lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y2y78USk4bXRrRun@gondor.apana.org.au>
Date:   Thu, 10 Nov 2022 16:53:05 +0800
From:   Herbert Xu <herbert@...dor.apana.org.au>
To:     liulongfang <liulongfang@...wei.com>
Cc:     wangzhou1@...ilicon.com, linux-crypto@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] crypto/hisilicon: Add null judgment to the callback
 interface

On Thu, Nov 10, 2022 at 12:11:15PM +0800, liulongfang wrote:
>
> When using crypto's skcipher series interfaces for encryption and decryption
> services, User can use synchronous mode(by adjusting some skcipher interfaces,
> here is to remove skcipher_request_set_callback()) or asynchronous mode,
> but when using synchronous mode and the current asynchronous mode is loaded
> it will cause a calltrace.
> 
> The current problem is that the interface of skcipher does not restrict users
> to call functions in this way for encryption services.
> 
> If the current driver doesn't handle this, there is a possibility that some users
> deliberately create this kind of problem to cause the kernel to crash.

It sounds like your code is misusing the skcipher API.  By default
skcipher is always async.  You must always set a callback.

The only way to legally use skcipher without setting a callback
is by allocating it with crypto_alloc_sync_skcipher.  In which case
unless your driver incorrectly declares itself as sync instead of
async, then it will never be used by such a user.

Cheers,
-- 
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ