From: "Daniel P. Berrange" <berrange@redhat.com>
To: Eric Blake <eblake@redhat.com>
Cc: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH] crypto: ensure XTS is only used with ciphers with 16 byte blocks
Date: Fri, 26 Aug 2016 14:27:41 -0400 [thread overview]
Message-ID: <20160826182741.GA18684@redhat.com> (raw)
In-Reply-To: <57C088BE.3090106@redhat.com>
On Fri, Aug 26, 2016 at 01:21:50PM -0500, Eric Blake wrote:
> On 08/26/2016 07:47 AM, Daniel P. Berrange wrote:
> > The XTS cipher mode needs to be used with a cipher which has
> > a block size of 16 bytes. If a mis-matching block size is used,
> > the code will either corrupt memory beyond the IV array, or
> > not fully encrypt/decrypt the IV.
> >
> > This fixes a memory curruption crash when attempting to use
>
> s/curruption/corruption/
>
> > cast5-128 with xts, since the former has an 8 byte block size.
> >
> > A test case is added to ensure the cipher creation fails with
> > such an invalid combination.
> >
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> > crypto/cipher-gcrypt.c | 6 ++++++
> > crypto/cipher-nettle.c | 12 +++++++-----
> > tests/test-crypto-cipher.c | 44 ++++++++++++++++++++++++++++++++++++--------
> > 3 files changed, 49 insertions(+), 13 deletions(-)
>
> Are you aiming for a last-minute 2.7 fix, or should this just be 2.8
> material and cc qemu-stable?
This isn't critical for 2.7, as this is already invalid usage. IOW anyone
who hits the crash, simply shouldn't use this combination.
> Reviewed-by: Eric Blake <eblake@redhat.com>
>
>
> > +++ b/tests/test-crypto-cipher.c
> > @@ -370,6 +370,17 @@ static QCryptoCipherTestData test_data[] = {
>
> > @@ -449,8 +468,16 @@ static void test_cipher(const void *opaque)
> > cipher = qcrypto_cipher_new(
> > data->alg, data->mode,
> > key, nkey,
> > - &error_abort);
> > - g_assert(cipher != NULL);
> > + &err);
> > + if (data->plaintext) {
> > + g_assert(err == NULL);
> > + g_assert(cipher != NULL);
> > + } else {
> > + g_assert(err != NULL);
> > + error_free(err);
>
> Could shorten these two lines as error_free_or_abort(&err), but that's
> cosmetic.
Will do.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
prev parent reply other threads:[~2016-08-26 18:27 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-26 12:47 [Qemu-devel] [PATCH] crypto: ensure XTS is only used with ciphers with 16 byte blocks Daniel P. Berrange
2016-08-26 18:21 ` Eric Blake
2016-08-26 18:27 ` Daniel P. Berrange [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160826182741.GA18684@redhat.com \
--to=berrange@redhat.com \
--cc=eblake@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.