From: Russell King - ARM Linux <linux@arm.linux.org.uk>
To: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: "David S. Miller" <davem@davemloft.net>,
Herbert Xu <herbert@gondor.apana.org.au>,
linux-crypto@vger.kernel.org
Subject: [PATCH v2 0/3] crypto: fixes for Marvell hash
Date: Fri, 9 Oct 2015 11:46:37 +0100 [thread overview]
Message-ID: <20151009104637.GA18798@n2100.arm.linux.org.uk> (raw)
In-Reply-To: <20151009102904.GL32532@n2100.arm.linux.org.uk>
Version 2, same as version 1 but with a different patch 1, thanks to
Herbert for an alternative approach on that one.
crypto/ahash.c | 3 ++-
crypto/shash.c | 3 ++-
drivers/crypto/marvell/hash.c | 9 +++++++++
3 files changed, 13 insertions(+), 2 deletions(-)
On Fri, Oct 09, 2015 at 11:29:04AM +0100, Russell King - ARM Linux wrote:
> This small series of patches addresses oopses seen when trying to use
> the AF_ALG interface via openssl with openssh. This series does not
> address all problems, but merely stops the kernel from smashing its
> kernel stack and oopsing.
>
> With these fixes in place, the kernel no longer oopses. However, with
> the digests enabled in openssl, openssh refuses to work, producing the
> following when attempting to connect to the target system:
>
> Corrupted MAC on input.
> Disconnecting: Packet corrupt
>
> It's been hard enough to get this far; the crypto code is not the easiest
> code to debug for a new-comer due to the amount of state needed to be
> retained to understand the code (all the inline functions masking
> multiple levels of containerisation and pointer dereference does not
> make it easy to track what is stored where, and once I've been through
> one bit of code, I find I'm having to revisit the same piece of code a
> bit later to re-understand what it's doing.)
>
> It's been difficult enough to find the engine plugin for openssl - the
> original git repo which hosted it is now dead
> (http://src.carnivore.it/users/common/af_alg/). All that seems to be
> left is someone's modified version on github, which seems to get some
> maintanence. Debian doesn't seem to carry AF_ALG openssl support, and
> seems to only carry one package (strongswan) which supports this
> interface.
>
> Hence, I'm leaving further debugging to other parties, especially as
> the userspace tooling for the AF_ALG seems rather lacking. (Are there
> any test programs, if so, can their location be documented and placed
> in Documentation/crypto please?)
>
> I'm not sure who the maintainer for drivers/crypto/marvell is, so I've
> picked Thomas. It would be nice if there was an entry in MAINTAINERS
> for this driver.
>
> The first patch in this series avoids kernel stack smashing if a crypto
> driver forgets to set the 'statesize' member, but writes to what seems
> to be a valid pointer passed to its export function. Of course, this
> won't completely stop stack smashing if the statesize member is
> smaller than the data which the export function writes. This patch is
> optional.
>
> The second patch adds the necessary statesize members to the Marvell
> code which were previously missing. Fixing this uncovered a further
> problem, which the third patch addresses.
--
FTTC broadband for 0.8mile line: currently at 9.6Mbps down 400kbps up
according to speedtest.net.
next prev parent reply other threads:[~2015-10-09 10:46 UTC|newest]
Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-09 10:29 [PATCH 0/3] crypto: fixes for Marvell hash Russell King - ARM Linux
2015-10-09 10:29 ` [PATCH 1/3] crypto: ensure algif_hash does not pass a zero-sized state Russell King
2015-10-09 10:34 ` Herbert Xu
2015-10-09 10:41 ` Russell King - ARM Linux
2015-10-09 10:42 ` Herbert Xu
2015-10-09 10:29 ` [PATCH 2/3] crypto: marvell: fix stack smashing in marvell/hash.c Russell King
2015-10-09 10:29 ` [PATCH 3/3] crypto: marvell: initialise struct mv_cesa_ahash_req Russell King
2015-10-09 10:46 ` Russell King - ARM Linux [this message]
2015-10-09 10:48 ` [PATCH v2 1/3] crypto: ensure algif_hash does not pass a zero-sized state Russell King
2015-10-09 10:48 ` [PATCH v2 2/3] crypto: marvell: fix stack smashing in marvell/hash.c Russell King
2015-10-09 16:13 ` Boris Brezillon
2015-10-09 10:48 ` [PATCH v2 3/3] crypto: marvell: initialise struct mv_cesa_ahash_req Russell King
2015-10-09 16:15 ` Boris Brezillon
2015-10-09 12:42 ` [PATCH v2 0/3] crypto: fixes for Marvell hash Russell King - ARM Linux
2015-10-09 16:12 ` Boris Brezillon
2015-10-09 19:43 ` [PATCH v3 0/5] " Russell King - ARM Linux
2015-10-09 19:43 ` [PATCH v3 1/5] crypto: ensure algif_hash does not pass a zero-sized state Russell King
2015-10-10 16:46 ` Boris Brezillon
2015-10-10 16:52 ` Russell King - ARM Linux
2015-10-11 6:59 ` Herbert Xu
2015-10-11 6:57 ` Herbert Xu
2015-10-13 14:33 ` Herbert Xu
2015-10-15 9:39 ` Russell King - ARM Linux
2015-10-15 9:41 ` Herbert Xu
2015-10-15 12:59 ` Russell King - ARM Linux
2015-10-15 13:13 ` Herbert Xu
2015-10-16 23:24 ` Victoria Milhoan
2015-10-17 7:56 ` Russell King - ARM Linux
2015-10-09 19:43 ` [PATCH v3 2/5] crypto: marvell: fix stack smashing in marvell/hash.c Russell King
2015-10-09 19:43 ` [PATCH v3 3/5] crypto: marvell: initialise struct mv_cesa_ahash_req Russell King
2015-10-09 19:50 ` Boris Brezillon
2015-10-09 19:52 ` Russell King - ARM Linux
2015-10-09 19:43 ` [PATCH v3 4/5] crypto: marvell: fix wrong hash results Russell King
2015-10-09 19:51 ` Boris Brezillon
2015-10-09 19:43 ` [PATCH v3 5/5] crypto: marvell: factor out common import functions Russell King
2015-10-09 19:55 ` Boris Brezillon
2015-10-09 20:14 ` [PATCH v3b 5/5] crypto: marvell: factor out common import/export functions Russell King
2015-10-09 20:19 ` Boris Brezillon
2015-10-09 22:37 ` Arnaud Ebalard
2015-10-09 23:51 ` Russell King - ARM Linux
2015-10-10 10:31 ` Arnaud Ebalard
2015-10-10 11:29 ` Russell King - ARM Linux
2015-10-10 16:17 ` Russell King - ARM Linux
2015-10-11 6:55 ` Herbert Xu
2015-10-13 13:00 ` Herbert Xu
2015-10-13 13:55 ` Russell King - ARM Linux
2015-10-13 13:57 ` Herbert Xu
2015-10-13 13:59 ` Russell King - ARM Linux
2015-10-13 14:01 ` Herbert Xu
2015-10-10 18:07 ` Marek Vasut
2015-10-09 19:57 ` [PATCH v3 0/5] crypto: fixes for Marvell hash Boris Brezillon
2015-10-18 16:16 ` [PATCH 00/18] crypto: further fixes for Marvell CESA hash Russell King - ARM Linux
2015-10-18 16:23 ` [PATCH 01/18] crypto: marvell: easier way to get the transform Russell King
2015-10-19 1:37 ` crypto: ahash - Add crypto_ahash_blocksize Herbert Xu
2015-10-18 16:23 ` [PATCH 02/18] crypto: marvell: keep creq->state in CPU endian format at all times Russell King
2015-10-18 16:23 ` [PATCH 03/18] crypto: marvell: add flag to determine algorithm endianness Russell King
2015-10-19 15:04 ` Jason Cooper
2015-10-19 15:25 ` Russell King - ARM Linux
2015-10-19 16:15 ` Jason Cooper
2015-10-19 16:18 ` Herbert Xu
2015-10-18 16:23 ` [PATCH 04/18] crypto: marvell: fix the bit length endianness Russell King
2015-10-18 16:23 ` [PATCH 05/18] crypto: marvell: ensure template operation is initialised Russell King
2015-10-18 16:23 ` [PATCH 06/18] crypto: marvell: const-ify argument to mv_cesa_get_op_cfg() Russell King
2015-10-18 16:24 ` [PATCH 07/18] crypto: marvell: factor out first fragment decisions to helper Russell King
2015-10-18 16:24 ` [PATCH 08/18] crypto: marvell: factor out adding an operation and launching it Russell King
2015-10-18 16:24 ` [PATCH 09/18] crypto: marvell: always ensure mid-fragments after first-fragment Russell King
2015-10-18 16:24 ` [PATCH 10/18] crypto: marvell: move mv_cesa_dma_add_frag() calls Russell King
2015-10-18 16:24 ` [PATCH 11/18] crypto: marvell: use presence of scatterlist to determine data load Russell King
2015-10-18 16:24 ` [PATCH 12/18] crypto: marvell: ensure iter.base.op_len is the full op length Russell King
2015-10-18 16:24 ` [PATCH 13/18] crypto: marvell: avoid adding final operation within loop Russell King
2015-10-18 16:24 ` [PATCH 14/18] crypto: marvell: rearrange last request handling Russell King
2015-10-18 16:24 ` [PATCH 15/18] crypto: marvell: rearrange handling for hw finished hashes Russell King
2015-10-18 16:24 ` [PATCH 16/18] crypto: marvell: rearrange handling for sw padded hashes Russell King
2015-10-18 16:24 ` [PATCH 17/18] crypto: marvell: fix first-fragment handling in mv_cesa_ahash_dma_last_req() Russell King
2015-10-19 22:53 ` Arnaud Ebalard
2015-10-18 16:24 ` [PATCH 18/18] crypto: marvell/cesa: fix memory leak Russell King
2015-10-18 17:18 ` [PATCH 00/18] crypto: further fixes for Marvell CESA hash Boris Brezillon
2015-10-18 23:57 ` Arnaud Ebalard
2015-10-19 22:57 ` Arnaud Ebalard
2015-10-18 17:30 ` [PATCH 0/6] Sparse related fixes Russell King - ARM Linux
2015-10-18 17:31 ` [PATCH 1/6] crypto: marvell: use readl_relaxed()/writel_relaxed() Russell King
2015-10-18 17:31 ` [PATCH 2/6] crypto: marvell: use dma_addr_t for cur_dma Russell King
2015-10-18 17:31 ` [PATCH 3/6] crypto: marvell: use gfp_t for gfp flags Russell King
2015-10-18 17:31 ` [PATCH 4/6] crypto: marvell: use memcpy_fromio()/memcpy_toio() Russell King
2015-10-19 23:26 ` Arnaud Ebalard
2015-10-20 7:58 ` Russell King - ARM Linux
2015-10-18 17:31 ` [PATCH 5/6] crypto: marvell: fix missing cpu_to_le32() in mv_cesa_dma_add_op() Russell King
2015-10-18 17:31 ` [PATCH 6/6] crypto: marvell: use __le32 for hardware descriptors Russell King
2015-10-18 17:49 ` [PATCH 0/6] Sparse related fixes Boris Brezillon
2015-10-19 23:29 ` Arnaud Ebalard
2015-10-20 14:21 ` Herbert Xu
2015-10-20 14:20 ` [PATCH 00/18] crypto: further fixes for Marvell CESA hash Herbert Xu
2015-10-09 12:12 ` [PATCH 0/3] crypto: fixes for Marvell hash Thomas Petazzoni
2015-10-09 12:31 ` Russell King - ARM Linux
2015-10-09 12:40 ` Thomas Petazzoni
2015-10-09 14:35 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151009104637.GA18798@n2100.arm.linux.org.uk \
--to=linux@arm.linux.org.uk \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=thomas.petazzoni@free-electrons.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).