qiurui
/
Ubuntu-focal-kernel
mirror of https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Ubuntu-focal-kernel/crypto
History
Hailey Mothershead 081beac5a4 crypto: aead, cipher - zeroize key buffer after use 
[ Upstream commit 23e4099bdc3c8381992f9eb975c79196d6755210 ]

I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding
cryptographic information should be zeroized once they are no longer
needed. Accomplish this by using kfree_sensitive for buffers that
previously held the private key.

Signed-off-by: Hailey Mothershead <hailmo@amazon.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>

CVE-2024-42229
(backported from commit 9db8c299a521813630fcb4154298cb60c37f3133 linux-5.10.y)
[bjamison: ignored context conflict from neighboring line that shouldn't
 affect fix - missing commit e8cfed5 (crypto: cipher - remove crt_u.cipher
 (struct cipher_tfm)), and used kzfree instead of kfree_sensitive - renamed in
 commit 453431a (mm, treewide: rename kzfree() to kfree_sensitive())]
Signed-off-by: Bethany Jamison <bethany.jamison@canonical.com>
Acked-by: Thibault Ferrante <thibault.ferrante@canonical.com>
Acked-by: Mehmet Basaran <mehmet.basaran@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
 		2024-09-27 10:50:29 +02:00
..
asymmetric_keys
async_tx
842.c
Kconfig
Makefile
ablkcipher.c
acompress.c
adiantum.c
aead.c crypto: aead, cipher - zeroize key buffer after use 2024-09-27 10:50:29 +02:00
aegis.h
aegis128-core.c
aegis128-neon-inner.c
aegis128-neon.c
aes_generic.c
aes_ti.c
af_alg.c crypto: af_alg - Disallow multiple in-flight AIO requests 2024-02-29 15:23:35 +01:00
ahash.c
akcipher.c
algapi.c Revert "crypto: api - Disallow identical driver names" 2024-06-07 15:01:46 +02:00
algboss.c
algif_aead.c
algif_hash.c
algif_rng.c
algif_skcipher.c
ansi_cprng.c
anubis.c
api.c
arc4.c
authenc.c
authencesn.c
blkcipher.c
blowfish_common.c
blowfish_generic.c
camellia_generic.c
cast5_generic.c
cast6_generic.c
cast_common.c
cbc.c
ccm.c
cfb.c
chacha20poly1305.c
chacha_generic.c
cipher.c crypto: aead, cipher - zeroize key buffer after use 2024-09-27 10:50:29 +02:00
cmac.c
compress.c
crc32_generic.c
crc32c_generic.c
crct10dif_common.c
crct10dif_generic.c
cryptd.c
crypto_engine.c
crypto_null.c
crypto_user_base.c
crypto_user_stat.c
ctr.c
cts.c
deflate.c
des_generic.c
dh.c
dh_helper.c
drbg.c
ecb.c
ecc.c
ecc.h
ecc_curve_defs.h
ecdh.c
ecdh_helper.c
echainiv.c
ecrdsa.c crypto: ecrdsa - Fix module auto-load on add_key 2024-07-05 10:52:03 +02:00
ecrdsa_defs.h
ecrdsa_params.asn1
ecrdsa_pub_key.asn1
essiv.c
fcrypt.c
fips.c
gcm.c
gf128mul.c
ghash-generic.c
hash_info.c
hmac.c
internal.h
jitterentropy-kcapi.c
jitterentropy.c
keywrap.c
khazad.c
kpp.c
lrw.c
lz4.c
lz4hc.c
lzo-rle.c
lzo.c
md4.c
md5.c
memneq.c
michael_mic.c
nhpoly1305.c
ofb.c
pcbc.c
pcrypt.c
poly1305_generic.c
proc.c
ripemd.h
rmd128.c
rmd160.c
rmd256.c
rmd320.c
rng.c
rsa-pkcs1pad.c
rsa.c
rsa_helper.c
rsaprivkey.asn1
rsapubkey.asn1
salsa20_generic.c
scatterwalk.c
scompress.c crypto: scomp - fix req->dst buffer overflow 2024-02-29 15:23:35 +01:00
seed.c
seqiv.c
serpent_generic.c
sha1_generic.c
sha3_generic.c
sha256_generic.c
sha512_generic.c
shash.c
simd.c
skcipher.c
sm3_generic.c
sm4_generic.c
streebog_generic.c
tcrypt.c
tcrypt.h
tea.c
testmgr.c
testmgr.h
tgr192.c
twofish_common.c
twofish_generic.c
vmac.c
wp512.c
xcbc.c
xor.c
xts.c
xxhash_generic.c
zstd.c