From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id DFE39C30653 for ; Wed, 3 Jul 2024 17:22:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:In-Reply-To:References:To: From:Subject:Cc:Message-Id:Date:Content-Type:Content-Transfer-Encoding: Mime-Version:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=SA8Y6jQMdxhxEUrp/VEbR/A0XzvnM/GpUGC8B9rshgg=; b=l3p0Gt8IsxCLtZROOi5qeP5C60 fIwDzTLyv5WAe68hhj3fdnJ+ngs+8gc3psomXxSCwlU/bQ6B4PP9j0h8b6waMZ69JMUdZZLrRSIvF hdaAsfYv074IElTiWrb9aOQlg6I2WPezzDGKTIvYFdHi+a1RuPyrFfYlt5APeh5XRFDTrxJDdHQ26 qys4sTk0HniyjldR77fawkFPY8nms5xGbbazkNZM0JAfNMD5ZGag895q+7Ny49ipe0az4hFvkxOjI gwa+eNIAV8CH8BIUSCBFnSNmsgq+qxkvjXwua8VPJepkDC+Zofc0jsEURMo8G8UZ4q/1ubW4Zkesp ajXlIjyg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1sP3fv-0000000AzEs-1zbB; Wed, 03 Jul 2024 17:21:47 +0000 Received: from dfw.source.kernel.org ([139.178.84.217]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sP3fd-0000000AzB2-2vbP for linux-arm-kernel@lists.infradead.org; Wed, 03 Jul 2024 17:21:31 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id D3A79623BF; Wed, 3 Jul 2024 17:21:27 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7AFDEC4AF07; Wed, 3 Jul 2024 17:21:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1720027287; bh=LJ0zHjH0kD+iXUzyFJ+qPcJA5pU14YxexeZSu9J9/mg=; h=Date:Cc:Subject:From:To:References:In-Reply-To:From; b=X4rZKLqmrjgMVhSI384HWJcceNk3RxtNuevHbl+QCXDvyMllp9WOjv84q2vpyRl6I uVsPWw303oz95YvUjPhX9bUu6VBESRuEGrJhUJhIa4V4SNRjU/IWDYWslOTxNx0NQ2 ZD3FEUN/u/or+HpSF0trTgWYgzvd3R2dAhJCpuhoEVZLMpyvAVzRQvw80tEz76pnb1 /XT6IP8j9V+PEs9EZC9c0wBknWELB/tjXivuNdahI6qM7P5s2HBgpgmEAKCGnlxGk7 YeVQDodzsMQB+3Tcp3rt/oHYnQIiAFB66c/saQ2R20Duxf8i+CGLdts2QqIh4TGThk Ptf/MXCG40GZA== Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Wed, 03 Jul 2024 20:21:22 +0300 Message-Id: Cc: "Pengutronix Kernel Team" , , , , , "sigma star Kernel Team" , "kernel test robot" , "Dan Carpenter" Subject: Re: [PATCH] crypto: mxs-dcp: Ensure payload is zero when using key slot From: "Jarkko Sakkinen" To: "David Gstir" , "Herbert Xu" , "David S. Miller" , "Shawn Guo" , "Sascha Hauer" , "Fabio Estevam" , "David Oberhollenzer" , "Richard Weinberger" X-Mailer: aerc 0.17.0 References: <20240703124958.45898-1-david@sigma-star.at> In-Reply-To: <20240703124958.45898-1-david@sigma-star.at> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240703_102129_822705_F67D9655 X-CRM114-Status: GOOD ( 17.20 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Wed Jul 3, 2024 at 3:49 PM EEST, David Gstir wrote: > We could leak stack memory through the payload field when running > AES with a key from one of the hardware's key slots. Fix this by > ensuring the payload field is set to 0 in such cases. > > This does not affect the common use case when the key is supplied > from main memory via the descriptor payload. > > Signed-off-by: David Gstir > Reported-by: kernel test robot > Reported-by: Dan Carpenter > Closes: https://lore.kernel.org/r/202405270146.Y9tPoil8-lkp@intel.com/ > Fixes: 3d16af0b4cfa ("crypto: mxs-dcp: Add support for hardware-bound key= s") > --- > drivers/crypto/mxs-dcp.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/drivers/crypto/mxs-dcp.c b/drivers/crypto/mxs-dcp.c > index 057d73c370b7..c82775dbb557 100644 > --- a/drivers/crypto/mxs-dcp.c > +++ b/drivers/crypto/mxs-dcp.c > @@ -225,7 +225,8 @@ static int mxs_dcp_start_dma(struct dcp_async_ctx *ac= tx) > static int mxs_dcp_run_aes(struct dcp_async_ctx *actx, > struct skcipher_request *req, int init) > { > - dma_addr_t key_phys, src_phys, dst_phys; > + dma_addr_t key_phys =3D 0; > + dma_addr_t src_phys, dst_phys; > struct dcp *sdcp =3D global_sdcp; > struct dcp_dma_desc *desc =3D &sdcp->coh->desc[actx->chan]; > struct dcp_aes_req_ctx *rctx =3D skcipher_request_ctx(req); I'm on holiday up until week 31 so might be that review will take up to then. BR, Jarkko