lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 1 Apr 2024 14:22:01 +0000
From: Horia Geanta <horia.geanta@....com>
To: Aleksandr Aprelkov <aaprelkov@...rgate.com>
CC: Pankaj Gupta <pankaj.gupta@....com>, Gaurav Jain <gaurav.jain@....com>,
	Herbert Xu <herbert@...dor.apana.org.au>, "David S. Miller"
	<davem@...emloft.net>, "linux-crypto@...r.kernel.org"
	<linux-crypto@...r.kernel.org>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>, "lvc-project@...uxtesting.org"
	<lvc-project@...uxtesting.org>
Subject: Re: [PATCH] crypto: caam/qi2 - check for 0 rx/tx queues on setup

On 4/1/2024 11:26 AM, Aleksandr Aprelkov wrote:
> If num_rx_queues or num_tx_queues is 0, then division by zero occurs
> on j calculation.
> Also goto mark "err_get_rx_queue" used for tx queues too.
> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
> 
> Fixes: 8d818c105501 ("crypto: caam/qi2 - add DPAA2-CAAM driver")
> Signed-off-by: Aleksandr Aprelkov <aaprelkov@...rgate.com>
> ---
>  drivers/crypto/caam/caamalg_qi2.c | 11 ++++++++---
>  1 file changed, 8 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/crypto/caam/caamalg_qi2.c b/drivers/crypto/caam/caamalg_qi2.c
> index a4f6884416a0..07cb1aad758f 100644
> --- a/drivers/crypto/caam/caamalg_qi2.c
> +++ b/drivers/crypto/caam/caamalg_qi2.c
> @@ -5049,6 +5049,11 @@ static int __cold dpaa2_dpseci_setup(struct fsl_mc_device *ls_dev)
>  
>  	priv->num_pairs = min(priv->dpseci_attr.num_rx_queues,
>  			      priv->dpseci_attr.num_tx_queues);
> +	if (!priv->num_pairs) {
> +		err = -EINVAL;
> +		dev_err(dev, "one of queues number is 0\n");
> +		goto err_get_queues;
> +	}
dpseci objects are created in MC f/w using restool: https://github.com/nxp-qoriq/restool
restool validates the user-provided attributes of these objects,
including num_{rx,tx}_queues - which can't be zero, they must be at least 1.

More details in source code:
https://github.com/nxp-qoriq/restool/blob/master/dpseci_commands.c#L713
https://github.com/nxp-qoriq/restool/blob/master/dpseci_commands.c#L633

So thanks, but I don't think this check is required.

Horia

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ