ static int selinux_socket_post_create(struct socket *sock, int family,
        return err;
 }
+static int selinux_socket_socketpair(struct socket *socka,
+                                     struct socket *sockb)
+{
+        struct sk_security_struct *sksec_a = socka->sk->sk_security;
+        struct sk_security_struct *sksec_b = sockb->sk->sk_security;
+        sksec_a->peer_sid = sksec_b->sid;
+        sksec_b->peer_sid = sksec_a->sid;
+        return 0;
+}
 /* Range of port numbers used to automatically bind.
   Need to determine whether we should perform a name_bind
   permission check between the socket and the port number. */
@@ -7016,6 +7028,7 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = {
        LSM_HOOK_INIT(socket_create, selinux_socket_create),
        LSM_HOOK_INIT(socket_post_create, selinux_socket_post_create),
+        LSM_HOOK_INIT(socket_socketpair, selinux_socket_socketpair),
        LSM_HOOK_INIT(socket_bind, selinux_socket_bind),
        LSM_HOOK_INIT(socket_connect, selinux_socket_connect),
        LSM_HOOK_INIT(socket_listen, selinux_socket_listen),
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 0b414836bebd..dcb976f98df2 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -2842,6 +2842,27 @@ static int smack_socket_post_create(struct socket *sock, int family,
        return smack_netlabel(sock->sk, SMACK_CIPSO_SOCKET);
 }
+/**
+ * smack_socket_socketpair - create socket pair
+ * @socka: one socket
+ * @sockb: another socket
+ *
+ * Cross reference the peer labels for SO_PEERSEC
+ *
+ * Returns 0 on success, and error code otherwise
+ */
+static int smack_socket_socketpair(struct socket *socka,
+                                   struct socket *sockb)
+{
+        struct socket_smack *asp = socka->sk->sk_security;
+        struct socket_smack *bsp = sockb->sk->sk_security;
+        asp->smk_packet = bsp->smk_out;
+        bsp->smk_packet = asp->smk_out;
+        return 0;
+}
 #ifdef SMACK_IPV6_PORT_LABELING
 /**
 * smack_socket_bind - record port binding information.
@@ -4724,6 +4745,7 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = {
        LSM_HOOK_INIT(unix_may_send, smack_unix_may_send),
        LSM_HOOK_INIT(socket_post_create, smack_socket_post_create),
+        LSM_HOOK_INIT(socket_socketpair, smack_socket_socketpair),
 #ifdef SMACK_IPV6_PORT_LABELING
        LSM_HOOK_INIT(socket_bind, smack_socket_bind),
 #endif

diff --git a/security/keys/big_key.c b/security/keys/big_key.c index 933623784ccd..2806e70d7f8f 100644 --- a/security/keys/big_key.c +++ b/security/keys/big_key.c
@@ -22,6 +22,7 @@
22	#include <keys/user-type.h>	22	#include <keys/user-type.h>
23	#include <keys/big_key-type.h>	23	#include <keys/big_key-type.h>
24	#include <crypto/aead.h>	24	#include <crypto/aead.h>
		25	#include <crypto/gcm.h>
25		26
26	struct big_key_buf {	27	struct big_key_buf {
27	unsigned int nr_pages;	28	unsigned int nr_pages;
@@ -85,6 +86,7 @@ struct key_type key_type_big_key = {
85	* Crypto names for big_key data authenticated encryption	86	* Crypto names for big_key data authenticated encryption
86	*/	87	*/
87	static const char big_key_alg_name[] = "gcm(aes)";	88	static const char big_key_alg_name[] = "gcm(aes)";
		89	#define BIG_KEY_IV_SIZE GCM_AES_IV_SIZE
88		90
89	/*	91	/*
90	* Crypto algorithms for big_key data authenticated encryption	92	* Crypto algorithms for big_key data authenticated encryption
@@ -109,7 +111,7 @@ static int big_key_crypt(enum big_key_op op, struct big_key_buf *buf, size_t dat
109	* an .update function, so there's no chance we'll wind up reusing the	111	* an .update function, so there's no chance we'll wind up reusing the
110	* key to encrypt updated data. Simply put: one key, one encryption.	112	* key to encrypt updated data. Simply put: one key, one encryption.
111	*/	113	*/
112	u8 zero_nonce[crypto_aead_ivsize(big_key_aead)];	114	u8 zero_nonce[BIG_KEY_IV_SIZE];
113		115
114	aead_req = aead_request_alloc(big_key_aead, GFP_KERNEL);	116	aead_req = aead_request_alloc(big_key_aead, GFP_KERNEL);
115	if (!aead_req)	117	if (!aead_req)
@@ -425,6 +427,13 @@ static int __init big_key_init(void)
425	pr_err("Can't alloc crypto: %d\n", ret);	427	pr_err("Can't alloc crypto: %d\n", ret);
426	return ret;	428	return ret;
427	}	429	}
		430
		431	if (unlikely(crypto_aead_ivsize(big_key_aead) != BIG_KEY_IV_SIZE)) {
		432	WARN(1, "big key algorithm changed?");
		433	ret = -EINVAL;
		434	goto free_aead;
		435	}
		436
428	ret = crypto_aead_setauthsize(big_key_aead, ENC_AUTHTAG_SIZE);	437	ret = crypto_aead_setauthsize(big_key_aead, ENC_AUTHTAG_SIZE);
429	if (ret < 0) {	438	if (ret < 0) {
430	pr_err("Can't set crypto auth tag len: %d\n", ret);	439	pr_err("Can't set crypto auth tag len: %d\n", ret);


diff --git a/security/keys/dh.c b/security/keys/dh.c index d1ea9f325f94..f7403821db7f 100644 --- a/security/keys/dh.c +++ b/security/keys/dh.c
@@ -162,8 +162,8 @@ static int kdf_ctr(struct kdf_sdesc sdesc, const u8 src, unsigned int slen,
162	goto err;	162	goto err;
163		163
164	if (zlen && h) {	164	if (zlen && h) {
165	u8 tmpbuffer[h];	165	u8 tmpbuffer[32];
166	size_t chunk = min_t(size_t, zlen, h);	166	size_t chunk = min_t(size_t, zlen, sizeof(tmpbuffer));
167	memset(tmpbuffer, 0, chunk);	167	memset(tmpbuffer, 0, chunk);
168		168
169	do {	169	do {
@@ -173,7 +173,7 @@ static int kdf_ctr(struct kdf_sdesc sdesc, const u8 src, unsigned int slen,
173	goto err;	173	goto err;
174		174
175	zlen -= chunk;	175	zlen -= chunk;
176	chunk = min_t(size_t, zlen, h);	176	chunk = min_t(size_t, zlen, sizeof(tmpbuffer));
177	} while (zlen);	177	} while (zlen);
178	}	178	}
179		179
@@ -183,24 +183,13 @@ static int kdf_ctr(struct kdf_sdesc sdesc, const u8 src, unsigned int slen,
183	goto err;	183	goto err;
184	}	184	}
185		185
186	if (dlen < h) {	186	err = crypto_shash_final(desc, dst);
187	u8 tmpbuffer[h];	187	if (err)
188		188	goto err;
189	err = crypto_shash_final(desc, tmpbuffer);
190	if (err)
191	goto err;
192	memcpy(dst, tmpbuffer, dlen);
193	memzero_explicit(tmpbuffer, h);
194	return 0;
195	} else {
196	err = crypto_shash_final(desc, dst);
197	if (err)
198	goto err;
199		189
200	dlen -= h;	190	dlen -= h;
201	dst += h;	191	dst += h;
202	counter = cpu_to_be32(be32_to_cpu(counter) + 1);	192	counter = cpu_to_be32(be32_to_cpu(counter) + 1);
203	}
204	}	193	}
205		194
206	return 0;	195	return 0;
@@ -216,14 +205,16 @@ static int keyctl_dh_compute_kdf(struct kdf_sdesc *sdesc,
216	{	205	{
217	uint8_t *outbuf = NULL;	206	uint8_t *outbuf = NULL;
218	int ret;	207	int ret;
		208	size_t outbuf_len = round_up(buflen,
		209	crypto_shash_digestsize(sdesc->shash.tfm));
219		210
220	outbuf = kmalloc(buflen, GFP_KERNEL);	211	outbuf = kmalloc(outbuf_len, GFP_KERNEL);
221	if (!outbuf) {	212	if (!outbuf) {
222	ret = -ENOMEM;	213	ret = -ENOMEM;
223	goto err;	214	goto err;
224	}	215	}
225		216
226	ret = kdf_ctr(sdesc, kbuf, kbuflen, outbuf, buflen, lzero);	217	ret = kdf_ctr(sdesc, kbuf, kbuflen, outbuf, outbuf_len, lzero);
227	if (ret)	218	if (ret)
228	goto err;	219	goto err;
229		220


diff --git a/security/security.c b/security/security.c index 7bc2fde023a7..68f46d849abe 100644 --- a/security/security.c +++ b/security/security.c
@@ -1358,6 +1358,12 @@ int security_socket_post_create(struct socket *sock, int family,
1358	protocol, kern);	1358	protocol, kern);
1359	}	1359	}
1360		1360
		1361	int security_socket_socketpair(struct socket socka, struct socket sockb)
		1362	{
		1363	return call_int_hook(socket_socketpair, 0, socka, sockb);
		1364	}
		1365	EXPORT_SYMBOL(security_socket_socketpair);
		1366
1361	int security_socket_bind(struct socket sock, struct sockaddr address, int addrlen)	1367	int security_socket_bind(struct socket sock, struct sockaddr address, int addrlen)
1362	{	1368	{
1363	return call_int_hook(socket_bind, 0, sock, address, addrlen);	1369	return call_int_hook(socket_bind, 0, sock, address, addrlen);


diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 99c4675952f7..7df0f2ee1e88 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c
@@ -4580,6 +4580,18 @@ static int selinux_socket_post_create(struct socket *sock, int family,
4580	return err;	4580	return err;
4581	}	4581	}
4582		4582
		4583	static int selinux_socket_socketpair(struct socket *socka,
		4584	struct socket *sockb)
		4585	{
		4586	struct sk_security_struct *sksec_a = socka->sk->sk_security;
		4587	struct sk_security_struct *sksec_b = sockb->sk->sk_security;
		4588
		4589	sksec_a->peer_sid = sksec_b->sid;
		4590	sksec_b->peer_sid = sksec_a->sid;
		4591
		4592	return 0;
		4593	}
		4594
4583	/* Range of port numbers used to automatically bind.	4595	/* Range of port numbers used to automatically bind.
4584	Need to determine whether we should perform a name_bind	4596	Need to determine whether we should perform a name_bind
4585	permission check between the socket and the port number. */	4597	permission check between the socket and the port number. */
@@ -7016,6 +7028,7 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = {
7016		7028
7017	LSM_HOOK_INIT(socket_create, selinux_socket_create),	7029	LSM_HOOK_INIT(socket_create, selinux_socket_create),
7018	LSM_HOOK_INIT(socket_post_create, selinux_socket_post_create),	7030	LSM_HOOK_INIT(socket_post_create, selinux_socket_post_create),
		7031	LSM_HOOK_INIT(socket_socketpair, selinux_socket_socketpair),
7019	LSM_HOOK_INIT(socket_bind, selinux_socket_bind),	7032	LSM_HOOK_INIT(socket_bind, selinux_socket_bind),
7020	LSM_HOOK_INIT(socket_connect, selinux_socket_connect),	7033	LSM_HOOK_INIT(socket_connect, selinux_socket_connect),
7021	LSM_HOOK_INIT(socket_listen, selinux_socket_listen),	7034	LSM_HOOK_INIT(socket_listen, selinux_socket_listen),


diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 0b414836bebd..dcb976f98df2 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c
@@ -2842,6 +2842,27 @@ static int smack_socket_post_create(struct socket *sock, int family,
2842	return smack_netlabel(sock->sk, SMACK_CIPSO_SOCKET);	2842	return smack_netlabel(sock->sk, SMACK_CIPSO_SOCKET);
2843	}	2843	}
2844		2844
		2845	/**
		2846	* smack_socket_socketpair - create socket pair
		2847	* @socka: one socket
		2848	* @sockb: another socket
		2849	*
		2850	* Cross reference the peer labels for SO_PEERSEC
		2851	*
		2852	* Returns 0 on success, and error code otherwise
		2853	*/
		2854	static int smack_socket_socketpair(struct socket *socka,
		2855	struct socket *sockb)
		2856	{
		2857	struct socket_smack *asp = socka->sk->sk_security;
		2858	struct socket_smack *bsp = sockb->sk->sk_security;
		2859
		2860	asp->smk_packet = bsp->smk_out;
		2861	bsp->smk_packet = asp->smk_out;
		2862
		2863	return 0;
		2864	}
		2865
2845	#ifdef SMACK_IPV6_PORT_LABELING	2866	#ifdef SMACK_IPV6_PORT_LABELING
2846	/**	2867	/**
2847	* smack_socket_bind - record port binding information.	2868	* smack_socket_bind - record port binding information.
@@ -4724,6 +4745,7 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = {
4724	LSM_HOOK_INIT(unix_may_send, smack_unix_may_send),	4745	LSM_HOOK_INIT(unix_may_send, smack_unix_may_send),
4725		4746
4726	LSM_HOOK_INIT(socket_post_create, smack_socket_post_create),	4747	LSM_HOOK_INIT(socket_post_create, smack_socket_post_create),
		4748	LSM_HOOK_INIT(socket_socketpair, smack_socket_socketpair),
4727	#ifdef SMACK_IPV6_PORT_LABELING	4749	#ifdef SMACK_IPV6_PORT_LABELING
4728	LSM_HOOK_INIT(socket_bind, smack_socket_bind),	4750	LSM_HOOK_INIT(socket_bind, smack_socket_bind),
4729	#endif	4751	#endif