4.8-stable review patch. If anyone has any objections, please let me know.
------------------ From: Artem Savkov <[email protected]> commit 31e6ec4519c0fe0ee4a2f6ba3ab278e9506b9500 upstream. Since BIG_KEYS can't be compiled as module it requires one of the "stdrng" providers to be compiled into kernel. Otherwise big_key_crypto_init() fails on crypto_alloc_rng step and next dereference of big_key_skcipher (e.g. in big_key_preparse()) results in a NULL pointer dereference. Fixes: 13100a72f40f5748a04017e0ab3df4cf27c809ef ('Security: Keys: Big keys stored encrypted') Signed-off-by: Artem Savkov <[email protected]> Signed-off-by: David Howells <[email protected]> cc: Stephan Mueller <[email protected]> cc: Kirill Marinushkin <[email protected]> Signed-off-by: James Morris <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]> --- security/keys/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/security/keys/Kconfig +++ b/security/keys/Kconfig @@ -41,7 +41,7 @@ config BIG_KEYS bool "Large payload keys" depends on KEYS depends on TMPFS - select CRYPTO + depends on (CRYPTO_ANSI_CPRNG = y || CRYPTO_DRBG = y) select CRYPTO_AES select CRYPTO_ECB select CRYPTO_RNG
