From: Boris Brezillon <boris.brezillon@free-electrons.com>
To: Russell King <rmk+kernel@arm.linux.org.uk>
Cc: Arnaud Ebalard <arno@natisbad.org>,
Thomas Petazzoni <thomas.petazzoni@free-electrons.com>,
Jason Cooper <jason@lakedaemon.net>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
linux-crypto@vger.kernel.org
Subject: Re: [PATCH v3 4/5] crypto: marvell: fix wrong hash results
Date: Fri, 9 Oct 2015 21:51:58 +0200 [thread overview]
Message-ID: <20151009215158.2e6f0560@bbrezillon> (raw)
In-Reply-To: <E1Zkda0-0005In-UI@rmk-PC.arm.linux.org.uk>
On Fri, 09 Oct 2015 20:43:48 +0100
Russell King <rmk+kernel@arm.linux.org.uk> wrote:
> Attempting to use the sha1 digest for openssh via openssl reveals that
> the result from the hash is wrong: this happens when we export the
> state from one socket and import it into another via calling accept().
>
> The reason for this is because the operation is reset to "initial block"
> state, whereas we may be past the first fragment of data to be hashed.
>
> Arrange for the operation code to avoid the initialisation of the state,
> thereby preserving the imported state.
>
> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Thanks!
> ---
> drivers/crypto/marvell/hash.c | 15 +++++++++++++++
> 1 file changed, 15 insertions(+)
>
> diff --git a/drivers/crypto/marvell/hash.c b/drivers/crypto/marvell/hash.c
> index 458867ce9515..b7c2c05f1a01 100644
> --- a/drivers/crypto/marvell/hash.c
> +++ b/drivers/crypto/marvell/hash.c
> @@ -835,6 +835,11 @@ static int mv_cesa_md5_import(struct ahash_request *req, const void *in)
> if (ret)
> return ret;
>
> + if (in_state->byte_count >= sizeof(in_state->block))
> + mv_cesa_update_op_cfg(&creq->op_tmpl,
> + CESA_SA_DESC_CFG_MID_FRAG,
> + CESA_SA_DESC_CFG_FRAG_MSK);
> +
> creq->len = in_state->byte_count;
> memcpy(creq->state, in_state->hash, digsize);
> creq->cache_ptr = 0;
> @@ -929,6 +934,11 @@ static int mv_cesa_sha1_import(struct ahash_request *req, const void *in)
> if (ret)
> return ret;
>
> + if (in_state->count >= SHA1_BLOCK_SIZE)
> + mv_cesa_update_op_cfg(&creq->op_tmpl,
> + CESA_SA_DESC_CFG_MID_FRAG,
> + CESA_SA_DESC_CFG_FRAG_MSK);
> +
> creq->len = in_state->count;
> memcpy(creq->state, in_state->state, digsize);
> creq->cache_ptr = 0;
> @@ -1034,6 +1044,11 @@ static int mv_cesa_sha256_import(struct ahash_request *req, const void *in)
> if (ret)
> return ret;
>
> + if (in_state->count >= SHA256_BLOCK_SIZE)
> + mv_cesa_update_op_cfg(&creq->op_tmpl,
> + CESA_SA_DESC_CFG_MID_FRAG,
> + CESA_SA_DESC_CFG_FRAG_MSK);
> +
> creq->len = in_state->count;
> memcpy(creq->state, in_state->state, digsize);
> creq->cache_ptr = 0;
--
Boris Brezillon, Free Electrons
Embedded Linux and Kernel engineering
http://free-electrons.com
next prev parent reply other threads:[~2015-10-09 19:52 UTC|newest]
Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-09 10:29 [PATCH 0/3] crypto: fixes for Marvell hash Russell King - ARM Linux
2015-10-09 10:29 ` [PATCH 1/3] crypto: ensure algif_hash does not pass a zero-sized state Russell King
2015-10-09 10:34 ` Herbert Xu
2015-10-09 10:41 ` Russell King - ARM Linux
2015-10-09 10:42 ` Herbert Xu
2015-10-09 10:29 ` [PATCH 2/3] crypto: marvell: fix stack smashing in marvell/hash.c Russell King
2015-10-09 10:29 ` [PATCH 3/3] crypto: marvell: initialise struct mv_cesa_ahash_req Russell King
2015-10-09 10:46 ` [PATCH v2 0/3] crypto: fixes for Marvell hash Russell King - ARM Linux
2015-10-09 10:48 ` [PATCH v2 1/3] crypto: ensure algif_hash does not pass a zero-sized state Russell King
2015-10-09 10:48 ` [PATCH v2 2/3] crypto: marvell: fix stack smashing in marvell/hash.c Russell King
2015-10-09 16:13 ` Boris Brezillon
2015-10-09 10:48 ` [PATCH v2 3/3] crypto: marvell: initialise struct mv_cesa_ahash_req Russell King
2015-10-09 16:15 ` Boris Brezillon
2015-10-09 12:42 ` [PATCH v2 0/3] crypto: fixes for Marvell hash Russell King - ARM Linux
2015-10-09 16:12 ` Boris Brezillon
2015-10-09 19:43 ` [PATCH v3 0/5] " Russell King - ARM Linux
2015-10-09 19:43 ` [PATCH v3 1/5] crypto: ensure algif_hash does not pass a zero-sized state Russell King
2015-10-10 16:46 ` Boris Brezillon
2015-10-10 16:52 ` Russell King - ARM Linux
2015-10-11 6:59 ` Herbert Xu
2015-10-11 6:57 ` Herbert Xu
2015-10-13 14:33 ` Herbert Xu
2015-10-15 9:39 ` Russell King - ARM Linux
2015-10-15 9:41 ` Herbert Xu
2015-10-15 12:59 ` Russell King - ARM Linux
2015-10-15 13:13 ` Herbert Xu
2015-10-16 23:24 ` Victoria Milhoan
2015-10-17 7:56 ` Russell King - ARM Linux
2015-10-09 19:43 ` [PATCH v3 2/5] crypto: marvell: fix stack smashing in marvell/hash.c Russell King
2015-10-09 19:43 ` [PATCH v3 3/5] crypto: marvell: initialise struct mv_cesa_ahash_req Russell King
2015-10-09 19:50 ` Boris Brezillon
2015-10-09 19:52 ` Russell King - ARM Linux
2015-10-09 19:43 ` [PATCH v3 4/5] crypto: marvell: fix wrong hash results Russell King
2015-10-09 19:51 ` Boris Brezillon [this message]
2015-10-09 19:43 ` [PATCH v3 5/5] crypto: marvell: factor out common import functions Russell King
2015-10-09 19:55 ` Boris Brezillon
2015-10-09 20:14 ` [PATCH v3b 5/5] crypto: marvell: factor out common import/export functions Russell King
2015-10-09 20:19 ` Boris Brezillon
2015-10-09 22:37 ` Arnaud Ebalard
2015-10-09 23:51 ` Russell King - ARM Linux
2015-10-10 10:31 ` Arnaud Ebalard
2015-10-10 11:29 ` Russell King - ARM Linux
2015-10-10 16:17 ` Russell King - ARM Linux
2015-10-11 6:55 ` Herbert Xu
2015-10-13 13:00 ` Herbert Xu
2015-10-13 13:55 ` Russell King - ARM Linux
2015-10-13 13:57 ` Herbert Xu
2015-10-13 13:59 ` Russell King - ARM Linux
2015-10-13 14:01 ` Herbert Xu
2015-10-10 18:07 ` Marek Vasut
2015-10-09 19:57 ` [PATCH v3 0/5] crypto: fixes for Marvell hash Boris Brezillon
2015-10-18 16:16 ` [PATCH 00/18] crypto: further fixes for Marvell CESA hash Russell King - ARM Linux
2015-10-18 16:23 ` [PATCH 01/18] crypto: marvell: easier way to get the transform Russell King
2015-10-19 1:37 ` crypto: ahash - Add crypto_ahash_blocksize Herbert Xu
2015-10-18 16:23 ` [PATCH 02/18] crypto: marvell: keep creq->state in CPU endian format at all times Russell King
2015-10-18 16:23 ` [PATCH 03/18] crypto: marvell: add flag to determine algorithm endianness Russell King
2015-10-19 15:04 ` Jason Cooper
2015-10-19 15:25 ` Russell King - ARM Linux
2015-10-19 16:15 ` Jason Cooper
2015-10-19 16:18 ` Herbert Xu
2015-10-18 16:23 ` [PATCH 04/18] crypto: marvell: fix the bit length endianness Russell King
2015-10-18 16:23 ` [PATCH 05/18] crypto: marvell: ensure template operation is initialised Russell King
2015-10-18 16:23 ` [PATCH 06/18] crypto: marvell: const-ify argument to mv_cesa_get_op_cfg() Russell King
2015-10-18 16:24 ` [PATCH 07/18] crypto: marvell: factor out first fragment decisions to helper Russell King
2015-10-18 16:24 ` [PATCH 08/18] crypto: marvell: factor out adding an operation and launching it Russell King
2015-10-18 16:24 ` [PATCH 09/18] crypto: marvell: always ensure mid-fragments after first-fragment Russell King
2015-10-18 16:24 ` [PATCH 10/18] crypto: marvell: move mv_cesa_dma_add_frag() calls Russell King
2015-10-18 16:24 ` [PATCH 11/18] crypto: marvell: use presence of scatterlist to determine data load Russell King
2015-10-18 16:24 ` [PATCH 12/18] crypto: marvell: ensure iter.base.op_len is the full op length Russell King
2015-10-18 16:24 ` [PATCH 13/18] crypto: marvell: avoid adding final operation within loop Russell King
2015-10-18 16:24 ` [PATCH 14/18] crypto: marvell: rearrange last request handling Russell King
2015-10-18 16:24 ` [PATCH 15/18] crypto: marvell: rearrange handling for hw finished hashes Russell King
2015-10-18 16:24 ` [PATCH 16/18] crypto: marvell: rearrange handling for sw padded hashes Russell King
2015-10-18 16:24 ` [PATCH 17/18] crypto: marvell: fix first-fragment handling in mv_cesa_ahash_dma_last_req() Russell King
2015-10-19 22:53 ` Arnaud Ebalard
2015-10-18 16:24 ` [PATCH 18/18] crypto: marvell/cesa: fix memory leak Russell King
2015-10-18 17:18 ` [PATCH 00/18] crypto: further fixes for Marvell CESA hash Boris Brezillon
2015-10-18 23:57 ` Arnaud Ebalard
2015-10-19 22:57 ` Arnaud Ebalard
2015-10-18 17:30 ` [PATCH 0/6] Sparse related fixes Russell King - ARM Linux
2015-10-18 17:31 ` [PATCH 1/6] crypto: marvell: use readl_relaxed()/writel_relaxed() Russell King
2015-10-18 17:31 ` [PATCH 2/6] crypto: marvell: use dma_addr_t for cur_dma Russell King
2015-10-18 17:31 ` [PATCH 3/6] crypto: marvell: use gfp_t for gfp flags Russell King
2015-10-18 17:31 ` [PATCH 4/6] crypto: marvell: use memcpy_fromio()/memcpy_toio() Russell King
2015-10-19 23:26 ` Arnaud Ebalard
2015-10-20 7:58 ` Russell King - ARM Linux
2015-10-18 17:31 ` [PATCH 5/6] crypto: marvell: fix missing cpu_to_le32() in mv_cesa_dma_add_op() Russell King
2015-10-18 17:31 ` [PATCH 6/6] crypto: marvell: use __le32 for hardware descriptors Russell King
2015-10-18 17:49 ` [PATCH 0/6] Sparse related fixes Boris Brezillon
2015-10-19 23:29 ` Arnaud Ebalard
2015-10-20 14:21 ` Herbert Xu
2015-10-20 14:20 ` [PATCH 00/18] crypto: further fixes for Marvell CESA hash Herbert Xu
2015-10-09 12:12 ` [PATCH 0/3] crypto: fixes for Marvell hash Thomas Petazzoni
2015-10-09 12:31 ` Russell King - ARM Linux
2015-10-09 12:40 ` Thomas Petazzoni
2015-10-09 14:35 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151009215158.2e6f0560@bbrezillon \
--to=boris.brezillon@free-electrons.com \
--cc=arno@natisbad.org \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=jason@lakedaemon.net \
--cc=linux-crypto@vger.kernel.org \
--cc=rmk+kernel@arm.linux.org.uk \
--cc=thomas.petazzoni@free-electrons.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).