Message ID | 25135634.rNEetDmbAf@positron.chronox.de (mailing list archive) |
---|---|
State | Changes Requested |
Delegated to: | Herbert Xu |
Headers | show |
On Sun, Sep 24, 2017 at 08:25:17AM +0200, Stephan Müller wrote: > In case the caller provides an SG with zero data, prevent a kmap of the > page pointed to by the SG. In this case, it is possible that the page > does not exist. > > This fixes a crash in authenc() when the plaintext is zero and thus the > encryption operation is a noop. In this case, no input data exists that > can be hashed. The crash is triggerable via AF_ALG from unprivileged > user space. > > Fixes: 3b2f6df08258e ("crypto: hash - Export shash through ahash") > CC: Herbert Xu <herbert@gondor.apana.org.au> > CC: <stable@vger.kernel.org> > Signed-off-by: Stephan Mueller <smueller@chronox.de> > --- > crypto/shash.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/crypto/shash.c b/crypto/shash.c > index 5e31c8d776df..32d0e1806bf4 100644 > --- a/crypto/shash.c > +++ b/crypto/shash.c > @@ -278,9 +278,11 @@ int shash_ahash_digest(struct ahash_request *req, struct shash_desc *desc) > struct scatterlist *sg = req->src; > unsigned int offset = sg->offset; > unsigned int nbytes = req->nbytes; > + unsigned int process = min(sg->length, > + ((unsigned int)(PAGE_SIZE)) - offset); > int err; > > - if (nbytes < min(sg->length, ((unsigned int)(PAGE_SIZE)) - offset)) { > + if (process && nbytes < process) { Sorry but your patch makes no sense. The only difference between your patch and the status quo is when process == zero. However, if process is zero then the if condition cannot hold since it's an unsigned comparison. So how can this patch make any difference at all? Cheers,
diff --git a/crypto/shash.c b/crypto/shash.c index 5e31c8d776df..32d0e1806bf4 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -278,9 +278,11 @@ int shash_ahash_digest(struct ahash_request *req, struct shash_desc *desc) struct scatterlist *sg = req->src; unsigned int offset = sg->offset; unsigned int nbytes = req->nbytes; + unsigned int process = min(sg->length, + ((unsigned int)(PAGE_SIZE)) - offset); int err; - if (nbytes < min(sg->length, ((unsigned int)(PAGE_SIZE)) - offset)) { + if (process && nbytes < process) { void *data; data = kmap_atomic(sg_page(sg));
In case the caller provides an SG with zero data, prevent a kmap of the page pointed to by the SG. In this case, it is possible that the page does not exist. This fixes a crash in authenc() when the plaintext is zero and thus the encryption operation is a noop. In this case, no input data exists that can be hashed. The crash is triggerable via AF_ALG from unprivileged user space. Fixes: 3b2f6df08258e ("crypto: hash - Export shash through ahash") CC: Herbert Xu <herbert@gondor.apana.org.au> CC: <stable@vger.kernel.org> Signed-off-by: Stephan Mueller <smueller@chronox.de> --- crypto/shash.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)