lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <96f311d4cb0b95752cfefd424fe0f7c3@linux.ibm.com>
Date:   Wed, 18 May 2022 08:50:57 +0200
From:   Harald Freudenberger <freude@...ux.ibm.com>
To:     undisclosed-recipients:;
Subject: Re: [PATCH] s390/crypto: fix scatterwalk_unmap() callers in AES-GCM

On 2022-05-17 20:01, Heiko Carstens wrote:
> On Tue, May 17, 2022 at 04:30:47PM +0200, Jann Horn wrote:
>> The argument of scatterwalk_unmap() is supposed to be the void* that 
>> was
>> returned by the previous scatterwalk_map() call.
>> The s390 AES-GCM implementation was instead passing the pointer to the
>> struct scatter_walk.
>> 
>> This doesn't actually break anything because scatterwalk_unmap() only 
>> uses
>> its argument under CONFIG_HIGHMEM and ARCH_HAS_FLUSH_ON_KUNMAP.
>> 
>> Note that I have not tested this patch in any way, not even 
>> compile-tested
>> it.
>> 
>> Fixes: bf7fa038707c ("s390/crypto: add s390 platform specific aes gcm 
>> support.")
>> Signed-off-by: Jann Horn <jannh@...gle.com>
>> ---
>> IDK which tree this has to go through - s390 or crypto?
>> maybe s390 is better, since they can actually test it?
>> 
>>  arch/s390/crypto/aes_s390.c | 4 ++--
>>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> This can go via the s390 tree, however I'd like to have an ACK from
> Harald, who wrote the original code.
> 
>> diff --git a/arch/s390/crypto/aes_s390.c b/arch/s390/crypto/aes_s390.c
>> index 54c7536f2482..1023e9d43d44 100644
>> --- a/arch/s390/crypto/aes_s390.c
>> +++ b/arch/s390/crypto/aes_s390.c
>> @@ -701,7 +701,7 @@ static inline void 
>> _gcm_sg_unmap_and_advance(struct gcm_sg_walk *gw,
>>  					     unsigned int nbytes)
>>  {
>>  	gw->walk_bytes_remain -= nbytes;
>> -	scatterwalk_unmap(&gw->walk);
>> +	scatterwalk_unmap(gw->walk_ptr);
>>  	scatterwalk_advance(&gw->walk, nbytes);
>>  	scatterwalk_done(&gw->walk, 0, gw->walk_bytes_remain);
>>  	gw->walk_ptr = NULL;
>> @@ -776,7 +776,7 @@ static int gcm_out_walk_go(struct gcm_sg_walk *gw, 
>> unsigned int minbytesneeded)
>>  		goto out;
>>  	}
>> 
>> -	scatterwalk_unmap(&gw->walk);
>> +	scatterwalk_unmap(gw->walk_ptr);
>>  	gw->walk_ptr = NULL;
>> 
>>  	gw->ptr = gw->buf;
>> 
>> base-commit: 42226c989789d8da4af1de0c31070c96726d990c
>> --
>> 2.36.0.550.gb090851708-goog
>> 
Give me a chance to test this and when the testcases all pass, I'll give 
a green light....

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ