From: Greg KH <gregkh@linuxfoundation.org>
To: Andy Lutomirski <luto@kernel.org>
Cc: linux-kernel@vger.kernel.org, linux-usb@vger.kernel.org,
Eric Biggers <ebiggers3@gmail.com>,
linux-crypto@vger.kernel.org,
Herbert Xu <herbert@gondor.apana.org.au>,
Stephan Mueller <smueller@chronox.de>
Subject: Re: [PATCH] wusbcore: Fix one more crypto-on-the-stack bug
Date: Mon, 12 Dec 2016 22:44:47 +0100 [thread overview]
Message-ID: <20161212214447.GA12142@kroah.com> (raw)
In-Reply-To: <8c273c9c41f51b34bb3115086f1d776895580637.1481575835.git.luto@kernel.org>
On Mon, Dec 12, 2016 at 12:52:45PM -0800, Andy Lutomirski wrote:
> The driver put a constant buffer of all zeros on the stack and
> pointed a scatterlist entry at it. This doesn't work with virtual
> stacks. Make the buffer static to fix it.
>
> Cc: stable@vger.kernel.org # 4.9 only
> Reported-by: Eric Biggers <ebiggers3@gmail.com>
> Signed-off-by: Andy Lutomirski <luto@kernel.org>
> ---
> drivers/usb/wusbcore/crypto.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/usb/wusbcore/crypto.c b/drivers/usb/wusbcore/crypto.c
> index 79451f7ef1b7..a7e007a0cd49 100644
> --- a/drivers/usb/wusbcore/crypto.c
> +++ b/drivers/usb/wusbcore/crypto.c
> @@ -216,7 +216,7 @@ static int wusb_ccm_mac(struct crypto_skcipher *tfm_cbc,
> struct scatterlist sg[4], sg_dst;
> void *dst_buf;
> size_t dst_size;
> - const u8 bzero[16] = { 0 };
> + static const u8 bzero[16] = { 0 };
Hm, can static memory handle DMA? That's a requirement of the USB
stack, does this data later end up being sent down to a USB host
controller?
thanks,
greg k-h
next prev parent reply other threads:[~2016-12-12 21:44 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-12 20:52 [PATCH] wusbcore: Fix one more crypto-on-the-stack bug Andy Lutomirski
2016-12-12 20:53 ` [PATCH] keys/encrypted: Fix two crypto-on-the-stack bugs Andy Lutomirski
2016-12-12 22:28 ` David Howells
2016-12-13 0:32 ` Andy Lutomirski
[not found] ` <e958f214e8885968be8045ffde813ac339b81178.1481575835.git.luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2016-12-13 12:20 ` David Laight
2016-12-13 12:20 ` David Laight
2016-12-13 16:40 ` Andy Lutomirski
2016-12-13 16:45 ` David Howells
2016-12-13 17:02 ` Andy Lutomirski
2016-12-13 20:02 ` David Howells
2016-12-14 16:58 ` Joerg Roedel
2016-12-12 20:54 ` [PATCH] cifs: Fix smbencrypt() to stop pointing a scatterlist at the stack Andy Lutomirski
2016-12-13 11:40 ` Sergei Shtylyov
2016-12-13 13:07 ` Jeff Layton
[not found] ` <1481634464.2630.17.camel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-12-14 8:19 ` Steve French
2016-12-14 8:19 ` Steve French
2016-12-12 20:55 ` [PATCH] crypto: Make a few drivers depend on !VMAP_STACK Andy Lutomirski
[not found] ` <5e4b1fdd48e44acd5f3cfa25639b00f5c5906832.1481575835.git.luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2016-12-13 3:42 ` Herbert Xu
2016-12-13 3:42 ` Herbert Xu
2016-12-12 20:55 ` [PATCH] orinoco: Use shash instead of ahash for MIC calculations Andy Lutomirski
2016-12-13 7:54 ` Eric Biggers
2016-12-13 11:35 ` Kalle Valo
2016-12-13 16:41 ` Andy Lutomirski
[not found] ` <CALCETrXxQ9FxuqV5A1rkj2SpeFfd89njDP9h5VBuNx387ieKdQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-12-13 17:03 ` Kalle Valo
2016-12-13 17:03 ` Kalle Valo
2016-12-30 11:34 ` Kalle Valo
2016-12-30 12:02 ` Kalle Valo
2016-12-30 12:15 ` Kalle Valo
2016-12-12 21:44 ` Greg KH [this message]
2016-12-12 23:57 ` [PATCH] wusbcore: Fix one more crypto-on-the-stack bug Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161212214447.GA12142@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=ebiggers3@gmail.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=luto@kernel.org \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.