| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Oct 2017 09:18:59 -0700
From: Tim Chen <tim.c.chen@...ux.intel.com>
To: Andrey Ryabinin <aryabinin@...tuozzo.com>,
Herbert Xu <herbert@...dor.apana.org.au>
Cc: "David S. Miller" <davem@...emloft.net>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>, x86@...nel.org,
Linus Torvalds <torvalds@...ux-foundation.org>,
Jeffrey Walton <noloader@...il.com>,
Megha Dey <megha.dey@...ux.intel.com>,
Andy Lutomirski <luto@...nel.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
stable@...r.kernel.org
Subject: Re: [PATCH 1/2] x86/crypto/sha256-mb: fix panic due to unaligned
access
On 10/16/2017 08:51 AM, Andrey Ryabinin wrote:
> struct sha256_ctx_mgr allocated in sha256_mb_mod_init() via kzalloc()
> and later passed in sha256_mb_flusher_mgr_flush_avx2() function where
> instructions vmovdqa used to access the struct. vmovdqa requires
> 16-bytes aligned argument, but nothing guarantees that struct
> sha256_ctx_mgr will have that alignment. Unaligned vmovdqa will
> generate GP fault.
>
> Fix this by replacing vmovdqa with vmovdqu which doesn't have alignment
> requirements.
Using vmovdqu will be a bit slower if the structure is unaligned.
However, flush is done on the non performance critical path so
I don't expect this will be an issue to performance.
Thanks.
Tim
Acked-by: Tim Chen
>
> Fixes: a377c6b1876e ("crypto: sha256-mb - submit/flush routines for AVX2")
> Reported-by: Josh Poimboeuf <jpoimboe@...hat.com>
> Signed-off-by: Andrey Ryabinin <aryabinin@...tuozzo.com>
> Cc: <stable@...r.kernel.org>
> ---
> arch/x86/crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S | 12 ++++++------
> 1 file changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/arch/x86/crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S b/arch/x86/crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S
> index 8fe6338bcc84..16c4ccb1f154 100644
> --- a/arch/x86/crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S
> +++ b/arch/x86/crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S
> @@ -155,8 +155,8 @@ LABEL skip_ %I
> .endr
>
> # Find min length
> - vmovdqa _lens+0*16(state), %xmm0
> - vmovdqa _lens+1*16(state), %xmm1
> + vmovdqu _lens+0*16(state), %xmm0
> + vmovdqu _lens+1*16(state), %xmm1
>
> vpminud %xmm1, %xmm0, %xmm2 # xmm2 has {D,C,B,A}
> vpalignr $8, %xmm2, %xmm3, %xmm3 # xmm3 has {x,x,D,C}
> @@ -176,8 +176,8 @@ LABEL skip_ %I
> vpsubd %xmm2, %xmm0, %xmm0
> vpsubd %xmm2, %xmm1, %xmm1
>
> - vmovdqa %xmm0, _lens+0*16(state)
> - vmovdqa %xmm1, _lens+1*16(state)
> + vmovdqu %xmm0, _lens+0*16(state)
> + vmovdqu %xmm1, _lens+1*16(state)
>
> # "state" and "args" are the same address, arg1
> # len is arg2
> @@ -234,8 +234,8 @@ ENTRY(sha256_mb_mgr_get_comp_job_avx2)
> jc .return_null
>
> # Find min length
> - vmovdqa _lens(state), %xmm0
> - vmovdqa _lens+1*16(state), %xmm1
> + vmovdqu _lens(state), %xmm0
> + vmovdqu _lens+1*16(state), %xmm1
>
> vpminud %xmm1, %xmm0, %xmm2 # xmm2 has {D,C,B,A}
> vpalignr $8, %xmm2, %xmm3, %xmm3 # xmm3 has {x,x,D,C}
>
Powered by blists - more mailing lists