| Message ID | 1494503626-15877-3-git-send-email-gilad@benyossef.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Delegated to: | Herbert Xu |
| Headers | show |
Hi Gilad, On Thu, May 11, 2017 at 02:53:43PM +0300, Gilad Ben-Yossef wrote: > drbg_kcapi_sym_ctr() was using wait_for_completion_interruptible() to > wait for completion of async crypto op but if a signal occurs it > may return before DMA ops of HW crypto provider finish, thus > corrupting the output buffer. > > Resolve this by using wait_for_completion() instead. > > Reported-by: Eric Biggers <ebiggers3@gmail.com> > Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> > CC: stable@vger.kernel.org > --- > crypto/drbg.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/crypto/drbg.c b/crypto/drbg.c > index fa749f4..fa9054d 100644 > --- a/crypto/drbg.c > +++ b/crypto/drbg.c > @@ -1767,8 +1767,7 @@ static int drbg_kcapi_sym_ctr(struct drbg_state *drbg, > break; > case -EINPROGRESS: > case -EBUSY: > - ret = wait_for_completion_interruptible( > - &drbg->ctr_completion); > + ret = wait_for_completion(&drbg->ctr_completion); > if (!ret && !drbg->ctr_async_err) { > reinit_completion(&drbg->ctr_completion); > break; > -- wait_for_completion() doesn't return a value. This was fixed in the next patch, but it should be done in this patch. Eric
On Thu, May 11, 2017 at 02:53:43PM +0300, Gilad Ben-Yossef wrote: > drbg_kcapi_sym_ctr() was using wait_for_completion_interruptible() to > wait for completion of async crypto op but if a signal occurs it > may return before DMA ops of HW crypto provider finish, thus > corrupting the output buffer. > > Resolve this by using wait_for_completion() instead. > > Reported-by: Eric Biggers <ebiggers3@gmail.com> > Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> > CC: stable@vger.kernel.org This patch doesn't even compile. Please test your work first. Thanks,
On Thu, May 18, 2017 at 8:09 AM, Herbert Xu <herbert@gondor.apana.org.au> wrote: > On Thu, May 11, 2017 at 02:53:43PM +0300, Gilad Ben-Yossef wrote: >> drbg_kcapi_sym_ctr() was using wait_for_completion_interruptible() to >> wait for completion of async crypto op but if a signal occurs it >> may return before DMA ops of HW crypto provider finish, thus >> corrupting the output buffer. >> >> Resolve this by using wait_for_completion() instead. >> >> Reported-by: Eric Biggers <ebiggers3@gmail.com> >> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> >> CC: stable@vger.kernel.org > > This patch doesn't even compile. Please test your work first. Sigh... I've noticed it, fixed it, compiled it and than went ahead and squashed the fix with the next patch in series instead of this one like an idiot. Please accept my apologies for wasting your time. I'll send a fixed version. Gilad > > Thanks, > -- > Email: Herbert Xu <herbert@gondor.apana.org.au> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
diff --git a/crypto/drbg.c b/crypto/drbg.c index fa749f4..fa9054d 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -1767,8 +1767,7 @@ static int drbg_kcapi_sym_ctr(struct drbg_state *drbg, break; case -EINPROGRESS: case -EBUSY: - ret = wait_for_completion_interruptible( - &drbg->ctr_completion); + ret = wait_for_completion(&drbg->ctr_completion); if (!ret && !drbg->ctr_async_err) { reinit_completion(&drbg->ctr_completion); break;
drbg_kcapi_sym_ctr() was using wait_for_completion_interruptible() to wait for completion of async crypto op but if a signal occurs it may return before DMA ops of HW crypto provider finish, thus corrupting the output buffer. Resolve this by using wait_for_completion() instead. Reported-by: Eric Biggers <ebiggers3@gmail.com> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> CC: stable@vger.kernel.org --- crypto/drbg.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)