lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 26 May 2020 12:00:33 +0000
From:   "Gonglei (Arei)" <arei.gonglei@...wei.com>
To:     "Longpeng (Mike, Cloud Infrastructure Service Product Dept.)" 
        <longpeng2@...wei.com>,
        "linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>
CC:     LABBE Corentin <clabbe@...libre.com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        "Michael S. Tsirkin" <mst@...hat.com>,
        "Jason Wang" <jasowang@...hat.com>,
        "David S. Miller" <davem@...emloft.net>,
        "Markus Elfring" <Markus.Elfring@....de>,
        "virtualization@...ts.linux-foundation.org" 
        <virtualization@...ts.linux-foundation.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "stable@...r.kernel.org" <stable@...r.kernel.org>
Subject: RE: [PATCH v2 2/2] crypto: virtio: Fix use-after-free in
 virtio_crypto_skcipher_finalize_req()


> -----Original Message-----
> From: Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
> Sent: Tuesday, May 26, 2020 11:20 AM
> To: linux-crypto@...r.kernel.org
> Cc: Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
> <longpeng2@...wei.com>; LABBE Corentin <clabbe@...libre.com>; Gonglei
> (Arei) <arei.gonglei@...wei.com>; Herbert Xu
> <herbert@...dor.apana.org.au>; Michael S. Tsirkin <mst@...hat.com>; Jason
> Wang <jasowang@...hat.com>; David S. Miller <davem@...emloft.net>;
> Markus Elfring <Markus.Elfring@....de>;
> virtualization@...ts.linux-foundation.org; linux-kernel@...r.kernel.org;
> stable@...r.kernel.org
> Subject: [PATCH v2 2/2] crypto: virtio: Fix use-after-free in
> virtio_crypto_skcipher_finalize_req()
> 
> The system'll crash when the users insmod crypto/tcrypto.ko with mode=155
> ( testing "authenc(hmac(sha1),cbc(aes))" ). It's caused by reuse the memory of
> request structure.
> 
> In crypto_authenc_init_tfm(), the reqsize is set to:
>   [PART 1] sizeof(authenc_request_ctx) +
>   [PART 2] ictx->reqoff +
>   [PART 3] MAX(ahash part, skcipher part) and the 'PART 3' is used by both
> ahash and skcipher in turn.
> 
> When the virtio_crypto driver finish skcipher req, it'll call ->complete callback(in
> crypto_finalize_skcipher_request) and then free its resources whose pointers
> are recorded in 'skcipher parts'.
> 
> However, the ->complete is 'crypto_authenc_encrypt_done' in this case, it will
> use the 'ahash part' of the request and change its content, so virtio_crypto
> driver will get the wrong pointer after ->complete finish and mistakenly free
> some other's memory. So the system will crash when these memory will be used
> again.
> 
> The resources which need to be cleaned up are not used any more. But the
> pointers of these resources may be changed in the function
> "crypto_finalize_skcipher_request". Thus release specific resources before
> calling this function.
> 
> Fixes: dbaf0624ffa5 ("crypto: add virtio-crypto driver")
> Reported-by: LABBE Corentin <clabbe@...libre.com>
> Cc: Gonglei <arei.gonglei@...wei.com>
> Cc: Herbert Xu <herbert@...dor.apana.org.au>
> Cc: "Michael S. Tsirkin" <mst@...hat.com>
> Cc: Jason Wang <jasowang@...hat.com>
> Cc: "David S. Miller" <davem@...emloft.net>
> Cc: Markus Elfring <Markus.Elfring@....de>
> Cc: virtualization@...ts.linux-foundation.org
> Cc: linux-kernel@...r.kernel.org
> Cc: stable@...r.kernel.org
> Message-Id: <20200123101000.GB24255@Red>
> Signed-off-by: Longpeng(Mike) <longpeng2@...wei.com>
> ---

Acked-by: Gonglei <arei.gonglei@...wei.com>

Regards,
-Gonglei

>  drivers/crypto/virtio/virtio_crypto_algs.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/crypto/virtio/virtio_crypto_algs.c
> b/drivers/crypto/virtio/virtio_crypto_algs.c
> index 5f8243563009..52261b6c247e 100644
> --- a/drivers/crypto/virtio/virtio_crypto_algs.c
> +++ b/drivers/crypto/virtio/virtio_crypto_algs.c
> @@ -582,10 +582,11 @@ static void virtio_crypto_skcipher_finalize_req(
>  		scatterwalk_map_and_copy(req->iv, req->dst,
>  					 req->cryptlen - AES_BLOCK_SIZE,
>  					 AES_BLOCK_SIZE, 0);
> -	crypto_finalize_skcipher_request(vc_sym_req->base.dataq->engine,
> -					   req, err);
>  	kzfree(vc_sym_req->iv);
>  	virtcrypto_clear_request(&vc_sym_req->base);
> +
> +	crypto_finalize_skcipher_request(vc_sym_req->base.dataq->engine,
> +					   req, err);
>  }
> 
>  static struct virtio_crypto_algo virtio_crypto_algs[] = { {
> --
> 2.23.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ