[PATCH] crypto: caam - fix operator precedence in shared descriptor allocation

Linux cryptographic layer development
 help / color / mirror / Atom feed

* [PATCH] crypto: caam - fix operator precedence in shared descriptor allocation
@ 2011-05-23 23:45 Kim Phillips
  2011-05-26  3:30 ` Herbert Xu
  0 siblings, 1 reply; 4+ messages in thread
From: Kim Phillips @ 2011-05-23 23:45 UTC (permalink / raw)
  To: linux-crypto; +Cc: Herbert Xu

setkey allocates 16 bytes (CAAM_CMD_SZ *
DESC_AEAD_SHARED_TEXT_LEN) shy of what is needed to
store the shared descriptor, resulting in memory
corruption.  Fix this.

Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
---
Bug introduced in commit 4427b1b - "crypto: caam - add support for
sha512 variants of existing AEAD algorithms".

 drivers/crypto/caam/caamalg.c |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
index d0e65d6..676d957 100644
--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -238,9 +238,9 @@ static int build_sh_desc_ipsec(struct caam_ctx *ctx)
 
 	/* build shared descriptor for this session */
 	sh_desc = kmalloc(CAAM_CMD_SZ * DESC_AEAD_SHARED_TEXT_LEN +
-			  keys_fit_inline ?
-			  ctx->split_key_pad_len + ctx->enckeylen :
-			  CAAM_PTR_SZ * 2, GFP_DMA | GFP_KERNEL);
+			  (keys_fit_inline ?
+			   ctx->split_key_pad_len + ctx->enckeylen :
+			   CAAM_PTR_SZ * 2), GFP_DMA | GFP_KERNEL);
 	if (!sh_desc) {
 		dev_err(jrdev, "could not allocate shared descriptor\n");
 		return -ENOMEM;
-- 
1.7.5.1

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] crypto: caam - fix operator precedence in shared descriptor allocation
  2011-05-23 23:45 [PATCH] crypto: caam - fix operator precedence in shared descriptor allocation Kim Phillips
@ 2011-05-26  3:30 ` Herbert Xu
  2011-06-29 16:12   ` Kim Phillips
  0 siblings, 1 reply; 4+ messages in thread
From: Herbert Xu @ 2011-05-26  3:30 UTC (permalink / raw)
  To: Kim Phillips; +Cc: linux-crypto

On Mon, May 23, 2011 at 06:45:23PM -0500, Kim Phillips wrote:
> setkey allocates 16 bytes (CAAM_CMD_SZ *
> DESC_AEAD_SHARED_TEXT_LEN) shy of what is needed to
> store the shared descriptor, resulting in memory
> corruption.  Fix this.
> 
> Signed-off-by: Kim Phillips <kim.phillips@freescale.com>

Applied to cryptodev.  Thanks Kim!
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] crypto: caam - fix operator precedence in shared descriptor allocation
  2011-05-26  3:30 ` Herbert Xu
@ 2011-06-29 16:12   ` Kim Phillips
  2011-06-29 23:44     ` Herbert Xu
  0 siblings, 1 reply; 4+ messages in thread
From: Kim Phillips @ 2011-06-29 16:12 UTC (permalink / raw)
  To: Herbert Xu; +Cc: linux-crypto, Kumar Gala

On Thu, 26 May 2011 13:30:44 +1000
Herbert Xu <herbert@gondor.apana.org.au> wrote:

> On Mon, May 23, 2011 at 06:45:23PM -0500, Kim Phillips wrote:
> > setkey allocates 16 bytes (CAAM_CMD_SZ *
> > DESC_AEAD_SHARED_TEXT_LEN) shy of what is needed to
> > store the shared descriptor, resulting in memory
> > corruption.  Fix this.
> > 
> > Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
> 
> Applied to cryptodev.  Thanks Kim!

Herbert, this patch fixes a memory corruption bug introduced in
commit 4427b1b - "crypto: caam - add support for sha512 variants of
existing AEAD algorithms", which is currently the last commit for
caam in Linus' tree. Can you please push this commit (c5bf900 in
cryptodev) to Linus before he releases 3.0?

btw, it would be good if commit af56dea "crypto: caam - fix build
warning when DEBUG_FS not configured" were also pushed to avoid the
build-bot messages, but it's not nearly as important as this one.

Thanks,

Kim

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] crypto: caam - fix operator precedence in shared descriptor allocation
  2011-06-29 16:12   ` Kim Phillips
@ 2011-06-29 23:44     ` Herbert Xu
  0 siblings, 0 replies; 4+ messages in thread
From: Herbert Xu @ 2011-06-29 23:44 UTC (permalink / raw)
  To: Kim Phillips; +Cc: linux-crypto, Kumar Gala

On Wed, Jun 29, 2011 at 11:12:26AM -0500, Kim Phillips wrote:
> On Thu, 26 May 2011 13:30:44 +1000
> Herbert Xu <herbert@gondor.apana.org.au> wrote:
> 
> > On Mon, May 23, 2011 at 06:45:23PM -0500, Kim Phillips wrote:
> > > setkey allocates 16 bytes (CAAM_CMD_SZ *
> > > DESC_AEAD_SHARED_TEXT_LEN) shy of what is needed to
> > > store the shared descriptor, resulting in memory
> > > corruption.  Fix this.
> > > 
> > > Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
> > 
> > Applied to cryptodev.  Thanks Kim!
> 
> Herbert, this patch fixes a memory corruption bug introduced in
> commit 4427b1b - "crypto: caam - add support for sha512 variants of
> existing AEAD algorithms", which is currently the last commit for
> caam in Linus' tree. Can you please push this commit (c5bf900 in
> cryptodev) to Linus before he releases 3.0?

Thanks for the note.  I'll push this patch to crypto-2.6 and rebase
cryptodev.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2011-06-29 23:45 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-05-23 23:45 [PATCH] crypto: caam - fix operator precedence in shared descriptor allocation Kim Phillips
2011-05-26  3:30 ` Herbert Xu
2011-06-29 16:12   ` Kim Phillips
2011-06-29 23:44     ` Herbert Xu

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox