Add userspace pcbc(fcrypt) fallback and nscd invalidation for AF_ALG-blocked environments#70
Open
0oAstro wants to merge 1 commit into
Open
Add userspace pcbc(fcrypt) fallback and nscd invalidation for AF_ALG-blocked environments#700oAstro wants to merge 1 commit into
0oAstro wants to merge 1 commit into
Conversation
Three fixes for AF_ALG-blocked and nscd-active environments: 1. Add fcrypt_user_encrypt() — userspace encrypt counterpart to fcrypt_user_decrypt(), with corrected round argument order. Kernel's F_ENCRYPT(R,L,k) swaps args vs naive port of decrypt. 2. Add pcbc_fcrypt_encrypt_userspace() — full PCBC mode encrypt using userspace fcrypt, so compute_csum_iv() and compute_cksum() fall back when AF_ALG is unavailable (blacklisted/blocked). 3. Add nscd passwd cache invalidation before STAGE 4 su PTY. Without this, PAM reads stale nscd entries and su fails despite corrupted /etc/passwd page cache and nullok.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Three fixes for Dirty Frag RxRPC variant when AF_ALG is blacklisted or nscd caches stale passwd entries.
Changes
1. Userspace pcbc(fcrypt) fallback
The cksum computation (compute_csum_iv, compute_cksum) needs socket(AF_ALG) + bind("pcbc(fcrypt)"). Systems with af_alg blacklisted fail here.
Added fcrypt_user_encrypt() and pcbc_fcrypt_encrypt_userspace() so both functions fall back to pure userspace crypto when AF_ALG is unavailable.
The encrypt round argument order is SWAPPED vs fcrypt_user_decrypt — matching the kernel F_ENCRYPT(R, L, k) convention. A naive copy of decrypt produces wrong output.
2. nscd invalidation before STAGE 4
On nscd-active systems (Ubuntu 24.04 default), PAM reads cached passwd, sees original root:x:... line, defers to shadow — blank password fails despite corrupted page cache and nullok.
Added nscd --invalidate passwd before su PTY, forcing PAM to read the actual corrupted file.
3. Forward declaration
Added forward decl for pcbc_fcrypt_encrypt_userspace() to fix implicit declaration warning.
Testing