OpenSDV
/
original_kernel
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
original_kernel/crypto
History
Eric W. Biederman 90f62cf30a net: Use netlink_ns_capable to verify the permisions of netlink messages 
It is possible by passing a netlink socket to a more privileged
executable and then to fool that executable into writing to the socket
data that happens to be valid netlink message to do something that
privileged executable did not intend to do.

To keep this from happening replace bare capable and ns_capable calls
with netlink_capable, netlink_net_calls and netlink_ns_capable calls.
Which act the same as the previous calls except they verify that the
opener of the socket had the desired permissions as well.

Reported-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2014-04-24 13:44:54 -04:00
..
asymmetric_keys Revert "KEYS: verify a certificate is signed by a 'trusted' key" 2013-11-23 16:38:17 -08:00
async_tx Merge commit 'dmaengine-3.13-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/djbw/dmaengine 2013-11-16 12:02:36 +05:30
842.c
Kconfig crypto: sha - SHA1 transform x86_64 AVX2 2014-03-21 21:54:30 +08:00
Makefile CRC32C: Add soft module dependency to load other accelerated crc32c modules 2014-02-25 19:45:04 +08:00
ablk_helper.c
ablkcipher.c
aead.c
aes_generic.c
af_alg.c tree-wide: use reinit_completion instead of INIT_COMPLETION 2013-11-15 09:32:21 +09:00
ahash.c crypto: hash - Simplify the ahash_finup implementation 2014-03-21 21:54:22 +08:00
algapi.c
algboss.c
algif_hash.c net: update consumers of MSG_MORE to recognize MSG_SENDPAGE_NOTLAST 2013-11-29 16:32:54 -05:00
algif_skcipher.c net: update consumers of MSG_MORE to recognize MSG_SENDPAGE_NOTLAST 2013-11-29 16:32:54 -05:00
ansi_cprng.c
anubis.c
api.c
arc4.c
authenc.c crypto: authenc - Find proper IV address in ablkcipher callback 2013-11-28 22:16:23 +08:00
authencesn.c
blkcipher.c crypto: allow blkcipher walks over AEAD data 2014-03-10 20:17:11 +08:00
blowfish_common.c
blowfish_generic.c
camellia_generic.c
cast5_generic.c
cast6_generic.c
cast_common.c
cbc.c
ccm.c crypto: ccm - Fix handling of zero plaintext when computing mac 2013-11-28 22:25:17 +08:00
chainiv.c
cipher.c
cmac.c
compress.c
crc32.c
crc32c_generic.c CRC32C: Add soft module dependency to load other accelerated crc32c modules 2014-02-25 19:45:04 +08:00
crct10dif_common.c
crct10dif_generic.c
cryptd.c
crypto_null.c crypto: export NULL algorithms defines 2014-03-21 21:54:26 +08:00
crypto_user.c net: Use netlink_ns_capable to verify the permisions of netlink messages 2014-04-24 13:44:54 -04:00
crypto_wq.c crypto: crypto_wq - Fix late crypto work queue initialization 2014-03-21 21:54:28 +08:00
ctr.c
cts.c
deflate.c
des_generic.c
ecb.c
eseqiv.c
fcrypt.c
fips.c
gcm.c
gf128mul.c
ghash-generic.c
hash_info.c
hmac.c
internal.h
khazad.c
krng.c
lrw.c
lz4.c
lz4hc.c
lzo.c
md4.c
md5.c
memneq.c crypto: memneq - fix for archs without efficient unaligned access 2013-12-09 20:09:12 +08:00
michael_mic.c
pcbc.c
pcompress.c
pcrypt.c crypto: pcrypt - Fix wrong usage of rcu_dereference() 2013-12-05 21:28:42 +08:00
proc.c
ripemd.h
rmd128.c
rmd160.c
rmd256.c
rmd320.c
rng.c
salsa20_generic.c
scatterwalk.c
seed.c
seqiv.c
serpent_generic.c
sha1_generic.c
sha256_generic.c
sha512_generic.c
shash.c
tcrypt.c crypto: testmgr - add aead null encryption test vectors 2014-03-21 21:54:27 +08:00
tcrypt.h crypto: tcrypt - Added speed tests for AEAD crypto alogrithms in tcrypt test suite 2013-12-20 20:06:25 +08:00
tea.c
testmgr.c crypto: testmgr - add aead null encryption test vectors 2014-03-21 21:54:27 +08:00
testmgr.h crypto: testmgr - add aead null encryption test vectors 2014-03-21 21:54:27 +08:00
tgr192.c
twofish_common.c
twofish_generic.c
vmac.c
wp512.c
xcbc.c
xor.c
xts.c
zlib.c