lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20230110135042.2940847-12-vincent.whitchurch@axis.com>
Date:   Tue, 10 Jan 2023 14:50:41 +0100
From:   Vincent Whitchurch <vincent.whitchurch@...s.com>
To:     <herbert@...dor.apana.org.au>, <davem@...emloft.net>,
        <jesper.nilsson@...s.com>, <lars.persson@...s.com>
CC:     <kernel@...s.com>,
        Vincent Whitchurch <vincent.whitchurch@...s.com>,
        <linux-crypto@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [PATCH 11/12] crypto: axis - handle zero cryptlen

Succeed zero length operations to prevent hangs/failures with various
CRYPTO_MANAGER_EXTRA_TESTS such as:

 artpec6-ecb-aes "random: len=0 klen=32" encryption random:
 inplace_two_sglists may_sleep use_finup src_divs=[100.0%@...43]
 key_offset=93

For XTS, sizes lesser than the block size need to be explicitly rejected
to prevent errors like this:

 alg: skcipher: artpec6-xts-aes encryption unexpectedly succeeded on test
 vector "random: len=0 klen=64"; expected_error=-22, cfg="rando m:
 use_final nosimd src_divs=[<reimport>100.0%@...91]
 dst_divs=[73.80%@...03, 26.20%@+16] iv_offset=68"

Signed-off-by: Vincent Whitchurch <vincent.whitchurch@...s.com>
---
 drivers/crypto/axis/artpec6_crypto.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/drivers/crypto/axis/artpec6_crypto.c b/drivers/crypto/axis/artpec6_crypto.c
index 5eccb5a3a52e..938faf3afa69 100644
--- a/drivers/crypto/axis/artpec6_crypto.c
+++ b/drivers/crypto/axis/artpec6_crypto.c
@@ -1097,6 +1097,9 @@ static int __artpec6_crypto_encrypt(struct skcipher_request *req)
 	void (*complete)(struct crypto_async_request *req);
 	int ret;
 
+	if (!req->cryptlen)
+		return 0;
+
 	req_ctx = skcipher_request_ctx(req);
 
 	switch (ctx->crypto_type) {
@@ -1145,6 +1148,9 @@ static int __artpec6_crypto_decrypt(struct skcipher_request *req)
 	struct artpec6_crypto_request_context *req_ctx = NULL;
 	void (*complete)(struct crypto_async_request *req);
 
+	if (!req->cryptlen)
+		return 0;
+
 	req_ctx = skcipher_request_ctx(req);
 
 	switch (ctx->crypto_type) {
@@ -1311,6 +1317,9 @@ static int artpec6_crypto_ctr_decrypt(struct skcipher_request *req)
 
 static int artpec6_crypto_xts_encrypt(struct skcipher_request *req)
 {
+	if (req->cryptlen < AES_BLOCK_SIZE)
+		return -EINVAL;
+
 	/* Hardware does not implement ciphertext stealing */
 	if (!IS_ALIGNED(req->cryptlen, AES_BLOCK_SIZE))
 		return artpec6_crypto_crypt_fallback(req, true);
@@ -1320,6 +1329,9 @@ static int artpec6_crypto_xts_encrypt(struct skcipher_request *req)
 
 static int artpec6_crypto_xts_decrypt(struct skcipher_request *req)
 {
+	if (req->cryptlen < AES_BLOCK_SIZE)
+		return -EINVAL;
+
 	/* Hardware does not implement ciphertext stealing */
 	if (!IS_ALIGNED(req->cryptlen, AES_BLOCK_SIZE))
 		return artpec6_crypto_crypt_fallback(req, false);
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ