* [PATCH] cryptodev: Handle unexpected request to avoid crash
@ 2023-04-27 8:05 zhenwei pi
2023-05-26 3:38 ` Lei He
0 siblings, 1 reply; 3+ messages in thread
From: zhenwei pi @ 2023-04-27 8:05 UTC (permalink / raw)
To: mst, arei.gonglei
Cc: qemu-devel, zhenwei pi, Mauro Matteo Cascella, Xiao Lei,
Yongkang Jia, Yiming Tao
Generally guest side should discover which services the device is
able to offer, then do requests on device.
However it's also possible to break this rule in a guest. Handle
unexpected request here to avoid NULL pointer dereference.
Fixes: e7a775fd ('cryptodev: Account statistics')
Cc: Gonglei <arei.gonglei@huawei.com>
Cc: Mauro Matteo Cascella <mcascell@redhat.com>
Cc: Xiao Lei <nop.leixiao@gmail.com>
Cc: Yongkang Jia <kangel@zju.edu.cn>
Reported-by: Yiming Tao <taoym@zju.edu.cn>
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
---
backends/cryptodev.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/backends/cryptodev.c b/backends/cryptodev.c
index 94ca393cee..d3fe92d8c0 100644
--- a/backends/cryptodev.c
+++ b/backends/cryptodev.c
@@ -191,6 +191,11 @@ static int cryptodev_backend_account(CryptoDevBackend *backend,
if (algtype == QCRYPTODEV_BACKEND_ALG_ASYM) {
CryptoDevBackendAsymOpInfo *asym_op_info = op_info->u.asym_op_info;
len = asym_op_info->src_len;
+
+ if (unlikely(!backend->asym_stat)) {
+ error_report("cryptodev: Unexpected asym operation");
+ return -VIRTIO_CRYPTO_NOTSUPP;
+ }
switch (op_info->op_code) {
case VIRTIO_CRYPTO_AKCIPHER_ENCRYPT:
CryptodevAsymStatIncEncrypt(backend, len);
@@ -210,6 +215,11 @@ static int cryptodev_backend_account(CryptoDevBackend *backend,
} else if (algtype == QCRYPTODEV_BACKEND_ALG_SYM) {
CryptoDevBackendSymOpInfo *sym_op_info = op_info->u.sym_op_info;
len = sym_op_info->src_len;
+
+ if (unlikely(!backend->sym_stat)) {
+ error_report("cryptodev: Unexpected sym operation");
+ return -VIRTIO_CRYPTO_NOTSUPP;
+ }
switch (op_info->op_code) {
case VIRTIO_CRYPTO_CIPHER_ENCRYPT:
CryptodevSymStatIncEncrypt(backend, len);
--
2.34.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] cryptodev: Handle unexpected request to avoid crash
2023-04-27 8:05 [PATCH] cryptodev: Handle unexpected request to avoid crash zhenwei pi
@ 2023-05-26 3:38 ` Lei He
2023-06-25 0:00 ` zhenwei pi
0 siblings, 1 reply; 3+ messages in thread
From: Lei He @ 2023-05-26 3:38 UTC (permalink / raw)
To: zhenwei pi
Cc: Lei He, mst, arei.gonglei, qemu-devel, Mauro Matteo Cascella,
Xiao Lei, Yongkang Jia, Yiming Tao
> On Apr 27, 2023, at 16:05, zhenwei pi <pizhenwei@bytedance.com> wrote:
>
> Generally guest side should discover which services the device is
> able to offer, then do requests on device.
>
> However it's also possible to break this rule in a guest. Handle
> unexpected request here to avoid NULL pointer dereference.
>
> Fixes: e7a775fd ('cryptodev: Account statistics')
> Cc: Gonglei <arei.gonglei@huawei.com>
> Cc: Mauro Matteo Cascella <mcascell@redhat.com>
> Cc: Xiao Lei <nop.leixiao@gmail.com>
> Cc: Yongkang Jia <kangel@zju.edu.cn>
> Reported-by: Yiming Tao <taoym@zju.edu.cn>
> Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
> ---
> backends/cryptodev.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/backends/cryptodev.c b/backends/cryptodev.c
> index 94ca393cee..d3fe92d8c0 100644
> --- a/backends/cryptodev.c
> +++ b/backends/cryptodev.c
> @@ -191,6 +191,11 @@ static int cryptodev_backend_account(CryptoDevBackend *backend,
> if (algtype == QCRYPTODEV_BACKEND_ALG_ASYM) {
> CryptoDevBackendAsymOpInfo *asym_op_info = op_info->u.asym_op_info;
> len = asym_op_info->src_len;
> +
> + if (unlikely(!backend->asym_stat)) {
> + error_report("cryptodev: Unexpected asym operation");
> + return -VIRTIO_CRYPTO_NOTSUPP;
> + }
> switch (op_info->op_code) {
> case VIRTIO_CRYPTO_AKCIPHER_ENCRYPT:
> CryptodevAsymStatIncEncrypt(backend, len);
> @@ -210,6 +215,11 @@ static int cryptodev_backend_account(CryptoDevBackend *backend,
> } else if (algtype == QCRYPTODEV_BACKEND_ALG_SYM) {
> CryptoDevBackendSymOpInfo *sym_op_info = op_info->u.sym_op_info;
> len = sym_op_info->src_len;
> +
> + if (unlikely(!backend->sym_stat)) {
> + error_report("cryptodev: Unexpected sym operation");
> + return -VIRTIO_CRYPTO_NOTSUPP;
> + }
> switch (op_info->op_code) {
> case VIRTIO_CRYPTO_CIPHER_ENCRYPT:
> CryptodevSymStatIncEncrypt(backend, len);
> --
> 2.34.1
>
Reviewed-by: Lei He <helei.sig11@bytedance.com>
Best regards,
Lei He
--
helei.sig11@bytedance.com
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] cryptodev: Handle unexpected request to avoid crash
2023-05-26 3:38 ` Lei He
@ 2023-06-25 0:00 ` zhenwei pi
0 siblings, 0 replies; 3+ messages in thread
From: zhenwei pi @ 2023-06-25 0:00 UTC (permalink / raw)
To: mst
Cc: Lei He, arei.gonglei, qemu-devel, Mauro Matteo Cascella, Xiao Lei,
Yongkang Jia, Yiming Tao
Hi Michael
Could you please apply this patch?
On 5/26/23 11:38, Lei He wrote:
>
>> On Apr 27, 2023, at 16:05, zhenwei pi <pizhenwei@bytedance.com> wrote:
>>
>> Generally guest side should discover which services the device is
>> able to offer, then do requests on device.
>>
>> However it's also possible to break this rule in a guest. Handle
>> unexpected request here to avoid NULL pointer dereference.
>>
>> Fixes: e7a775fd ('cryptodev: Account statistics')
>> Cc: Gonglei <arei.gonglei@huawei.com>
>> Cc: Mauro Matteo Cascella <mcascell@redhat.com>
>> Cc: Xiao Lei <nop.leixiao@gmail.com>
>> Cc: Yongkang Jia <kangel@zju.edu.cn>
>> Reported-by: Yiming Tao <taoym@zju.edu.cn>
>> Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
>> ---
>> backends/cryptodev.c | 10 ++++++++++
>> 1 file changed, 10 insertions(+)
>>
>> diff --git a/backends/cryptodev.c b/backends/cryptodev.c
>> index 94ca393cee..d3fe92d8c0 100644
>> --- a/backends/cryptodev.c
>> +++ b/backends/cryptodev.c
>> @@ -191,6 +191,11 @@ static int cryptodev_backend_account(CryptoDevBackend *backend,
>> if (algtype == QCRYPTODEV_BACKEND_ALG_ASYM) {
>> CryptoDevBackendAsymOpInfo *asym_op_info = op_info->u.asym_op_info;
>> len = asym_op_info->src_len;
>> +
>> + if (unlikely(!backend->asym_stat)) {
>> + error_report("cryptodev: Unexpected asym operation");
>> + return -VIRTIO_CRYPTO_NOTSUPP;
>> + }
>> switch (op_info->op_code) {
>> case VIRTIO_CRYPTO_AKCIPHER_ENCRYPT:
>> CryptodevAsymStatIncEncrypt(backend, len);
>> @@ -210,6 +215,11 @@ static int cryptodev_backend_account(CryptoDevBackend *backend,
>> } else if (algtype == QCRYPTODEV_BACKEND_ALG_SYM) {
>> CryptoDevBackendSymOpInfo *sym_op_info = op_info->u.sym_op_info;
>> len = sym_op_info->src_len;
>> +
>> + if (unlikely(!backend->sym_stat)) {
>> + error_report("cryptodev: Unexpected sym operation");
>> + return -VIRTIO_CRYPTO_NOTSUPP;
>> + }
>> switch (op_info->op_code) {
>> case VIRTIO_CRYPTO_CIPHER_ENCRYPT:
>> CryptodevSymStatIncEncrypt(backend, len);
>> --
>> 2.34.1
>>
>
> Reviewed-by: Lei He <helei.sig11@bytedance.com>
>
>
> Best regards,
> Lei He
> --
> helei.sig11@bytedance.com
>
>
>
--
zhenwei pi
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-06-25 0:03 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-04-27 8:05 [PATCH] cryptodev: Handle unexpected request to avoid crash zhenwei pi
2023-05-26 3:38 ` Lei He
2023-06-25 0:00 ` zhenwei pi
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).