lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <0d5cfbd5-8675-290b-f840-d9121872f8da@amd.com>
Date:   Tue, 6 Mar 2018 12:04:04 -0600
From:   Tom Lendacky <thomas.lendacky@....com>
To:     Kamil Konieczny <k.konieczny@...tner.samsung.com>,
        Herbert Xu <herbert@...dor.apana.org.au>
Cc:     "David S. Miller" <davem@...emloft.net>,
        Bartlomiej Zolnierkiewicz <b.zolnierkie@...sung.com>,
        linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] crypto: hash.h: Prevent use of req->digest in ahash
 update

On 3/6/2018 5:45 AM, Kamil Konieczny wrote:
> Prevent improper use of req->digest field in ahash update, init, export and

Shouldn't that be req->result (here and below)?

Thanks,
Tom

> import functions in drivers code. A driver should use ahash request context
> if it needs to save internal state.
> 
> Signed-off-by: Kamil Konieczny <k.konieczny@...tner.samsung.com>
> ---
>  include/crypto/hash.h | 11 +++++++----
>  1 file changed, 7 insertions(+), 4 deletions(-)
> 
> diff --git a/include/crypto/hash.h b/include/crypto/hash.h
> index 2d1849dffb80..e97c2e662d6a 100644
> --- a/include/crypto/hash.h
> +++ b/include/crypto/hash.h
> @@ -74,7 +74,8 @@ struct ahash_request {
>   * @init: **[mandatory]** Initialize the transformation context. Intended only to initialize the
>   *	  state of the HASH transformation at the beginning. This shall fill in
>   *	  the internal structures used during the entire duration of the whole
> - *	  transformation. No data processing happens at this point.
> + *	  transformation. No data processing happens at this point. Driver code
> + *	  implementation must not use req->digest.
>   * @update: **[mandatory]** Push a chunk of data into the driver for transformation. This
>   *	   function actually pushes blocks of data from upper layers into the
>   *	   driver, which then passes those to the hardware as seen fit. This
> @@ -83,7 +84,8 @@ struct ahash_request {
>   *	   transformation. This function shall not modify the transformation
>   *	   context, as this function may be called in parallel with the same
>   *	   transformation object. Data processing can happen synchronously
> - *	   [SHASH] or asynchronously [AHASH] at this point.
> + *	   [SHASH] or asynchronously [AHASH] at this point. Driver must not use
> + *	   req->digest.
>   * @final: **[mandatory]** Retrieve result from the driver. This function finalizes the
>   *	   transformation and retrieves the resulting hash from the driver and
>   *	   pushes it back to upper layers. No data processing happens at this
> @@ -120,11 +122,12 @@ struct ahash_request {
>   *	    you want to save partial result of the transformation after
>   *	    processing certain amount of data and reload this partial result
>   *	    multiple times later on for multiple re-use. No data processing
> - *	    happens at this point.
> + *	    happens at this point. Driver must not use req->digest.
>   * @import: Import partial state of the transformation. This function loads the
>   *	    entire state of the ongoing transformation from a provided block of
>   *	    data so the transformation can continue from this point onward. No
> - *	    data processing happens at this point.
> + *	    data processing happens at this point. Driver must not use
> + *	    req->digest.
>   * @halg: see struct hash_alg_common
>   */
>  struct ahash_alg {
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ