Linux cryptographic layer development
 help / color / mirror / Atom feed
* [PATCH v3 0/2] Fix out-of-bounds memory accesses in generic-gcm-aesni
@ 2017-12-21  1:08 Junaid Shahid
  2017-12-21  1:08 ` [PATCH v3 1/2] crypto: Fix out-of-bounds access of the data buffer " Junaid Shahid
                   ` (2 more replies)
  0 siblings, 3 replies; 5+ messages in thread
From: Junaid Shahid @ 2017-12-21  1:08 UTC (permalink / raw)
  To: herbert; +Cc: linux-crypto, andreslc, davem, gthelen, ebiggers3

Changelog:
v3:
- Fixed a bug in READ_PARTIAL_BLOCK when used for reading the AAD
- Some refactoring per CR feedback
v2:
- Also fixed issue 2 described below
v1:
- Fixed issue 1 described below        

The aesni_gcm_enc/dec functions can access memory before the start or end of
the supplied src buffer. This can happen if either:

1. The data length is less than 16 bytes and there is no AAD or the AAD
   length is not enough to cover the underrun. In this case, memory before
   the start of the buffer would be accessed.
2. The AAD length is not a multiple of 4 bytes and the data length is too
   small to cover the overrun. In this case, memory after the end of the
   buffer would be accessed.

This was not a problem when rfc4106-gcm-aesni was the only mode supported by
the aesni module, as in that case there is always enough AAD and IV bytes to
cover the out-of-bounds accesses. However, that is no longer the case with
the generic-gcm-aesni mode. This could potentially result in accessing pages
that are not mapped, thus causing a crash.


Junaid Shahid (2):
  crypto: Fix out-of-bounds access of the data buffer in
    generic-gcm-aesni
  crypto: Fix out-of-bounds access of the AAD buffer in
    generic-gcm-aesni

 arch/x86/crypto/aesni-intel_asm.S | 199 +++++++++++---------------------------
 1 file changed, 57 insertions(+), 142 deletions(-)

-- 
2.15.1.620.gb9897f4670-goog

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2017-12-28  7:09 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-12-21  1:08 [PATCH v3 0/2] Fix out-of-bounds memory accesses in generic-gcm-aesni Junaid Shahid
2017-12-21  1:08 ` [PATCH v3 1/2] crypto: Fix out-of-bounds access of the data buffer " Junaid Shahid
2017-12-21  2:09   ` Junaid Shahid
2017-12-21  1:08 ` [PATCH v3 2/2] crypto: Fix out-of-bounds access of the AAD " Junaid Shahid
2017-12-28  7:08 ` [PATCH v3 0/2] Fix out-of-bounds memory accesses " Herbert Xu

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox