| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Nov 2022 16:53:05 +0800
From: Herbert Xu <herbert@...dor.apana.org.au>
To: liulongfang <liulongfang@...wei.com>
Cc: wangzhou1@...ilicon.com, linux-crypto@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] crypto/hisilicon: Add null judgment to the callback
interface
On Thu, Nov 10, 2022 at 12:11:15PM +0800, liulongfang wrote:
>
> When using crypto's skcipher series interfaces for encryption and decryption
> services, User can use synchronous mode(by adjusting some skcipher interfaces,
> here is to remove skcipher_request_set_callback()) or asynchronous mode,
> but when using synchronous mode and the current asynchronous mode is loaded
> it will cause a calltrace.
>
> The current problem is that the interface of skcipher does not restrict users
> to call functions in this way for encryption services.
>
> If the current driver doesn't handle this, there is a possibility that some users
> deliberately create this kind of problem to cause the kernel to crash.
It sounds like your code is misusing the skcipher API. By default
skcipher is always async. You must always set a callback.
The only way to legally use skcipher without setting a callback
is by allocating it with crypto_alloc_sync_skcipher. In which case
unless your driver incorrectly declares itself as sync instead of
async, then it will never be used by such a user.
Cheers,
--
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Powered by blists - more mailing lists