Mark Johnston 564b6aa7fc aesni: Avoid a potential out-of-bounds load in aes_encrypt_icm() ... Given a partial block at the end of a payload, aes_encrypt_icm() would perform a 16-byte load of the residual into a temporary variable. This is unsafe in principle since the full block may cross a page boundary. Fix the problem by copying the residual into a stack buffer first. Reported by: syzbot+b7e44cde9e2e89f0f6c9@syzkaller.appspotmail.com Reported by: syzbot+4b5eaf123a99456b5160@syzkaller.appspotmail.com Reported by: syzbot+70c74c1aa232633355ca@syzkaller.appspotmail.com Reported by: syzbot+2c663776a52828373d41@syzkaller.appspotmail.com Reviewed by: cem, jhb MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D31730		2021-08-30 14:22:20 -04:00
..
aesni	aesni: Avoid a potential out-of-bounds load in aes_encrypt_icm()	2021-08-30 14:22:20 -04:00
armv8	Remove "All Rights Reserved" from FreeBSD Foundation sys/ copyrights	2021-08-08 10:42:24 -04:00
blake2	crypto: Constify all transform descriptors	2021-07-26 16:41:05 -04:00
camellia
ccp	crypto: Constify all transform descriptors	2021-07-26 16:41:05 -04:00
chacha20	crypto: Constify all transform descriptors	2021-07-26 16:41:05 -04:00
des	Add CFI start/end proc directives to arm64, i386, and ppc	2020-12-05 00:33:28 +00:00
libsodium	Bring in compatibility glue for libsodium	2018-08-17 00:27:56 +00:00
openssl	ossl: Use crypto_cursor_segment().	2021-05-25 16:59:19 -07:00
rc4
rijndael	Consistently use C99 fixed-width types in the in-kernel crypto code.	2020-11-03 22:27:54 +00:00
sha2	Use arm64 sha256 intrinsics in libmd	2021-08-11 10:20:48 +00:00
siphash
skein	Consistently use C99 fixed-width types in the in-kernel crypto code.	2020-11-03 22:27:54 +00:00
via	crypto: Constify all transform descriptors	2021-07-26 16:41:05 -04:00
intake.h
sha1.c	Replace some K&R function definitions with ANSI C.	2020-11-03 22:32:30 +00:00
sha1.h	Consistently use C99 fixed-width types in the in-kernel crypto code.	2020-11-03 22:27:54 +00:00