lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 10 Jan 2020 08:46:12 +0000
From:   Horia Geanta <horia.geanta@....com>
To:     Iuliana Prodan <iuliana.prodan@....com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        Aymen Sghaier <aymen.sghaier@....com>
CC:     "David S. Miller" <davem@...emloft.net>,
        "linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        dl-linux-imx <linux-imx@....com>
Subject: Re: [PATCH v2 09/10] crypto: caam - add crypto_engine support for RSA
 algorithms

On 1/3/2020 3:03 AM, Iuliana Prodan wrote:
> +static int akcipher_enqueue_req(struct device *jrdev, u32 *desc,
> +				void (*cbk)(struct device *jrdev, u32 *desc,
> +					    u32 err, void *context),
> +				struct akcipher_request *req,
> +				struct rsa_edesc *edesc)
> +{
> +	struct caam_drv_private_jr *jrpriv = dev_get_drvdata(jrdev);
> +	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
> +	struct caam_rsa_ctx *ctx = akcipher_tfm_ctx(tfm);
> +	struct caam_rsa_key *key = &ctx->key;
> +	int ret;
> +
> +	if (req->base.flags & CRYPTO_TFM_REQ_MAY_BACKLOG)
> +		return crypto_transfer_akcipher_request_to_engine(jrpriv->engine,
> +								  req);
Resource leak in case transfer fails.

> +	else
> +		ret = caam_jr_enqueue(jrdev, desc, cbk, &edesc->jrentry);
What's the problem with transferring all requests to crypto engine?

> +
> +	if (ret != -EINPROGRESS) {
> +		switch (key->priv_form) {
> +		case FORM1:
> +			rsa_priv_f1_unmap(jrdev, edesc, req);
> +			break;
> +		case FORM2:
> +			rsa_priv_f2_unmap(jrdev, edesc, req);
> +			break;
> +		case FORM3:
> +			rsa_priv_f3_unmap(jrdev, edesc, req);
> +			break;
> +		default:
> +			rsa_pub_unmap(jrdev, edesc, req);
> +		}
> +		rsa_io_unmap(jrdev, edesc, req);
> +		kfree(edesc);
> +	}
> +
> +	return ret;
> +}
> +
>  static int caam_rsa_enc(struct akcipher_request *req)
>  {
>  	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
>  	struct caam_rsa_ctx *ctx = akcipher_tfm_ctx(tfm);
> +	struct caam_rsa_req_ctx *req_ctx = akcipher_request_ctx(req);
>  	struct caam_rsa_key *key = &ctx->key;
>  	struct device *jrdev = ctx->dev;
>  	struct rsa_edesc *edesc;
> @@ -637,13 +726,9 @@ static int caam_rsa_enc(struct akcipher_request *req)
>  	/* Initialize Job Descriptor */
>  	init_rsa_pub_desc(edesc->hw_desc, &edesc->pdb.pub);
>  
> -	ret = caam_jr_enqueue(jrdev, edesc->hw_desc, rsa_pub_done,
> -			      &edesc->jrentry);
> -	if (ret == -EINPROGRESS)
> -		return ret;
> -
> -	rsa_pub_unmap(jrdev, edesc, req);
> -
> +	req_ctx->akcipher_op_done = rsa_pub_done;
This initialization could be moved into akcipher_enqueue_req().

> +	return akcipher_enqueue_req(jrdev, edesc->hw_desc, rsa_pub_done,
> +				    req, edesc);
edesc, edesc->hw_desc parameters not needed - can be deduced internally
via req -> req_ctx -> edesc- > hw_desc.

Horia

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ