lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20251007141852.726540-1-t-pratham@ti.com>
Date: Tue, 7 Oct 2025 19:27:51 +0530
From: T Pratham <t-pratham@...com>
To: Herbert Xu <herbert@...dor.apana.org.au>,
        "David S. Miller"
	<davem@...emloft.net>
CC: T Pratham <t-pratham@...com>, Manorit Chawdhry <m-chawdhry@...com>,
        Kamlesh Gurudasani <kamlesh@...com>,
        Shiva Tripathi <s-tripathi1@...com>,
        Kavitha Malarvizhi <k-malarvizhi@...com>,
        Vishal Mahaveer <vishalm@...com>, Praneeth Bajjuri <praneeth@...com>,
        <linux-crypto@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [PATCH] crypto: api - fix reqsize handling for skciphers and aeads

Commit afddce13ce81d ("crypto: api - Add reqsize to crypto_alg")
introduced cra_reqsize field in crypto_alg struct to replace type
specific reqsize fields. It looks like this was introduced specifically
for ahash and acomp from the commit description as subsequent commits
add necessary changes in these alg frameworks.

However, this is being recommended for use in all crypto algs [1]
instead of setting reqsize using crypto_*_set_reqsize(). Using
cra_reqsize in skcipher and aead algorithms, hence, causes memory
corruptions and crashes as the underlying functions in the algorithm
framework have not been updated to set the reqsize properly from
cra_reqsize. [2]

Add proper set_reqsize calls in the skcipher and aead init functions to
properly initialize reqsize for these algorithms in the framework.

[1]: https://lore.kernel.org/linux-crypto/aCL8BxpHr5OpT04k@gondor.apana.org.au/
[2]: https://gist.github.com/Pratham-T/24247446f1faf4b7843e4014d5089f6b

Fixes: afddce13ce81d ("crypto: api - Add reqsize to crypto_alg")
Signed-off-by: T Pratham <t-pratham@...com>
---

Found this while developing TI DTHEv2 crypto driver. I narrowed that
these crashes in [2] are due to some upstream change and not my code as
the same driver is working fine in our internal 6.12 LTS version (with
daily CI builds not showing any regression from crypto subsystem). The
*only* change is replacing crypto_skcipher_set_reqsize() with
cra_reqsize in algorithms as this patch was introduced after 6.12.

Now, these crashes were not caught earlier because [3] split the
in-kernel self-tests into two configs (CRYPTO_SELFTESTS and
CRYPTO_SELFTESTS_FULL) which went unnoticed in my local development flow
and the CRYPTO_SELFTESTS_FULL config was not enabled till recently. [2]
shows after applying this patch, the driver passes all selftests
succssfully with CRYPTO_SELFTESTS_FULL=y.

[3]: https://lore.kernel.org/linux-crypto/20250612174709.26990-1-ebiggers@kernel.org/
---
 crypto/aead.c     | 1 +
 crypto/skcipher.c | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/crypto/aead.c b/crypto/aead.c
index 5d14b775036ee..51ab3af691af2 100644
--- a/crypto/aead.c
+++ b/crypto/aead.c
@@ -120,6 +120,7 @@ static int crypto_aead_init_tfm(struct crypto_tfm *tfm)
 	struct aead_alg *alg = crypto_aead_alg(aead);
 
 	crypto_aead_set_flags(aead, CRYPTO_TFM_NEED_KEY);
+	crypto_aead_set_reqsize(aead, crypto_tfm_alg_reqsize(tfm));
 
 	aead->authsize = alg->maxauthsize;
 
diff --git a/crypto/skcipher.c b/crypto/skcipher.c
index de5fc91bba267..8fa5d9686d085 100644
--- a/crypto/skcipher.c
+++ b/crypto/skcipher.c
@@ -294,6 +294,8 @@ static int crypto_skcipher_init_tfm(struct crypto_tfm *tfm)
 		return crypto_init_lskcipher_ops_sg(tfm);
 	}
 
+	crypto_skcipher_set_reqsize(skcipher, crypto_tfm_alg_reqsize(tfm));
+
 	if (alg->exit)
 		skcipher->base.exit = crypto_skcipher_exit_tfm;
 
-- 
2.43.0


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ