lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <40a0e7aa-362a-0de7-76c0-77381c07f254@huawei.com>
Date:   Thu, 10 Nov 2022 12:11:15 +0800
From:   liulongfang <liulongfang@...wei.com>
To:     Herbert Xu <herbert@...dor.apana.org.au>
CC:     <wangzhou1@...ilicon.com>, <linux-crypto@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] crypto/hisilicon: Add null judgment to the callback
 interface

On 2022/11/10 11:20, Herbert Xu wrote:
> On Thu, Nov 10, 2022 at 10:03:53AM +0800, liulongfang wrote:
> .
>> This problem occurs in the application code of the encryption usage scenario
>> (unfortunately, these codes are not open to the public and cannot be given to you),
> 
> Are you saying this requires out-of-tree kernel code to trigger?
> 

Yes, this problem is triggered by application layer code,
but it happens on kernel driver code.

> Then you should fix that out-of-tree code.
>
When using crypto's skcipher series interfaces for encryption and decryption
services, User can use synchronous mode(by adjusting some skcipher interfaces,
here is to remove skcipher_request_set_callback()) or asynchronous mode,
but when using synchronous mode and the current asynchronous mode is loaded
it will cause a calltrace.

The current problem is that the interface of skcipher does not restrict users
to call functions in this way for encryption services.

If the current driver doesn't handle this, there is a possibility that some users
deliberately create this kind of problem to cause the kernel to crash.

> Thanks,
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ