diff mbox series

crypto: add missing kernel_fpu_end() call

Message ID 20210730134155.1005358-1-chouhan.shreyansh630@gmail.com (mailing list archive)
State Changes Requested
Delegated to: Herbert Xu
Headers show
Series crypto: add missing kernel_fpu_end() call | expand

Commit Message

Shreyansh Chouhan July 30, 2021, 1:41 p.m. UTC 
xts_crypt() code doesn't call kernel_fpu_end() after calling
kernel_fpu_begin() if walk.nbytes is 0. Add a call to kernel_fpu_end()
for this case.

Reported-by: syzbot+20191dc583eff8602d2d@syzkaller.appspotmail.com
Signed-off-by: Shreyansh Chouhan <chouhan.shreyansh630@gmail.com>
---
 arch/x86/crypto/aesni-intel_glue.c | 3 +++
 1 file changed, 3 insertions(+)

Comments

Herbert Xu Aug. 6, 2021, 8:23 a.m. UTC | #1 
On Fri, Jul 30, 2021 at 07:11:55PM +0530, Shreyansh Chouhan wrote:
> xts_crypt() code doesn't call kernel_fpu_end() after calling
> kernel_fpu_begin() if walk.nbytes is 0. Add a call to kernel_fpu_end()
> for this case.
> 
> Reported-by: syzbot+20191dc583eff8602d2d@syzkaller.appspotmail.com
> Signed-off-by: Shreyansh Chouhan <chouhan.shreyansh630@gmail.com>
> ---
>  arch/x86/crypto/aesni-intel_glue.c | 3 +++
>  1 file changed, 3 insertions(+)

Ard?

> diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c
> index 2144e54a6c89..bd55a0cd7bde 100644
> --- a/arch/x86/crypto/aesni-intel_glue.c
> +++ b/arch/x86/crypto/aesni-intel_glue.c
> @@ -894,6 +894,9 @@ static int xts_crypt(struct skcipher_request *req, bool encrypt)
>  			kernel_fpu_begin();
>  	}
>  
> +	if (walk.nbytes == 0)
> +		kernel_fpu_end();
> +
>  	if (unlikely(tail > 0 && !err)) {
>  		struct scatterlist sg_src[2], sg_dst[2];
>  		struct scatterlist *src, *dst;
> -- 
> 2.31.1
Ard Biesheuvel Aug. 6, 2021, 9:05 a.m. UTC | #2 
On Fri, 6 Aug 2021 at 10:23, Herbert Xu <herbert@gondor.apana.org.au> wrote:
>
> On Fri, Jul 30, 2021 at 07:11:55PM +0530, Shreyansh Chouhan wrote:
> > xts_crypt() code doesn't call kernel_fpu_end() after calling
> > kernel_fpu_begin() if walk.nbytes is 0. Add a call to kernel_fpu_end()
> > for this case.
> >
> > Reported-by: syzbot+20191dc583eff8602d2d@syzkaller.appspotmail.com
> > Signed-off-by: Shreyansh Chouhan <chouhan.shreyansh630@gmail.com>
> > ---
> >  arch/x86/crypto/aesni-intel_glue.c | 3 +++
> >  1 file changed, 3 insertions(+)
>
> Ard?
>
> > diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c
> > index 2144e54a6c89..bd55a0cd7bde 100644
> > --- a/arch/x86/crypto/aesni-intel_glue.c
> > +++ b/arch/x86/crypto/aesni-intel_glue.c
> > @@ -894,6 +894,9 @@ static int xts_crypt(struct skcipher_request *req, bool encrypt)
> >                       kernel_fpu_begin();
> >       }
> >
> > +     if (walk.nbytes == 0)
> > +             kernel_fpu_end();
> > +

Don't we end up calling kernel_fpu_end() twice this way if we do enter
the while() loop at least once?


> >       if (unlikely(tail > 0 && !err)) {
> >               struct scatterlist sg_src[2], sg_dst[2];
> >               struct scatterlist *src, *dst;
> > --
> > 2.31.1
>
> --
> Email: Herbert Xu <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Ard Biesheuvel Aug. 6, 2021, 9:07 a.m. UTC | #3 
On Fri, 6 Aug 2021 at 11:05, Ard Biesheuvel <ardb@kernel.org> wrote:
>
> On Fri, 6 Aug 2021 at 10:23, Herbert Xu <herbert@gondor.apana.org.au> wrote:
> >
> > On Fri, Jul 30, 2021 at 07:11:55PM +0530, Shreyansh Chouhan wrote:
> > > xts_crypt() code doesn't call kernel_fpu_end() after calling
> > > kernel_fpu_begin() if walk.nbytes is 0. Add a call to kernel_fpu_end()
> > > for this case.
> > >
> > > Reported-by: syzbot+20191dc583eff8602d2d@syzkaller.appspotmail.com
> > > Signed-off-by: Shreyansh Chouhan <chouhan.shreyansh630@gmail.com>
> > > ---
> > >  arch/x86/crypto/aesni-intel_glue.c | 3 +++
> > >  1 file changed, 3 insertions(+)
> >
> > Ard?
> >
> > > diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c
> > > index 2144e54a6c89..bd55a0cd7bde 100644
> > > --- a/arch/x86/crypto/aesni-intel_glue.c
> > > +++ b/arch/x86/crypto/aesni-intel_glue.c
> > > @@ -894,6 +894,9 @@ static int xts_crypt(struct skcipher_request *req, bool encrypt)
> > >                       kernel_fpu_begin();
> > >       }
> > >
> > > +     if (walk.nbytes == 0)
> > > +             kernel_fpu_end();
> > > +
>
> Don't we end up calling kernel_fpu_end() twice this way if we do enter
> the while() loop at least once?
>

How about the below instead, does that work?

--- a/arch/x86/crypto/aesni-intel_glue.c
+++ b/arch/x86/crypto/aesni-intel_glue.c
@@ -849,7 +849,7 @@ static int xts_crypt(struct skcipher_request *req,
bool encrypt)
                return -EINVAL;

        err = skcipher_walk_virt(&walk, req, false);
-       if (err)
+       if (err || !walk.nbytes)
                return err;

        if (unlikely(tail > 0 && walk.nbytes < walk.total)) {
Shreyansh Chouhan Aug. 6, 2021, 10:36 a.m. UTC | #4 
Hi,

On Fri, Aug 06, 2021 at 11:07:43AM +0200, Ard Biesheuvel wrote:
> On Fri, 6 Aug 2021 at 11:05, Ard Biesheuvel <ardb@kernel.org> wrote:
> >
> > On Fri, 6 Aug 2021 at 10:23, Herbert Xu <herbert@gondor.apana.org.au> wrote:
> > >
> > > On Fri, Jul 30, 2021 at 07:11:55PM +0530, Shreyansh Chouhan wrote:
> > > > xts_crypt() code doesn't call kernel_fpu_end() after calling
> > > > kernel_fpu_begin() if walk.nbytes is 0. Add a call to kernel_fpu_end()
> > > > for this case.
> > > >
> > > > Reported-by: syzbot+20191dc583eff8602d2d@syzkaller.appspotmail.com
> > > > Signed-off-by: Shreyansh Chouhan <chouhan.shreyansh630@gmail.com>
> > > > ---
> > > >  arch/x86/crypto/aesni-intel_glue.c | 3 +++
> > > >  1 file changed, 3 insertions(+)
> > >
> > > Ard?
> > >
> > > > diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c
> > > > index 2144e54a6c89..bd55a0cd7bde 100644
> > > > --- a/arch/x86/crypto/aesni-intel_glue.c
> > > > +++ b/arch/x86/crypto/aesni-intel_glue.c
> > > > @@ -894,6 +894,9 @@ static int xts_crypt(struct skcipher_request *req, bool encrypt)
> > > >                       kernel_fpu_begin();
> > > >       }
> > > >
> > > > +     if (walk.nbytes == 0)
> > > > +             kernel_fpu_end();
> > > > +
> >
> > Don't we end up calling kernel_fpu_end() twice this way if we do enter
> > the while() loop at least once?
> >

Oh ha, we do. I missed that.

> 
> How about the below instead, does that work?
> 

This should work. I will resend the updated patch.

> --- a/arch/x86/crypto/aesni-intel_glue.c
> +++ b/arch/x86/crypto/aesni-intel_glue.c
> @@ -849,7 +849,7 @@ static int xts_crypt(struct skcipher_request *req,
> bool encrypt)
>                 return -EINVAL;
> 
>         err = skcipher_walk_virt(&walk, req, false);
> -       if (err)
> +       if (err || !walk.nbytes)
>                 return err;
> 
>         if (unlikely(tail > 0 && walk.nbytes < walk.total)) {

Thanks a lot for the review.

Regards,
Shreyansh Chouhan
diff mbox series

Patch

diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c
index 2144e54a6c89..bd55a0cd7bde 100644
--- a/arch/x86/crypto/aesni-intel_glue.c
+++ b/arch/x86/crypto/aesni-intel_glue.c
@@ -894,6 +894,9 @@  static int xts_crypt(struct skcipher_request *req, bool encrypt)
 			kernel_fpu_begin();
 	}
 
+	if (walk.nbytes == 0)
+		kernel_fpu_end();
+
 	if (unlikely(tail > 0 && !err)) {
 		struct scatterlist sg_src[2], sg_dst[2];
 		struct scatterlist *src, *dst;