lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 21 Jan 2022 19:33:10 +0530
From:   Shijith Thotton <sthotton@...vell.com>
To:     Arnaud Ebalard <arno@...isbad.org>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        Boris Brezillon <bbrezillon@...nel.org>
CC:     Shijith Thotton <sthotton@...vell.com>,
        <linux-crypto@...r.kernel.org>, <jerinj@...vell.com>,
        <sgoutham@...vell.com>, Srujana Challa <schalla@...vell.com>,
        "David S. Miller" <davem@...emloft.net>,
        "Lukasz Bartosik" <lbartosik@...vell.com>,
        Suheil Chandran <schandran@...vell.com>,
        chiminghao <chi.minghao@....com.cn>,
        Ovidiu Panait <ovidiu.panait@...driver.com>,
        open list <linux-kernel@...r.kernel.org>
Subject: [PATCH] crypto: octeontx2: fix NULL pointer dereference

CONFIG_DM_CRYPT is checked before registering ciphers, but not before
unregister. This could lead to a NULL pointer dereference during driver
release (in unregister) if CONFIG_DM_CRYPT is enabled.

...
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008
...
Call trace:
 crypto_unregister_alg+0x68/0xfc
 crypto_unregister_skciphers+0x44/0x60
 otx2_cpt_crypto_exit+0x100/0x1a0
 otx2_cptvf_remove+0xf8/0x200
 pci_device_remove+0x3c/0xd4
 __device_release_driver+0x188/0x234
 device_release_driver+0x2c/0x4c
...

Added a CONFIG_DM_CRYPT check, similar to register, in unregister to
avoid this.

Signed-off-by: Shijith Thotton <sthotton@...vell.com>
---
 drivers/crypto/marvell/octeontx2/otx2_cptvf_algs.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/marvell/octeontx2/otx2_cptvf_algs.c b/drivers/crypto/marvell/octeontx2/otx2_cptvf_algs.c
index 2748a3327e39..620fa9b23e78 100644
--- a/drivers/crypto/marvell/octeontx2/otx2_cptvf_algs.c
+++ b/drivers/crypto/marvell/octeontx2/otx2_cptvf_algs.c
@@ -1650,7 +1650,7 @@ static inline int cpt_register_algs(void)
 
 	err = crypto_register_aeads(otx2_cpt_aeads,
 				    ARRAY_SIZE(otx2_cpt_aeads));
-	if (err) {
+	if (err && !IS_ENABLED(CONFIG_DM_CRYPT)) {
 		crypto_unregister_skciphers(otx2_cpt_skciphers,
 					    ARRAY_SIZE(otx2_cpt_skciphers));
 		return err;
@@ -1661,8 +1661,9 @@ static inline int cpt_register_algs(void)
 
 static inline void cpt_unregister_algs(void)
 {
-	crypto_unregister_skciphers(otx2_cpt_skciphers,
-				    ARRAY_SIZE(otx2_cpt_skciphers));
+	if (!IS_ENABLED(CONFIG_DM_CRYPT))
+		crypto_unregister_skciphers(otx2_cpt_skciphers,
+					    ARRAY_SIZE(otx2_cpt_skciphers));
 	crypto_unregister_aeads(otx2_cpt_aeads, ARRAY_SIZE(otx2_cpt_aeads));
 }
 
-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ