lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 11 Oct 2022 09:57:06 -0700
From:   Eric Biggers <ebiggers@...nel.org>
To:     Ten Gao <gaoyankaigeren@...il.com>
Cc:     Alim Akhtar <alim.akhtar@...sung.com>,
        Avri Altman <avri.altman@....com>,
        Bart Van Assche <bvanassche@....org>,
        "James E . J . Bottomley" <jejb@...ux.ibm.com>,
        Bean Huo <beanhuo@...ron.com>,
        Adrian Hunter <adrian.hunter@...el.com>,
        "Martin K . Petersen" <martin.petersen@...cle.com>,
        Mike Snitzer <snitzer@...hat.com>,
        Ulf Hansson <ulf.hansson@...aro.org>,
        Kiwoong Kim <kwmad.kim@...sung.com>,
        linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] ufs: core: remove encrypt when no data transfer

On Tue, Oct 11, 2022 at 03:21:26PM +0800, Ten Gao wrote:
> From: Ten Gao <ten.gao@...soc.com>
> 
> when there is no data transmission, ufs is unnecessary to encrypt.
> We need to adjust scsi crypto relation.
> 
> Signed-off-by: Ten Gao <ten.gao@...soc.com>
> ---
>  drivers/ufs/core/ufshcd-crypto.h | 10 ++++++----
>  include/ufs/ufshci.h             |  2 ++
>  2 files changed, 8 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/ufs/core/ufshcd-crypto.h b/drivers/ufs/core/ufshcd-crypto.h
> index 504cc841540b..5bc2a0cbdfa6 100644
> --- a/drivers/ufs/core/ufshcd-crypto.h
> +++ b/drivers/ufs/core/ufshcd-crypto.h
> @@ -30,10 +30,12 @@ ufshcd_prepare_req_desc_hdr_crypto(struct ufshcd_lrb *lrbp, u32 *dword_0,
>  				   u32 *dword_1, u32 *dword_3)
>  {
>  	if (lrbp->crypto_key_slot >= 0) {
> -		*dword_0 |= UTP_REQ_DESC_CRYPTO_ENABLE_CMD;
> -		*dword_0 |= lrbp->crypto_key_slot;
> -		*dword_1 = lower_32_bits(lrbp->data_unit_num);
> -		*dword_3 = upper_32_bits(lrbp->data_unit_num);
> +		if ((*dword_0 & UTRD_DIRECTION) != UTP_NO_DATA_TRANSFER) {
> +			*dword_0 |= UTP_REQ_DESC_CRYPTO_ENABLE_CMD;
> +			*dword_0 |= lrbp->crypto_key_slot;
> +			*dword_1 = lower_32_bits(lrbp->data_unit_num);
> +			*dword_3 = upper_32_bits(lrbp->data_unit_num);
> +		}
>  	}
>  }

This is very dangerous, as it will silently skip en/decryption.  Why was a
keyslot assigned in the first place if the I/O doesn't need en/decryption?

- Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ