| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 27 Jan 2020 18:40:35 -0800
From: Eric Biggers <ebiggers@...nel.org>
To: Gilad Ben-Yossef <gilad@...yossef.com>
Cc: Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>,
Ofir Drang <ofir.drang@....com>, linux-crypto@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] crypto: testmgr - properly mark the end of scatterlist
On Mon, Jan 27, 2020 at 02:33:11PM +0200, Gilad Ben-Yossef wrote:
> The inauthentic AEAD test were using a scatterlist which
> could have a mismarked end node.
>
> Fixes: 49763fc6b1 ("crypto: testmgr - generate inauthentic AEAD test vectors")
> Signed-off-by: Gilad Ben-Yossef <gilad@...yossef.com>
>
> ---
> crypto/testmgr.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/crypto/testmgr.c b/crypto/testmgr.c
> index 88f33c0efb23..6c432aecff97 100644
> --- a/crypto/testmgr.c
> +++ b/crypto/testmgr.c
> @@ -2225,6 +2225,8 @@ static void generate_aead_message(struct aead_request *req,
> generate_random_bytes((u8 *)vec->ptext, vec->plen);
> sg_set_buf(&src[i++], vec->ptext, vec->plen);
> }
> + if (i)
> + sg_mark_end(&src[(i-1)]);
> sg_init_one(&dst, vec->ctext, vec->alen + vec->clen);
> memcpy(iv, vec->iv, ivsize);
> aead_request_set_callback(req, 0, crypto_req_done, &wait);
As I responded in the other thread
(https://lkml.kernel.org/linux-crypto/20200128023455.GC960@sol.localdomain/),
I'm not sure this is really a bug. There's a length passed along with the
scatterlist, and my understanding is that algorithms aren't supposed to look
beyond that length. So the scatterlist end marker isn't really relevant.
- Eric
Powered by blists - more mailing lists