lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 21 Jul 2021 08:10:20 -0400
From:   Stefan Berger <stefanb@...ux.ibm.com>
To:     Mian Yousaf Kaukab <ykaukab@...e.de>, linux-crypto@...r.kernel.org,
        linux-kernel@...r.kernel.org
Cc:     davem@...emloft.net, herbert@...dor.apana.org.au, tiwai@...e.de,
        guillaume.gardet@....com
Subject: Re: [PATCH] crypto: ecc: handle unaligned input buffer in
 ecc_swap_digits


On 7/21/21 4:39 AM, Mian Yousaf Kaukab wrote:
> ecdsa_set_pub_key() makes an u64 pointer at 1 byte offset of the key.
> This results in an unaligned u64 pointer. This pointer is passed to
> ecc_swap_digits() which assumes natural alignment.
>
> This causes a kernel crash on an armv7 platform:
> [    0.409022] Unhandled fault: alignment exception (0x001) at 0xc2a0a6a9
> ...
> [    0.416982] PC is at ecdsa_set_pub_key+0xdc/0x120
> ...
> [    0.491492] Backtrace:
> [    0.492059] [<c07c266c>] (ecdsa_set_pub_key) from [<c07c75d4>] (test_akcipher_one+0xf4/0x6c0)
>
> Handle unaligned input buffer in ecc_swap_digits() by replacing
> be64_to_cpu() to get_unaligned_be64(). Change type of in pointer to
> void to reflect it doesn’t necessarily need to be aligned.
>
> Fixes: 4e6602916bc6 ("crypto: ecdsa - Add support for ECDSA signature verification")
> Reported-by: Guillaume Gardet <guillaume.gardet@....com>
> Suggested-by: Takashi Iwai <tiwai@...e.de>
> Signed-off-by: Mian Yousaf Kaukab <ykaukab@...e.de>


Tested-by: Stefan Berger <stefanb@...ux.ibm.com>


> ---
>   crypto/ecc.h | 5 +++--
>   1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/crypto/ecc.h b/crypto/ecc.h
> index a006132646a4..1350e8eb6ac2 100644
> --- a/crypto/ecc.h
> +++ b/crypto/ecc.h
> @@ -27,6 +27,7 @@
>   #define _CRYPTO_ECC_H
>   
>   #include <crypto/ecc_curve.h>
> +#include <asm/unaligned.h>
>   
>   /* One digit is u64 qword. */
>   #define ECC_CURVE_NIST_P192_DIGITS  3
> @@ -46,13 +47,13 @@
>    * @out:      Output array
>    * @ndigits:  Number of digits to copy
>    */
> -static inline void ecc_swap_digits(const u64 *in, u64 *out, unsigned int ndigits)
> +static inline void ecc_swap_digits(const void *in, u64 *out, unsigned int ndigits)
>   {
>   	const __be64 *src = (__force __be64 *)in;
>   	int i;
>   
>   	for (i = 0; i < ndigits; i++)
> -		out[i] = be64_to_cpu(src[ndigits - 1 - i]);
> +		out[i] = get_unaligned_be64(&src[ndigits - 1 - i]);
>   }
>   
>   /**

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ