From patchwork Thu Sep 6 22:58:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10591287 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 79AA214BD for ; Thu, 6 Sep 2018 23:00:59 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 659442B163 for ; Thu, 6 Sep 2018 23:00:59 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 5645E2B1BC; Thu, 6 Sep 2018 23:00:59 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id CF93A2B163 for ; Thu, 6 Sep 2018 23:00:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=RTajOFiETZmBaMuz6xSdERIcFFvrqlVKcSaBMxcNo60=; b=BfW5KrHzjBdthn8sQIe9r+OjiN yn3APERrAoGkKILA8c43tcBqGJ3rXuJ/RS6iOlcbh+9uC23/5+Qwvwp/WQJxlIT6Th7tNbWn/S841 cX7+mJdN5Rp0y9CYM3u1iEK/MrqceNdwoc+k1CW13R0qowsX+pnL2EgWAfhcUkYbmchF/feLSweOC wEp4bljIwS4kjiGJnL/kOinSLithijpduOc5YZwk75phTCr50wORdDALlGHAhbBcC0nOTJ4TNNh+9 Bt74NIG9gz0pn+9ma3n1FkWpaN3fsXmeF/+leyDKdZWETdZ/AkPQmDsURph1iHijgU8eMYp88NH3e b9VLYn/w==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fy3Ga-0007I7-Kg; Thu, 06 Sep 2018 23:00:48 +0000 Received: from mail-pg1-x542.google.com ([2607:f8b0:4864:20::542]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fy3F4-0005UV-EF for linux-arm-kernel@lists.infradead.org; Thu, 06 Sep 2018 22:59:25 +0000 Received: by mail-pg1-x542.google.com with SMTP id i190-v6so5965114pgc.6 for ; Thu, 06 Sep 2018 15:59:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Wn1xc2a52/YzUXoT89DRQC4Gh3I1xq3VItrgerNYRaI=; b=ad1SXRMi+5hbLSEcUC/UXO8Jj0MKw6UIUyqTWifZb+HYi72gUyQ2sXKP7yEGYQ2GK4 e41qqQQVvgDrvrUoUERmHIbGIxKBuhn4lk84RD1TY7TrAgvr8/x/hVVV7Jg2AcUdY0T9 uNwOw6ZRp3MCYKyOPNj5tmp5dbBVAFao9NxSs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Wn1xc2a52/YzUXoT89DRQC4Gh3I1xq3VItrgerNYRaI=; b=WlmndwsyuRW4YDPIOCuHRuuNHz3pDGO7lrVQ8ioIoBeEVPcqz2IT9Bd/IOvNkBvVqN uNfD0Ezk/eeBXr1AziyI0SMyjJZoBG7Mgf/9yuDI4V6dPFx7TUiwtXLaAo7A1oEWkSYd E8iNAbr7YzF61CddzYQLCr1RfXJnLVu7BJdetAzT4erKmnau+Ufjm3LsgqHFoSixPlIN +Kbmdw9HGMnwl9hDp87s5vzHJ3L03prSb7O/22vFExd3+T1KMFo7bDw7s25YIN42bCjf BsW9Zm+ahq8I7+qKOCIdfbf1K1MzWMNOVky3kBVNhqLb+UV+/jYipl0yxH4ewIDC7mdS XJBg== X-Gm-Message-State: APzg51AXSY0grNO0z50GoKqlBr136k3WTp4vStIYWCGpXMn7RhEJRWVu SA+x8/gswBQMLz+iJdiOl/ZN8Q== X-Google-Smtp-Source: ANB0VdZmpC0GjqPnXs1TkQsf/g68wgkpClc0K71bWag0b15DWWZhxZhibMXOAOY9t0F+ZLs+SK9d3g== X-Received: by 2002:a63:ef10:: with SMTP id u16-v6mr5166270pgh.269.1536274745780; Thu, 06 Sep 2018 15:59:05 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id l10-v6sm8963572pfj.179.2018.09.06.15.59.01 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 06 Sep 2018 15:59:01 -0700 (PDT) From: Kees Cook To: Herbert Xu Subject: [PATCH v2 2/4] crypto: skcipher - Enforce non-ASYNC for on-stack requests Date: Thu, 6 Sep 2018 15:58:52 -0700 Message-Id: <20180906225854.40989-3-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180906225854.40989-1-keescook@chromium.org> References: <20180906225854.40989-1-keescook@chromium.org> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180906_155914_484738_E86FC8DB X-CRM114-Status: GOOD ( 15.39 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Maxime Ripard , Arnaud Ebalard , Kees Cook , Christian Lamparter , Ard Biesheuvel , Antoine Tenart , Boris Brezillon , Eric Biggers , linux-kernel@vger.kernel.org, Gilad Ben-Yossef , Chen-Yu Tsai , Corentin Labbe , linux-crypto@vger.kernel.org, Jonathan Cameron , Philippe Ombredanne , linux-arm-kernel@lists.infradead.org, Alexander Stein MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP Check at use-time whether an skcipher request is on the stack. If it is, enforce that it must be backed by a synchronous algorithm, as is required: https://www.redhat.com/archives/dm-devel/2018-January/msg00087.html Co-developed-by: Ard Biesheuvel Signed-off-by: Kees Cook --- include/crypto/skcipher.h | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h index 6e954d398e0f..3aabd5d098ed 100644 --- a/include/crypto/skcipher.h +++ b/include/crypto/skcipher.h @@ -19,6 +19,7 @@ /** * struct skcipher_request - Symmetric key cipher request + * @__onstack: 1 if the request was allocated by SKCIPHER_REQUEST_ON_STACK * @cryptlen: Number of bytes to encrypt or decrypt * @iv: Initialisation Vector * @src: Source SG list @@ -27,6 +28,7 @@ * @__ctx: Start of private context data */ struct skcipher_request { + unsigned char __onstack; unsigned int cryptlen; u8 *iv; @@ -139,9 +141,12 @@ struct skcipher_alg { struct crypto_alg base; }; +/* + * This must only ever be used with synchronous algorithms. + */ #define SKCIPHER_REQUEST_ON_STACK(name, tfm) \ char __##name##_desc[sizeof(struct skcipher_request) + \ - crypto_skcipher_reqsize(tfm)] CRYPTO_MINALIGN_ATTR; \ + crypto_skcipher_reqsize(tfm)] CRYPTO_MINALIGN_ATTR = { 1 }; \ struct skcipher_request *name = (void *)__##name##_desc /** @@ -437,6 +442,12 @@ static inline struct crypto_skcipher *crypto_skcipher_reqtfm_check( { struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); + if (req->__onstack) { + if (WARN_ON(crypto_skcipher_alg(tfm)->base.cra_flags & + CRYPTO_ALG_ASYNC)) + return ERR_PTR(-EINVAL); + } + if (crypto_skcipher_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) return ERR_PTR(-ENOKEY);