| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 27 Sep 2016 16:46:44 -0300
From: Marcelo Cerri <marcelo.cerri@...onical.com>
To: Jan Stancek <jstancek@...hat.com>
Cc: Herbert Xu <herbert@...dor.apana.org.au>,
rui y wang <rui.y.wang@...el.com>,
mhcerri@...ux.vnet.ibm.com, leosilva@...ux.vnet.ibm.com,
pfsmorigo@...ux.vnet.ibm.com, linux-crypto@...r.kernel.org,
linuxppc-dev@...ts.ozlabs.org, linux-kernel@...r.kernel.org
Subject: Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
Jan,
Can you check if the problem occurs with this patch?
---
drivers/crypto/vmx/ghash.c | 28 +++++++++++++++++-----------
drivers/crypto/vmx/vmx.c | 9 +++++++++
2 files changed, 26 insertions(+), 11 deletions(-)
diff --git a/drivers/crypto/vmx/ghash.c b/drivers/crypto/vmx/ghash.c
index 6c999cb0..033aba1 100644
--- a/drivers/crypto/vmx/ghash.c
+++ b/drivers/crypto/vmx/ghash.c
@@ -36,6 +36,8 @@
#define GHASH_DIGEST_SIZE (16)
#define GHASH_KEY_LEN (16)
+#define GHASH_FALLBACK_ALG "ghash-generic"
+
void gcm_init_p8(u128 htable[16], const u64 Xi[2]);
void gcm_gmult_p8(u64 Xi[2], const u128 htable[16]);
void gcm_ghash_p8(u64 Xi[2], const u128 htable[16],
@@ -53,18 +55,26 @@ struct p8_ghash_desc_ctx {
struct shash_desc fallback_desc;
};
+int p8_ghash_fallback_descsize(void)
+{
+ int descsize;
+ struct crypto_shash *fallback;
+ fallback = crypto_alloc_shash(GHASH_FALLBACK_ALG, 0,
+ CRYPTO_ALG_NEED_FALLBACK);
+ if (IS_ERR(fallback)) {
+ return PTR_ERR(fallback);
+ }
+ descsize = crypto_shash_descsize(fallback);
+ crypto_free_shash(fallback);
+ return descsize;
+}
+
static int p8_ghash_init_tfm(struct crypto_tfm *tfm)
{
- const char *alg;
+ const char *alg = GHASH_FALLBACK_ALG;
struct crypto_shash *fallback;
- struct crypto_shash *shash_tfm = __crypto_shash_cast(tfm);
struct p8_ghash_ctx *ctx = crypto_tfm_ctx(tfm);
- if (!(alg = crypto_tfm_alg_name(tfm))) {
- printk(KERN_ERR "Failed to get algorithm name.\n");
- return -ENOENT;
- }
-
fallback = crypto_alloc_shash(alg, 0, CRYPTO_ALG_NEED_FALLBACK);
if (IS_ERR(fallback)) {
printk(KERN_ERR
@@ -79,10 +89,6 @@ static int p8_ghash_init_tfm(struct crypto_tfm *tfm)
crypto_shash_get_flags((struct crypto_shash
*) tfm));
ctx->fallback = fallback;
-
- shash_tfm->descsize = sizeof(struct p8_ghash_desc_ctx)
- + crypto_shash_descsize(fallback);
-
return 0;
}
diff --git a/drivers/crypto/vmx/vmx.c b/drivers/crypto/vmx/vmx.c
index 31a98dc..8a51149 100644
--- a/drivers/crypto/vmx/vmx.c
+++ b/drivers/crypto/vmx/vmx.c
@@ -28,6 +28,8 @@
#include <asm/cputable.h>
#include <crypto/internal/hash.h>
+int p8_ghash_fallback_descsize(void);
+
extern struct shash_alg p8_ghash_alg;
extern struct crypto_alg p8_aes_alg;
extern struct crypto_alg p8_aes_cbc_alg;
@@ -45,6 +47,7 @@ int __init p8_init(void)
{
int ret = 0;
struct crypto_alg **alg_it;
+ int ghash_descsize;
for (alg_it = algs; *alg_it; alg_it++) {
ret = crypto_register_alg(*alg_it);
@@ -59,6 +62,12 @@ int __init p8_init(void)
if (ret)
return ret;
+ ghash_descsize = p8_ghash_fallback_descsize();
+ if (ghash_descsize < 0) {
+ printk(KERN_ERR "Cannot get descsize for p8_ghash fallback\n");
+ return ghash_descsize;
+ }
+ p8_ghash_alg.descsize += ghash_descsize;
ret = crypto_register_shash(&p8_ghash_alg);
if (ret) {
for (alg_it = algs; *alg_it; alg_it++)
--
2.7.4
Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists