lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 24 Jul 2014 21:38:23 +0800
From:	Herbert Xu <herbert@...dor.apana.org.au>
To:	Corentin LABBE <clabbe.montjoie@...il.com>
Cc:	robh+dt@...nel.org, pawel.moll@....com, mark.rutland@....com,
	ijc+devicetree@...lion.org.uk, galak@...eaurora.org,
	rdunlap@...radead.org, maxime.ripard@...e-electrons.com,
	linux@....linux.org.uk, davem@...emloft.net,
	grant.likely@...aro.org, devicetree@...r.kernel.org,
	linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
	linux-crypto@...r.kernel.org
Subject: Re: [PATCH v4 3/3] crypto: Add Allwinner Security System crypto
 accelerator

On Thu, Jul 24, 2014 at 01:04:55PM +0200, Corentin LABBE wrote:
> Le 24/07/2014 08:00, Herbert Xu a écrit :
> > On Sat, Jul 12, 2014 at 02:59:13PM +0200, LABBE Corentin wrote:
> >>
> >> +/* sunxi_hash_init: initialize request context
> >> + * Activate the SS, and configure it for MD5 or SHA1
> >> + */
> >> +int sunxi_hash_init(struct ahash_request *areq)
> >> +{
> >> +	const char *hash_type;
> >> +	struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
> >> +	struct sunxi_req_ctx *op = crypto_ahash_ctx(tfm);
> >> +
> >> +	mutex_lock(&ss->lock);
> >> +
> >> +	hash_type = crypto_tfm_alg_name(areq->base.tfm);
> >> +
> >> +	op->byte_count = 0;
> >> +	op->nbwait = 0;
> >> +	op->waitbuf = 0;
> >> +
> >> +	/* Enable and configure SS for MD5 or SHA1 */
> >> +	if (strcmp(hash_type, "sha1") == 0)
> >> +		op->mode = SS_OP_SHA1;
> >> +	else
> >> +		op->mode = SS_OP_MD5;
> >> +
> >> +	writel(op->mode | SS_ENABLED, ss->base + SS_CTL);
> >> +	return 0;
> > 
> > The hash driver is completely broken.  You are modifying tfm
> > ctx data which is shared by all users of a single tfm.  So
> > if two users conduct hashes in parallel they will step all
> > over each other.
> 
> So where can I store data for each request ?

Well, first of all you need to stop storing state in the hardware.
After each operation the hardware may be used by some other user
for a completely different hash request.  So leaving the hash state
in the hardware is a no-no.

If your hardware supports exporting the hash state then you just
have to export it after each operation and reimporting before the
next one.

If your hardware is incapable of exporting partial hash state then
you will have to use a software fallback for init/update.  If your
hardware is incapable of importing partial hash state then you will
also have to do finup/final using a software fallback.

Cheers,
-- 
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists