From patchwork Thu Jun 7 08:58:47 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gilad Ben-Yossef X-Patchwork-Id: 137858 Delivered-To: patch@linaro.org Received: by 2002:a2e:970d:0:0:0:0:0 with SMTP id r13-v6csp1831155lji; Thu, 7 Jun 2018 01:59:02 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIyfhAILbEE4aRdPFvyh3kERX+zmXzkPQuMlcHq8NYisVvDiXI2jXue7o3END9MhDrFBD/S X-Received: by 2002:a17:902:8a82:: with SMTP id p2-v6mr1134015plo.244.1528361942749; Thu, 07 Jun 2018 01:59:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528361942; cv=none; d=google.com; s=arc-20160816; b=Znj9bfDNCBWSj0xVzpQum34dncTHi1eG5XZUoH7jA7xK13Pvo4qG9e/WC0nmV7k4Z3 nJfUFDbtEtudfZI7RcmFeZuXoLW2wZPfkbXBI0H/xDzb51A7v42G0a2yHIjxa5EoKMr4 E+vPA7hXMMbD7uBRxtaUm7sBwKL5BZCDw4trPpurdo83yZI8ZXSHt6+qF7XMW3hE8gs8 li+OTMU++691GqY1CeTtFhZAwe1bHh/NRRnXg2QxqLvx+eXZqUwIhzzQN65EtNtrMPZz E8Huhul1Lu9GtxhNEFpyTUw9puUwxYN2HFMKD4YyL4ce3cPxR8514S1O+MRynVOynpkI KZgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :arc-authentication-results; bh=jVdrvuV5vb7366SYu3Emdki3BeKkWCTw4e2HOm9WOKc=; b=wpQSeKVh9aNHqU6Y/Zd6zQzzO/1ayM5VeArmjrrLr/H/5HhVfZnwIeecZUMsW/JwPr BA0jHUCj75cVAh21yDJRWEQXjOUvCE73D9mF9D6pJTJFw+0pnS/iIH1Mdc6RS3hUh7f9 dJbavJOG30TD3XmPTY2PLXOES6LYe1J89xmYS5McezQyb2SsZ8AVCJyWvkBrxAq1MoP4 i2VsIFaBfv3b0zmvD8Bwc9Fw7gnzGjFXF8kxvh1E5EtVBniQxwEwX6GALVSOalCZtXhy +X3i43pgoApcqQ8UZe21voF7TnEBrcv1wGGTFvY96A/4LH5eAAlVLXNcwCrp1C3p0lka 8GgQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b59-v6si13830095plb.107.2018.06.07.01.59.02; Thu, 07 Jun 2018 01:59:02 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753085AbeFGI7B (ORCPT + 1 other); Thu, 7 Jun 2018 04:59:01 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:48554 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753220AbeFGI7A (ORCPT ); Thu, 7 Jun 2018 04:59:00 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 0D8A515AB; Thu, 7 Jun 2018 01:59:00 -0700 (PDT) Received: from sugar.kfn.arm.com (unknown [10.45.48.146]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 5F4C93F59D; Thu, 7 Jun 2018 01:58:58 -0700 (PDT) From: Gilad Ben-Yossef To: Herbert Xu , "David S. Miller" Cc: Ofir Drang , stable@vger.kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] crypto: ccree: fix iv copying for small buffers Date: Thu, 7 Jun 2018 09:58:47 +0100 Message-Id: <1528361927-4172-1-git-send-email-gilad@benyossef.com> X-Mailer: git-send-email 2.7.4 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org We are copying our last cipher block into the request for use as IV as required by the Crypto API but we failed to handle correctly the case the buffer we are working on is smaller than a block. Fix it by calculating how much we need to copy based on buffer size. CC: stable@vger.kernel.org Fixes: 63ee04c8b491 ("crypto: ccree - add skcipher support") Reported by: Hadar Gat Signed-off-by: Gilad Ben-Yossef --- drivers/crypto/ccree/cc_cipher.c | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) -- 2.7.4 diff --git a/drivers/crypto/ccree/cc_cipher.c b/drivers/crypto/ccree/cc_cipher.c index d2810c1..a07547f 100644 --- a/drivers/crypto/ccree/cc_cipher.c +++ b/drivers/crypto/ccree/cc_cipher.c @@ -616,9 +616,18 @@ static void cc_cipher_complete(struct device *dev, void *cc_req, int err) memcpy(req->iv, req_ctx->backup_info, ivsize); kzfree(req_ctx->backup_info); } else if (!err) { - scatterwalk_map_and_copy(req->iv, req->dst, - (req->cryptlen - ivsize), - ivsize, 0); + unsigned int len; + + if (req->cryptlen > ivsize) { + len = req->cryptlen - ivsize; + } else { + memset(req->iv, 0, ivsize); + len = 0; + ivsize = req->cryptlen; + + } + + scatterwalk_map_and_copy(req->iv, req->dst, len, ivsize, 0); } skcipher_request_complete(req, err); @@ -755,17 +764,26 @@ static int cc_cipher_decrypt(struct skcipher_request *req) struct cipher_req_ctx *req_ctx = skcipher_request_ctx(req); unsigned int ivsize = crypto_skcipher_ivsize(sk_tfm); gfp_t flags = cc_gfp_flags(&req->base); + unsigned int len; /* * Allocate and save the last IV sized bytes of the source, which will * be lost in case of in-place decryption and might be needed for CTS. */ - req_ctx->backup_info = kmalloc(ivsize, flags); + req_ctx->backup_info = kzalloc(ivsize, flags); if (!req_ctx->backup_info) return -ENOMEM; - scatterwalk_map_and_copy(req_ctx->backup_info, req->src, - (req->cryptlen - ivsize), ivsize, 0); + + if (req->cryptlen > ivsize) { + len = req->cryptlen - ivsize; + } else { + len = 0; + ivsize = req->cryptlen; + } + + scatterwalk_map_and_copy(req_ctx->backup_info, req->src, len, ivsize, + 0); req_ctx->is_giv = false; return cc_cipher_process(req, DRV_CRYPTO_DIRECTION_DECRYPT);