[PATCH] security/keys: make BIG_KEYS dependent on stdrng.

From: Artem Savkov
Date: Mon Sep 05 2016 - 08:38:14 EST

Next message: Tejun Heo: "[PATCH] power: avoid calling cancel_delayed_work_sync() during early boot"
Previous message: Matt Fleming: "Re: [PATCH 1/2] x86/efi: Optimize away setup_gop32/64 if unused"
Next in thread: David Howells: "Re: [PATCH] security/keys: make BIG_KEYS dependent on stdrng."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Since BIG_KEYS can't be compiled as module it requires one of the "stdrng"
providers to be compiled into kernel. Otherwise big_key_crypto_init() fails
on crypto_alloc_rng step and next dereference of big_key_skcipher (e.g. in
big_key_preparse()) results in a NULL pointer dereference.

Signed-off-by: Artem Savkov <asavkov@xxxxxxxxxx>
---
security/keys/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index f826e87..d942c7c 100644
--- a/security/keys/Kconfig
+++ b/security/keys/Kconfig
@@ -41,7 +41,7 @@ config BIG_KEYS
bool "Large payload keys"
depends on KEYS
depends on TMPFS
- select CRYPTO
+ depends on (CRYPTO_ANSI_CPRNG = y || CRYPTO_DRBG = y)
select CRYPTO_AES
select CRYPTO_ECB
select CRYPTO_RNG
--
2.7.4

Next message: Tejun Heo: "[PATCH] power: avoid calling cancel_delayed_work_sync() during early boot"
Previous message: Matt Fleming: "Re: [PATCH 1/2] x86/efi: Optimize away setup_gop32/64 if unused"
Next in thread: David Howells: "Re: [PATCH] security/keys: make BIG_KEYS dependent on stdrng."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]