lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251208025232.4068621-1-powenkao@google.com>
Date: Mon,  8 Dec 2025 02:52:21 +0000
From: Po-Wen Kao <powenkao@...gle.com>
Cc: Brian Kao <powenkao@...gle.com>, Alim Akhtar <alim.akhtar@...sung.com>, 
	Avri Altman <avri.altman@....com>, Bart Van Assche <bvanassche@....org>, 
	"James E.J. Bottomley" <James.Bottomley@...senPartnership.com>, 
	"Martin K. Petersen" <martin.petersen@...cle.com>, 
	"open list:UNIVERSAL FLASH STORAGE HOST CONTROLLER DRIVER" <linux-scsi@...r.kernel.org>, open list <linux-kernel@...r.kernel.org>
Subject: [PATCH 1/1] scsi: ufs: core: Fix error handler encryption support

From: Brian Kao <powenkao@...gle.com>

The UFS driver utilizes block layer crypto fields, such as
rq->crypt_keyslot and rq->crypt_ctx, to configure hardware for inline
encryption. However, the SCSI error handler (EH) reuses the
Protocol Data Unit (PDU) from the original failing request when issuing
EH commands (e.g., TEST UNIT READY, START STOP UNIT).

This can lead to issues if the original request of reused PDU contains
stale cryptographic configurations, which are not applicable for
the simple EH commands. These commands should not involve data
encryption.

This patch fixes this by checking if the command was submitted by the
SCSI error handler. If so, it bypasses the cryptographic setup for
the request, ensuring UTRDs are not inadvertently
configured with potentially incorrect encryption parameters.

Signed-off-by: Brian Kao <powenkao@...gle.com>
---
 drivers/ufs/core/ufshcd-crypto.h | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/drivers/ufs/core/ufshcd-crypto.h b/drivers/ufs/core/ufshcd-crypto.h
index c148a5194378..26a0699c8412 100644
--- a/drivers/ufs/core/ufshcd-crypto.h
+++ b/drivers/ufs/core/ufshcd-crypto.h
@@ -16,7 +16,12 @@
 static inline void ufshcd_prepare_lrbp_crypto(struct request *rq,
 					      struct ufshcd_lrb *lrbp)
 {
-	if (!rq || !rq->crypt_keyslot) {
+	/*
+	 * Do not use the crypto settings if the SCSI error handler has replaced
+	 * the SCSI command
+	 */
+	if (!rq || !rq->crypt_keyslot ||
+	    unlikely(lrbp->cmd->submitter == SUBMITTED_BY_SCSI_ERROR_HANDLER)) {
 		lrbp->crypto_key_slot = -1;
 		return;
 	}
-- 
2.52.0.223.gf5cc29aaa4-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ