)]}' { "log": [ { "commit": "2f32bfd834d5d7eb230bcbf39aaacccd2a01d767", "tree": "82f214b733e93ff81c4f0da45a756fe9fdc4dee2", "parents": [ "507069c91e36786b3fa5d9515c35ed6bb0ce469b" ], "author": { "name": "Jaswinder Singh Rajput", "email": "jaswinderrajput@gmail.com", "time": "Mon Nov 23 20:25:50 2009 +0800" }, "committer": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Mon Nov 23 20:25:50 2009 +0800" }, "message": "crypto: ansi_cprng - Move FIPS functions under CONFIG_CRYPTO_FIPS\n\nfips_cprng_get_random and fips_cprng_reset is used only by\nCONFIG_CRYPTO_FIPS. This also fixes compilation warnings:\n\n crypto/ansi_cprng.c:360: warning: ‘fips_cprng_get_random’ defined but not used\n crypto/ansi_cprng.c:393: warning: ‘fips_cprng_reset’ defined but not used\n\nSigned-off-by: Jaswinder Singh Rajput \u003cjaswinderrajput@gmail.com\u003e\nAcked-by: Neil Horman \u003cnhorman@tuxdriver.com\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\n" }, { "commit": "2024e7d6804b3f6251b28126eceb7f6bf2e3a4e8", "tree": "c39cab03649b8bbb28bccb504d37af3b77bbfbf9", "parents": [ "8ffd1be6779c86ebc2a1013f43fdcee8bdbba2b7" ], "author": { "name": "Roel Kluin", "email": "roel.kluin@gmail.com", "time": "Tue Oct 27 18:51:33 2009 +0800" }, "committer": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Tue Oct 27 18:51:33 2009 +0800" }, "message": "crypto: ansi_cprng - Fix test in get_prng_bytes\n\nsize_t nbytes cannot be less than 0 and the test was redundant.\n\nSigned-off-by: Roel Kluin \u003croel.kluin@gmail.com\u003e\nAcked-by: Neil Horman \u003cnhorman@tuxdriver.com\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\n" }, { "commit": "667b6294bf088445996c8395b723ae9c9467e72b", "tree": "a1a78547fc3e6ab1fe88b5d13a10d0f9fbceab3b", "parents": [ "0e1227d356e9b2fe0500d6cc7084f752040a1e0e" ], "author": { "name": "Neil Horman", "email": "nhorman@tuxdriver.com", "time": "Mon Oct 19 11:57:02 2009 +0900" }, "committer": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Mon Oct 19 11:57:02 2009 +0900" }, "message": "crypto: ansi_cprng - Add FIPS wrapper\n\nPatch to add fips(ansi_cprng) alg, which is ansi_cprng plus a continuous test\n\nSigned-off-by: Neil Horman \u003cnhorman@tuxdriver.com\u003e\nAcked-by: Jarod Wilson \u003cjarod@redhat.com\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\n" }, { "commit": "a367b17f34e1280270a6b577c11d5ecff093f9ae", "tree": "62b8906852cf2fd85821d9b90ce025240a7b9e9f", "parents": [ "36f87a4a29cb8cd291169483079fde34bad4ef16" ], "author": { "name": "Steffen Klassert", "email": "steffen.klassert@secunet.com", "time": "Sat Aug 29 17:36:25 2009 +1000" }, "committer": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Sat Aug 29 17:36:25 2009 +1000" }, "message": "crypto: ansi_cprng - Fix module initialization\n\nReturn the value we got from crypto_register_alg() instead of\nreturning 0 in any case.\n\nSigned-off-by: Steffen Klassert \u003csteffen.klassert@secunet.com\u003e\nAcked-by: Neil Horman \u003cnhorman@tuxdriver.com\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\n" }, { "commit": "fd09d7facb7cf3a884979eb5f843338ce1ce9b43", "tree": "c0b8db57177d46a98d66b89938ce1c8f8e37282f", "parents": [ "ed94070058033a3c99fe62c90d00c39dc443c679" ], "author": { "name": "Sebastian Andrzej Siewior", "email": "sebastian@breakpoint.cc", "time": "Fri Jul 03 12:10:47 2009 +0800" }, "committer": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Fri Jul 03 12:10:47 2009 +0800" }, "message": "crypto: ansi_prng - alloc cipher just in init\n\nAs reported by Eric Sesterhenn the re-allocation of the cipher in reset leads\nto:\n|BUG: sleeping function called from invalid context at kernel/rwsem.c:21\n|in_atomic(): 1, irqs_disabled(): 0, pid: 4926, name: modprobe\n|INFO: lockdep is turned off.\n|Pid: 4926, comm: modprobe Tainted: G M 2.6.31-rc1-22297-g5298976 #24\n|Call Trace:\n| [\u003cc011dd93\u003e] __might_sleep+0xf9/0x101\n| [\u003cc0777aa0\u003e] down_read+0x16/0x68\n| [\u003cc048bf04\u003e] crypto_alg_lookup+0x16/0x34\n| [\u003cc048bf52\u003e] crypto_larval_lookup+0x30/0xf9\n| [\u003cc048c038\u003e] crypto_alg_mod_lookup+0x1d/0x62\n| [\u003cc048c13e\u003e] crypto_alloc_base+0x1e/0x64\n| [\u003cc04bf991\u003e] reset_prng_context+0xab/0x13f\n| [\u003cc04e5cfc\u003e] ? __spin_lock_init+0x27/0x51\n| [\u003cc04bfce1\u003e] cprng_init+0x2a/0x42\n| [\u003cc048bb4c\u003e] __crypto_alloc_tfm+0xfa/0x128\n| [\u003cc048c153\u003e] crypto_alloc_base+0x33/0x64\n| [\u003cc04933c9\u003e] alg_test_cprng+0x30/0x1f4\n| [\u003cc0493329\u003e] alg_test+0x12f/0x19f\n| [\u003cc0177f1f\u003e] ? __alloc_pages_nodemask+0x14d/0x481\n| [\u003cd09219e2\u003e] do_test+0xf9d/0x163f [tcrypt]\n| [\u003cd0920de6\u003e] do_test+0x3a1/0x163f [tcrypt]\n| [\u003cd0926035\u003e] tcrypt_mod_init+0x35/0x7c [tcrypt]\n| [\u003cc010113c\u003e] _stext+0x54/0x12c\n| [\u003cd0926000\u003e] ? tcrypt_mod_init+0x0/0x7c [tcrypt]\n| [\u003cc01398a3\u003e] ? up_read+0x16/0x2b\n| [\u003cc0139fc4\u003e] ? __blocking_notifier_call_chain+0x40/0x4c\n| [\u003cc014ee8d\u003e] sys_init_module+0xa9/0x1bf\n| [\u003cc010292b\u003e] sysenter_do_call+0x12/0x32\n\nbecause a spin lock is held and crypto_alloc_base() may sleep.\nThere is no reason to re-allocate the cipher, the state is resetted in\n-\u003esetkey(). This patches makes the cipher allocation a one time thing and\nmoves it to init.\n\nReported-by: Eric Sesterhenn \u003ceric.sesterhenn@lsexperts.de\u003e\nSigned-off-by: Sebastian Andrzej Siewior \u003csebastian@breakpoint.cc\u003e\nAcked-by: Neil Horman \u003cnhorman@tuxdriver.com\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\n" }, { "commit": "ed94070058033a3c99fe62c90d00c39dc443c679", "tree": "5ae19b435f0903e67834e10ddccec2be4cfa4ab6", "parents": [ "a68f6610d4f1ebe61818f5926fa8fa9e75d06a95" ], "author": { "name": "Sebastian Andrzej Siewior", "email": "sebastian@breakpoint.cc", "time": "Fri Jul 03 12:09:41 2009 +0800" }, "committer": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Fri Jul 03 12:09:41 2009 +0800" }, "message": "crypto: ansi_prng - Use just a BH lock\n\nThe current code uses a mix of sping_lock() \u0026 spin_lock_irqsave(). This can\nlead to deadlock with the correct timming \u0026 cprng_get_random() + cprng_reset()\nsequence.\nI\u0027ve converted them to bottom half locks since all three user grab just a BH\nlock so this runs probably in softirq :)\n\nSigned-off-by: Sebastian Andrzej Siewior \u003csebastian@breakpoint.cc\u003e\nAcked-by: Neil Horman \u003cnhorman@tuxdriver.com\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\n" }, { "commit": "c5b1e545a567c52081239bd5d187669640d0146f", "tree": "8e55b9fc925e420b3bda30d0a70e611badc562bb", "parents": [ "563f346d04e8373739240604a51ce8529dd9f07e" ], "author": { "name": "Neil Horman", "email": "nhorman@tuxdriver.com", "time": "Thu Feb 05 16:01:38 2009 +1100" }, "committer": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Wed Feb 18 16:48:07 2009 +0800" }, "message": "crypto: ansi_cprng - Panic on CPRNG test failure when in FIPS mode \n\nFIPS 140-2 specifies that all access to various cryptographic modules be\nprevented in the event that any of the provided self tests fail on the various\nimplemented algorithms. We already panic when any of the test in testmgr.c\nfail when we are operating in fips mode. The continuous test in the cprng here\nwas missed when that was implmented. This code simply checks for the\nfips_enabled flag if the test fails, and warns us via syslog or panics the box\naccordingly.\n\nSigned-off-by: Neil Horman \u003cnhorman@tuxdriver.com\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\n" }, { "commit": "d7992f42c61d5dc6d164f7dddd05284485204ada", "tree": "02e6d942f6859ad9cd0e8d7c2cd56bf84bc2f54a", "parents": [ "54b6a1bd5364aca95cd6ffae00f2b64c6511122c" ], "author": { "name": "Neil Horman", "email": "nhorman@redhat.com", "time": "Wed Jan 28 15:20:51 2009 +1100" }, "committer": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Wed Feb 18 16:48:06 2009 +0800" }, "message": "crypto: ansi_cprng - Force reset on allocation\n\nPseudo RNGs provide predictable outputs based on input parateters {key, V, DT},\nthe idea behind them is that only the user should know what the inputs are.\nWhile its nice to have default known values for testing purposes, it seems\ndangerous to allow the use of those default values without some sort of safety\nmeasure in place, lest an attacker easily guess the output of the cprng. This\npatch forces the NEED_RESET flag on when allocating a cprng context, so that any\nuser is forced to reseed it before use. The defaults can still be used for\ntesting, but this will prevent their inadvertent use, and be more secure.\n \nSigned-off-by: Neil Horman \u003cnhorman@redhat.com\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\n" }, { "commit": "09fbf7c0f24176ef3b450c590f220ed8033dd2c3", "tree": "b4f6f918cc43ee50f459d4f95ef6a100cf43db83", "parents": [ "93027354d6e8a66a12dedb89d59b21cf7c2d35ed" ], "author": { "name": "Jarod Wilson", "email": "jarod@redhat.com", "time": "Mon Nov 24 21:20:13 2008 +0800" }, "committer": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Thu Dec 25 11:01:49 2008 +1100" }, "message": "crypto: ansi_cprng - fix inverted DT increment routine\n\nThe ANSI X9.31 PRNG docs aren\u0027t particularly clear on how to increment DT,\nbut empirical testing shows we\u0027re incrementing from the wrong end. A 10,000\niteration Monte Carlo RNG test currently winds up not getting the expected\nresult.\n\nFrom http://csrc.nist.gov/groups/STM/cavp/documents/rng/RNGVS.pdf :\n\n# CAVS 4.3\n# ANSI931 MCT\n[X9.31]\n[AES 128-Key]\n\nCOUNT \u003d 0\nKey \u003d 9f5b51200bf334b5d82be8c37255c848\nDT \u003d 6376bbe52902ba3b67c925fa701f11ac\nV \u003d 572c8e76872647977e74fbddc49501d1\nR \u003d 48e9bd0d06ee18fbe45790d5c3fc9b73\n\nCurrently, we get 0dd08496c4f7178bfa70a2161a79459a after 10000 loops.\n\nInverting the DT increment routine results in us obtaining the expected result\nof 48e9bd0d06ee18fbe45790d5c3fc9b73. Verified on both x86_64 and ppc64.\n\nSigned-off-by: Jarod Wilson \u003cjarod@redhat.com\u003e\nAcked-by: Neil Horman \u003cnhorman@tuxdriver.com\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\n" }, { "commit": "aa1a85dbd1d3265ca36f684026fe7689b7836bed", "tree": "02a609343c67482352f8319b952454d0c006d1b1", "parents": [ "31a61bfc6e415fbd871317cbee7b8a4158d8ac5b" ], "author": { "name": "Jarod Wilson", "email": "jarod@redhat.com", "time": "Thu Nov 13 22:03:20 2008 +0800" }, "committer": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Thu Dec 25 11:01:47 2008 +1100" }, "message": "crypto: ansi_cprng - Avoid incorrect extra call to _get_more_prng_bytes\n\nWhile working with some FIPS RNGVS test vectors yesterday, I discovered a\nlittle bug in the way the ansi_cprng code works right now.\n\nFor example, the following test vector (complete with expected result)\nfrom http://csrc.nist.gov/groups/STM/cavp/documents/rng/RNGVS.pdf ...\n\nKey \u003d f3b1666d13607242ed061cabb8d46202\nDT \u003d e6b3be782a23fa62d71d4afbb0e922fc\nV \u003d f0000000000000000000000000000000\nR \u003d 88dda456302423e5f69da57e7b95c73a\n\n...when run through ansi_cprng, yields an incorrect R value\nof e2afe0d794120103d6e86a2b503bdfaa.\n\nIf I load up ansi_cprng w/dbg\u003d1 though, it was fairly obvious what was\ngoing wrong:\n\n----8\u003c----\ngetting 16 random bytes for context ffff810033fb2b10\nCalling _get_more_prng_bytes for context ffff810033fb2b10\nInput DT: 00000000: e6 b3 be 78 2a 23 fa 62 d7 1d 4a fb b0 e9 22 fc \nInput I: 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \nInput V: 00000000: f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \ntmp stage 0: 00000000: e6 b3 be 78 2a 23 fa 62 d7 1d 4a fb b0 e9 22 fc \ntmp stage 1: 00000000: f4 8e cb 25 94 3e 8c 31 d6 14 cd 8a 23 f1 3f 84 \ntmp stage 2: 00000000: 8c 53 6f 73 a4 1a af d4 20 89 68 f4 58 64 f8 be \nReturning new block for context ffff810033fb2b10\nOutput DT: 00000000: e7 b3 be 78 2a 23 fa 62 d7 1d 4a fb b0 e9 22 fc \nOutput I: 00000000: 04 8e cb 25 94 3e 8c 31 d6 14 cd 8a 23 f1 3f 84 \nOutput V: 00000000: 48 89 3b 71 bc e4 00 b6 5e 21 ba 37 8a 0a d5 70 \nNew Random Data: 00000000: 88 dd a4 56 30 24 23 e5 f6 9d a5 7e 7b 95 c7 3a \nCalling _get_more_prng_bytes for context ffff810033fb2b10\nInput DT: 00000000: e7 b3 be 78 2a 23 fa 62 d7 1d 4a fb b0 e9 22 fc \nInput I: 00000000: 04 8e cb 25 94 3e 8c 31 d6 14 cd 8a 23 f1 3f 84 \nInput V: 00000000: 48 89 3b 71 bc e4 00 b6 5e 21 ba 37 8a 0a d5 70 \ntmp stage 0: 00000000: e7 b3 be 78 2a 23 fa 62 d7 1d 4a fb b0 e9 22 fc \ntmp stage 1: 00000000: 80 6b 3a 8c 23 ae 8f 53 be 71 4c 16 fc 13 b2 ea \ntmp stage 2: 00000000: 2a 4d e1 2a 0b 58 8e e6 36 b8 9c 0a 26 22 b8 30 \nReturning new block for context ffff810033fb2b10\nOutput DT: 00000000: e8 b3 be 78 2a 23 fa 62 d7 1d 4a fb b0 e9 22 fc \nOutput I: 00000000: c8 e2 01 fd 9f 4a 8f e5 e0 50 f6 21 76 19 67 9a \nOutput V: 00000000: ba 98 e3 75 c0 1b 81 8d 03 d6 f8 e2 0c c6 54 4b \nNew Random Data: 00000000: e2 af e0 d7 94 12 01 03 d6 e8 6a 2b 50 3b df aa \nreturning 16 from get_prng_bytes in context ffff810033fb2b10\n----8\u003c----\n\nThe expected result is there, in the first \"New Random Data\", but we\u0027re\nincorrectly making a second call to _get_more_prng_bytes, due to some checks\nthat are slightly off, which resulted in our original bytes never being\nreturned anywhere.\n\nOne approach to fixing this would be to alter some byte_count checks in\nget_prng_bytes, but it would mean the last DEFAULT_BLK_SZ bytes would be\ncopied a byte at a time, rather than in a single memcpy, so a slightly more\ninvolved, equally functional, and ultimately more efficient way of fixing this\nwas suggested to me by Neil, which I\u0027m submitting here. All of the RNGVS ANSI\nX9.31 AES128 VST test vectors I\u0027ve passed through ansi_cprng are now returning\nthe expected results with this change.\n\nSigned-off-by: Jarod Wilson \u003cjarod@redhat.com\u003e\nAcked-by: Neil Horman \u003cnhorman@tuxdriver.com\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\n" }, { "commit": "2566578a6feb9d9e39da41326afe8ed6022db3c5", "tree": "4fb341d8912afbf5b1c47e0938f251210843ef2d", "parents": [ "420a4b20c504e4674bf253601f793bdb254f99fa" ], "author": { "name": "Neil Horman", "email": "nhorman@tuxdriver.com", "time": "Wed Nov 05 12:13:14 2008 +0800" }, "committer": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Thu Dec 25 11:01:21 2008 +1100" }, "message": "crypto: ansi_cprng - Allow resetting of DT value\n\n\tThis is a patch that was sent to me by Jarod Wilson, marking off my\noutstanding todo to allow the ansi cprng to set/reset the DT counter value in a\ncprng instance. Currently crytpo_rng_reset accepts a seed byte array which is\ninterpreted by the ansi_cprng as a {V key} tuple. This patch extends that tuple\nto now be {V key DT}, with DT an optional value during reset. This patch also\nfixes a bug we noticed in which the offset of the key area of the seed is\nstarted at DEFAULT_PRNG_KSZ rather than DEFAULT_BLK_SZ as it should be.\n\nSigned-off-by: Neil Horman \u003cnhorman@tuxdriver.com\u003e\nSigned-off-by: Jarod Wilson \u003cjarod@redhat.com\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\n" }, { "commit": "17f0f4a47df9aea9ee26c939f8057c35e0be1847", "tree": "d6c7ff6c93573227a49c9e8fe06c53d97950e4e6", "parents": [ "ccb778e1841ce04b4c10b39f0dd2558ab2c6dcd4" ], "author": { "name": "Neil Horman", "email": "nhorman@tuxdriver.com", "time": "Thu Aug 14 22:15:52 2008 +1000" }, "committer": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Fri Aug 29 15:50:04 2008 +1000" }, "message": "crypto: rng - RNG interface and implementation\n\nThis patch adds a random number generator interface as well as a\ncryptographic pseudo-random number generator based on AES. It is\nmeant to be used in cases where a deterministic CPRNG is required.\n\nOne of the first applications will be as an input in the IPsec IV\ngeneration process.\n\nSigned-off-by: Neil Horman \u003cnhorman@tuxdriver.com\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\n" } ] }