From: Marek Vasut <marex@denx.de>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Tom Lendacky <thomas.lendacky@amd.com>,
linux-arm-kernel@lists.infradead.org,
linux-crypto@vger.kernel.org,
"David S. Miller" <davem@davemloft.net>,
Fabio Estevam <fabio.estevam@freescale.com>,
Shawn Guo <shawn.guo@linaro.org>
Subject: Re: [PATCH 1/3] crypto: Fix the pointer voodoo in unaligned ahash
Date: Mon, 3 Mar 2014 01:20:13 +0100 [thread overview]
Message-ID: <201403030120.13441.marex@denx.de> (raw)
In-Reply-To: <20140209011856.GB16905@gondor.apana.org.au>
On Sunday, February 09, 2014 at 02:18:56 AM, Herbert Xu wrote:
> On Tue, Jan 14, 2014 at 01:35:50PM -0600, Tom Lendacky wrote:
> > On Tuesday, January 14, 2014 06:33:47 PM Marek Vasut wrote:
> > > Add documentation for the pointer voodoo that is happening in
> > > crypto/ahash.c in ahash_op_unaligned(). This code is quite confusing,
> > > so add a beefy chunk of documentation.
> > >
> > > Moreover, make sure the mangled request is completely restored after
> > > finishing this unaligned operation. This means restoring all of
> > > .result, .priv, .base.data and .base.complete .
> > >
> > > Also, remove the crypto_completion_t complete = ... line present in the
> > > ahash_op_unaligned_done() function. This type actually declares a
> > > function pointer, which is very confusing.
> > >
> > > Finally, yet very important nonetheless, make sure the req->priv is
> > > free()'d only after the original request is restored in
> > > ahash_op_unaligned_done(). The req->priv data must not be free()'d
> > > before that in ahash_op_unaligned_finish(), since we would be
> > > accessing previously free()'d data in ahash_op_unaligned_done() and
> > > cause corruption.
> > >
> > > Signed-off-by: Marek Vasut <marex@denx.de>
> > > Cc: David S. Miller <davem@davemloft.net>
> > > Cc: Fabio Estevam <fabio.estevam@freescale.com>
> > > Cc: Herbert Xu <herbert@gondor.apana.org.au>
> > > Cc: Shawn Guo <shawn.guo@linaro.org>
> > > Cc: Tom Lendacky <thomas.lendacky@amd.com>
> > > ---
> > >
> > > crypto/ahash.c | 65
> > > ++++++++++++++++++++++++++++++++++++++++++++++++---------- 1 file
> > > changed, 54 insertions(+), 11 deletions(-)
> > >
> > > diff --git a/crypto/ahash.c b/crypto/ahash.c
> > > index a92dc38..5ca8ede 100644
> > > --- a/crypto/ahash.c
> > > +++ b/crypto/ahash.c
> > > @@ -29,6 +29,7 @@
> > >
> > > struct ahash_request_priv {
> > >
> > > crypto_completion_t complete;
> > > void *data;
> > >
> > > + void *priv;
> > >
> > > u8 *result;
> > > void *ubuf[] CRYPTO_MINALIGN_ATTR;
> > >
> > > };
> > >
> > > @@ -200,23 +201,38 @@ static void ahash_op_unaligned_finish(struct
> > > ahash_request *req, int err)
> > >
> > > if (!err)
> > >
> > > memcpy(priv->result, req->result,
> > >
> > > crypto_ahash_digestsize(crypto_ahash_reqtfm(req)));
> > >
> > > -
> > > - kzfree(priv);
> >
> > You can't move/remove this kzfree since a synchronous operation will not
> > take the ahash_op_unaligned_done path. A synchronous operation will
> > never return -EINPROGRESS and the effect will be to never free the priv
> > structure.
>
> Marek, did you have a chance to address this?
V2 is on it's way. I know there's really no apology for this horrible delay :-(
WARNING: multiple messages have this Message-ID (diff)
From: marex@denx.de (Marek Vasut)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH 1/3] crypto: Fix the pointer voodoo in unaligned ahash
Date: Mon, 3 Mar 2014 01:20:13 +0100 [thread overview]
Message-ID: <201403030120.13441.marex@denx.de> (raw)
In-Reply-To: <20140209011856.GB16905@gondor.apana.org.au>
On Sunday, February 09, 2014 at 02:18:56 AM, Herbert Xu wrote:
> On Tue, Jan 14, 2014 at 01:35:50PM -0600, Tom Lendacky wrote:
> > On Tuesday, January 14, 2014 06:33:47 PM Marek Vasut wrote:
> > > Add documentation for the pointer voodoo that is happening in
> > > crypto/ahash.c in ahash_op_unaligned(). This code is quite confusing,
> > > so add a beefy chunk of documentation.
> > >
> > > Moreover, make sure the mangled request is completely restored after
> > > finishing this unaligned operation. This means restoring all of
> > > .result, .priv, .base.data and .base.complete .
> > >
> > > Also, remove the crypto_completion_t complete = ... line present in the
> > > ahash_op_unaligned_done() function. This type actually declares a
> > > function pointer, which is very confusing.
> > >
> > > Finally, yet very important nonetheless, make sure the req->priv is
> > > free()'d only after the original request is restored in
> > > ahash_op_unaligned_done(). The req->priv data must not be free()'d
> > > before that in ahash_op_unaligned_finish(), since we would be
> > > accessing previously free()'d data in ahash_op_unaligned_done() and
> > > cause corruption.
> > >
> > > Signed-off-by: Marek Vasut <marex@denx.de>
> > > Cc: David S. Miller <davem@davemloft.net>
> > > Cc: Fabio Estevam <fabio.estevam@freescale.com>
> > > Cc: Herbert Xu <herbert@gondor.apana.org.au>
> > > Cc: Shawn Guo <shawn.guo@linaro.org>
> > > Cc: Tom Lendacky <thomas.lendacky@amd.com>
> > > ---
> > >
> > > crypto/ahash.c | 65
> > > ++++++++++++++++++++++++++++++++++++++++++++++++---------- 1 file
> > > changed, 54 insertions(+), 11 deletions(-)
> > >
> > > diff --git a/crypto/ahash.c b/crypto/ahash.c
> > > index a92dc38..5ca8ede 100644
> > > --- a/crypto/ahash.c
> > > +++ b/crypto/ahash.c
> > > @@ -29,6 +29,7 @@
> > >
> > > struct ahash_request_priv {
> > >
> > > crypto_completion_t complete;
> > > void *data;
> > >
> > > + void *priv;
> > >
> > > u8 *result;
> > > void *ubuf[] CRYPTO_MINALIGN_ATTR;
> > >
> > > };
> > >
> > > @@ -200,23 +201,38 @@ static void ahash_op_unaligned_finish(struct
> > > ahash_request *req, int err)
> > >
> > > if (!err)
> > >
> > > memcpy(priv->result, req->result,
> > >
> > > crypto_ahash_digestsize(crypto_ahash_reqtfm(req)));
> > >
> > > -
> > > - kzfree(priv);
> >
> > You can't move/remove this kzfree since a synchronous operation will not
> > take the ahash_op_unaligned_done path. A synchronous operation will
> > never return -EINPROGRESS and the effect will be to never free the priv
> > structure.
>
> Marek, did you have a chance to address this?
V2 is on it's way. I know there's really no apology for this horrible delay :-(
next prev parent reply other threads:[~2014-03-03 0:22 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-14 17:33 [PATCH 0/3] crypto: Clean up ahash handling confusion Marek Vasut
2014-01-14 17:33 ` Marek Vasut
2014-01-14 17:33 ` [PATCH 1/3] crypto: Fix the pointer voodoo in unaligned ahash Marek Vasut
2014-01-14 17:33 ` Marek Vasut
2014-01-14 19:35 ` Tom Lendacky
2014-01-14 19:35 ` Tom Lendacky
2014-02-09 1:18 ` Herbert Xu
2014-02-09 1:18 ` Herbert Xu
2014-02-09 6:15 ` Marek Vasut
2014-02-09 6:15 ` Marek Vasut
2014-03-03 0:20 ` Marek Vasut [this message]
2014-03-03 0:20 ` Marek Vasut
2014-01-14 17:33 ` [PATCH 2/3] crypto: Pull out the functions to save/restore request Marek Vasut
2014-01-14 17:33 ` Marek Vasut
2014-01-14 17:33 ` [PATCH 3/3] crypto: Simplify the ahash_finup implementation Marek Vasut
2014-01-14 17:33 ` Marek Vasut
2014-03-03 0:21 ` [PATCH 1/3 V2] crypto: Fix the pointer voodoo in unaligned ahash Marek Vasut
2014-03-03 0:21 ` Marek Vasut
2014-03-03 0:21 ` [PATCH 2/3 V2] crypto: Pull out the functions to save/restore request Marek Vasut
2014-03-03 0:21 ` Marek Vasut
2014-03-03 0:21 ` [PATCH 3/3 V2] crypto: Simplify the ahash_finup implementation Marek Vasut
2014-03-03 0:21 ` Marek Vasut
2014-03-12 12:11 ` Herbert Xu
2014-03-12 12:11 ` Herbert Xu
2014-03-13 1:21 ` Marek Vasut
2014-03-13 1:21 ` Marek Vasut
2014-03-12 12:08 ` [PATCH 1/3 V2] crypto: Fix the pointer voodoo in unaligned ahash Herbert Xu
2014-03-12 12:08 ` Herbert Xu
2014-03-13 1:20 ` Marek Vasut
2014-03-13 1:20 ` Marek Vasut
2014-03-13 1:56 ` Herbert Xu
2014-03-13 1:56 ` Herbert Xu
2014-03-13 4:01 ` Marek Vasut
2014-03-13 4:01 ` Marek Vasut
2014-03-13 4:32 ` Herbert Xu
2014-03-13 4:32 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201403030120.13441.marex@denx.de \
--to=marex@denx.de \
--cc=davem@davemloft.net \
--cc=fabio.estevam@freescale.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=shawn.guo@linaro.org \
--cc=thomas.lendacky@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.