| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aFL9LsQQdG3WTjUD@vaman> Date: Wed, 18 Jun 2025 23:23:50 +0530 From: Vinod Koul <vkoul@...nel.org> To: Herbert Xu <herbert@...dor.apana.org.au> Cc: T Pratham <t-pratham@...com>, "David S. Miller" <davem@...emloft.net>, Kamlesh Gurudasani <kamlesh@...com>, Vignesh Raghavendra <vigneshr@...com>, Praneeth Bajjuri <praneeth@...com>, Manorit Chawdhry <m-chawdhry@...com>, linux-kernel@...r.kernel.org, linux-crypto@...r.kernel.org, dmaengine@...r.kernel.org Subject: Re: [PATCH v5 2/2] crypto: ti: Add driver for DTHE V2 AES Engine (ECB, CBC) On 11-06-25, 17:53, Herbert Xu wrote: > On Tue, Jun 03, 2025 at 06:07:29PM +0530, T Pratham wrote: > > > > + // Need to do a timeout to ensure finalise gets called if DMA callback fails for any reason > > + ret = wait_for_completion_timeout(&rctx->aes_compl, msecs_to_jiffies(DTHE_DMA_TIMEOUT_MS)); > > This doesn't look safe. What if the callback is invoked after a > timeout? That would be a UAF. > > Does the DMA engine provide any timeout mechanism? If not, then > you could do it with a delayed work struct. Just make sure that > you cancel the work struct in the normal path callback. Vice versa > you need to terminate the DMA job in the timeout work struct. Typically no. Most of the hardware may not have capability, so we have apis to terminate. -- ~Vinod
Powered by blists - more mailing lists