lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <285479690@web.de>
Date:	Thu, 10 Jan 2008 11:43:03 +0100
From:	Torben Viets <Viets@....de>
To:	Herbert Xu <herbert@...dor.apana.org.au>
Cc:	linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: LRW/XTS + Via Padlock Bug in 2.6.24-rc7?

Thanks for the reply,

the patch doesn't work witch the patch utility, so I did it manually, hope this was rigth:

static void aes_crypt_copy(const u8 *in, u8 *out, u32 *key, struct cword *cword)
{
        u8 tmp[AES_BLOCK_SIZE * 2]
                __attribute__ ((__aligned__(PADLOCK_ALIGNMENT)));

        memcpy(tmp, in, AES_BLOCK_SIZE);
//      padlock_xcrypt(tmp, out, key, cword);
        padlock_xcrypt(tmp, tmp, key, cword);
        memcpy(out, tmp, AES_BLOCK_SIZE);
}

After rebuilding the kernel, I tried: cryptsetup -c aes-xts-plain -s 256 luksFormat /dev/raid/test

It does the same as before, dmesg says:

general protection fault: 0000 [#1] 
Modules linked in: xt_TCPMSS xt_tcpmss iptable_mangle ipt_MASQUERADE xt_tcpudp pppoe pppox xt_mark xt_state iptable_nat nf_nat nf_conntrack_ipv4 iptable_filter ip_tables x_tables af_packet ppp_generic slhc aes_i586 dm_crypt dm_mod

Pid: 4409, comm: kcryptd Not tainted (2.6.24-rc7 #2)
EIP: 0060:[<c03599cc>] EFLAGS: 00010282 CPU: 0
EIP is at aes_crypt_copy+0x2c/0x50
EAX: f62e1ff0 EBX: f60ab850 ECX: 00000001 EDX: f60ab830
ESI: f620dda8 EDI: f620dda8 EBP: f62e1ff0 ESP: f620dda8
 DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068
Process kcryptd (pid: 4409, ti=f620c000 task=f61f5030 task.ti=f620c000)
Stack: 638522f6 b587b135 a30487c5 d57aa809 f620de50 f620defc c02613e1 0000007b 
       f60ab850 f62e1ff0 f62e1ff0 f620de00 c0359ad6 f60ab830 f62e1ff0 f62e1ff0 
       00000010 c0267cfc f6edf6e0 f620de34 f620dea8 00000010 8f88b41a 3ba46549 
Call Trace:
 [<c02613e1>] blkcipher_walk_next+0x151/0x320
 [<c0359ad6>] aes_decrypt+0x56/0x60
 [<c0267cfc>] crypt+0xdc/0x110
 [<c0359a80>] aes_decrypt+0x0/0x60
 [<c0267e22>] decrypt+0x42/0x50
 [<c035a1c0>] aes_encrypt+0x0/0x60
 [<c0359a80>] aes_decrypt+0x0/0x60
 [<f886a7de>] crypt_convert_scatterlist+0x6e/0xe0 [dm_crypt]
 [<f886a9ea>] crypt_convert+0x19a/0x1c0 [dm_crypt]
 [<f886aa10>] kcryptd_do_crypt+0x0/0x260 [dm_crypt]
 [<f886aa59>] kcryptd_do_crypt+0x49/0x260 [dm_crypt]
 [<c011964a>] update_curr+0xfa/0x110
 [<f886aa10>] kcryptd_do_crypt+0x0/0x260 [dm_crypt]
 [<c012aeb6>] run_workqueue+0x66/0xe0
 [<c03f3339>] schedule+0x149/0x270
 [<c012b620>] worker_thread+0x0/0x100
 [<c012b6bd>] worker_thread+0x9d/0x100
 [<c012e4c0>] autoremove_wake_function+0x0/0x50
 [<c012b620>] worker_thread+0x0/0x100
 [<c012e182>] kthread+0x42/0x70
 [<c012e140>] kthread+0x0/0x70
 [<c0104acf>] kernel_thread_helper+0x7/0x18
 =======================
Code: ec 30 89 5c 24 20 89 cb 89 74 24 24 89 c6 89 7c 24 28 89 e7 89 6c 24 2c 89 d5 8b 54 24 34 a5 a5 a5 a5 b9 01 00 00 00 89 e6 89 e7 <f3> 0f a7 c8 89 ef 89 e6 a5 a5 a5 a5 8b 5c 24 20 8b 74 24 24 8b 
EIP: [<c03599cc>] aes_crypt_copy+0x2c/0x50 SS:ESP 0068:f620dda8
---[ end trace 927124c395b6378a ]---
note: kcryptd[4409] exited with preempt_count 1

One other strange thing ist, that after rebooting the entry:

 name         : xts(aes)
driver       : xts(aes-padlock)
module       : kernel
priority     : 300
refcnt       : 2
type         : blkcipher
blocksize    : 16
min keysize  : 32
max keysize  : 64
ivsize       : 16

is not visible in /proc/crypt (and of course not useable with cryptsetup), till I use /etc/init.d/udev restart. 

Sorry I don't no why this happens. I guess it is because of reloading the modules, these are my modules:

xt_TCPMSS               3840  1 
xt_tcpmss               2176  1 
iptable_mangle          2752  1 
ipt_MASQUERADE          3456  1 
xt_tcpudp               3136  6 
pppoe                  12800  2 
pppox                   3852  1 pppoe
xt_mark                 1792  1 
xt_state                2368  1 
iptable_nat             7236  1 
nf_nat                 17964  2 ipt_MASQUERADE,iptable_nat
nf_conntrack_ipv4       9988  3 iptable_nat
iptable_filter          2880  1 
ip_tables              12232  3 iptable_mangle,iptable_nat,iptable_filter
x_tables               14724  8 xt_TCPMSS,xt_tcpmss,ipt_MASQUERADE,xt_tcpudp,xt_mark,xt_state,iptable_nat,ip_tables
af_packet              21188  4 
ppp_generic            23700  6 pppoe,pppox
slhc                    6464  1 ppp_generic
aes_i586               33280  0 
dm_crypt               13956  1 
dm_mod                 54976  14 dm_crypt


grettings 
Torben Viets

> -----Ursprüngliche Nachricht-----
> Von: "Herbert Xu" <herbert@...dor.apana.org.au>
> Gesendet: 10.01.08 04:03:26
> An: Torben Viets <viets@....de>
> CC: linux-kernel@...r.kernel.org, Linux Crypto Mailing List <linux-crypto@...r.kernel.org>
> Betreff: Re: LRW/XTS + Via Padlock Bug in 2.6.24-rc7?


> 
> On Wed, Jan 09, 2008 at 10:55:27PM +0000, Torben Viets wrote:
> > 
> > eneral protection fault: 0000 [#1]
> > Modules linked in: xt_TCPMSS xt_tcpmss iptable_mangle ipt_MASQUERADE 
> > xt_tcpudp xt_mark xt_state iptable_nat nf_nat nf_conntrack_ipv4 
> > iptable_filter ip_tables x_tables pppoe pppox af_packet ppp_generic slhc 
> > aes_i586
> > CPU:    0
> > EIP:    0060:[<c035b828>]    Not tainted VLI
> > EFLAGS: 00010292   (2.6.23.12 #7)
> > EIP is at aes_crypt_copy+0x28/0x40
> > eax: f7639ff0   ebx: f6c24050   ecx: 00000001   edx: f6c24030
> > esi: f7e89dc8   edi: f7639ff0   ebp: 00010000   esp: f7e89dc8
> 
> Thanks for the report.  It would appear that your CPU goes one step
> further than the other report and insists on having two blocks in the
> destination too.
> 
> Please let me know whether this patch fixes the problem.
> 
> Thanks,
> -- 
> Visit Openswan at http://www.openswan.org/
> Email: Herbert Xu ~{PmV>HI~} <herbert@...dor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
> --
> diff --git a/drivers/crypto/padlock-aes.c b/drivers/crypto/padlock-aes.c
> index a337b69..ed3ae47 100644
> --- a/drivers/crypto/padlock-aes.c
> +++ b/drivers/crypto/padlock-aes.c
> @@ -433,7 +433,8 @@ static void aes_crypt_copy(const u8 *in, u8 *out, u32 *key, struct cword *cword)
>  		__attribute__ ((__aligned__(PADLOCK_ALIGNMENT)));
>  
>  	memcpy(tmp, in, AES_BLOCK_SIZE);
> -	padlock_xcrypt(tmp, out, key, cword);
> +	padlock_xcrypt(tmp, tmp, key, cword);
> +	memcpy(out, tmp, AES_BLOCK_SIZE);
>  }
>  
>  static inline void aes_crypt(const u8 *in, u8 *out, u32 *key,
> 


_______________________________________________________________________
Jetzt neu! Schützen Sie Ihren PC mit McAfee und WEB.DE. 30 Tage
kostenlos testen. http://www.pc-sicherheit.web.de/startseite/?mc=022220

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ