diff mbox series

[1/32] crypto: api - Add scaffolding to change completion function signature

Message ID E1pMlaL-005vdz-D5@formenos.hmeau.com (mailing list archive)
State Accepted
Delegated to: Herbert Xu
Headers show
Series crypto: api - Prepare to change callback argument to void star | expand

Commit Message

Herbert Xu Jan. 31, 2023, 8:01 a.m. UTC
The crypto completion function currently takes a pointer to a
struct crypto_async_request object.  However, in reality the API
does not allow the use of any part of the object apart from the
data field.  For example, ahash/shash will create a fake object
on the stack to pass along a different data field.

This leads to potential bugs where the user may try to dereference
or otherwise use the crypto_async_request object.

This patch adds some temporary scaffolding so that the completion
function can take a void * instead.  Once affected users have been
converted this can be removed.

The helper crypto_request_complete will remain even after the
conversion is complete.  It should be used instead of calling
the completion functino directly.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---

 include/crypto/algapi.h |    7 +++++++
 include/linux/crypto.h  |    6 ++++++
 2 files changed, 13 insertions(+)

Comments

Cabiddu, Giovanni Feb. 1, 2023, 4:41 p.m. UTC | #1
On Tue, Jan 31, 2023 at 04:01:45PM +0800, Herbert Xu wrote:
> The crypto completion function currently takes a pointer to a
> struct crypto_async_request object.  However, in reality the API
> does not allow the use of any part of the object apart from the
> data field.  For example, ahash/shash will create a fake object
> on the stack to pass along a different data field.
> 
> This leads to potential bugs where the user may try to dereference
> or otherwise use the crypto_async_request object.
> 
> This patch adds some temporary scaffolding so that the completion
> function can take a void * instead.  Once affected users have been
> converted this can be removed.
> 
> The helper crypto_request_complete will remain even after the
> conversion is complete.  It should be used instead of calling
> the completion functino directly.
Typo
/s/functino/function

> 
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Reviewed-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
diff mbox series

Patch

diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h
index 61b327206b55..1fd81e74a174 100644
--- a/include/crypto/algapi.h
+++ b/include/crypto/algapi.h
@@ -302,4 +302,11 @@  enum {
 	CRYPTO_MSG_ALG_LOADED,
 };
 
+static inline void crypto_request_complete(struct crypto_async_request *req,
+					   int err)
+{
+	crypto_completion_t complete = req->complete;
+	complete(req, err);
+}
+
 #endif	/* _CRYPTO_ALGAPI_H */
diff --git a/include/linux/crypto.h b/include/linux/crypto.h
index 5d1e961f810e..b18f6e669fb1 100644
--- a/include/linux/crypto.h
+++ b/include/linux/crypto.h
@@ -176,6 +176,7 @@  struct crypto_async_request;
 struct crypto_tfm;
 struct crypto_type;
 
+typedef struct crypto_async_request crypto_completion_data_t;
 typedef void (*crypto_completion_t)(struct crypto_async_request *req, int err);
 
 /**
@@ -595,6 +596,11 @@  struct crypto_wait {
 /*
  * Async ops completion helper functioons
  */
+static inline void *crypto_get_completion_data(crypto_completion_data_t *req)
+{
+	return req->data;
+}
+
 void crypto_req_done(struct crypto_async_request *req, int err);
 
 static inline int crypto_wait_req(int err, struct crypto_wait *wait)