From patchwork Thu Aug  2 09:14:59 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ondrej Mosnacek <omosnace@redhat.com>
X-Patchwork-Id: 10553369
X-Patchwork-Delegate: herbert@gondor.apana.org.au
Return-Path: <linux-crypto-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C534F13BB
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Thu,  2 Aug 2018 09:17:14 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BFF342BA5D
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Thu,  2 Aug 2018 09:17:14 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id B42582BA63; Thu,  2 Aug 2018 09:17:14 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4A1BA2BA5D
	for <patchwork-linux-crypto@patchwork.kernel.org>;
 Thu,  2 Aug 2018 09:17:14 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727189AbeHBLH2 (ORCPT
        <rfc822;patchwork-linux-crypto@patchwork.kernel.org>);
        Thu, 2 Aug 2018 07:07:28 -0400
Received: from mail-wr1-f66.google.com ([209.85.221.66]:45981 "EHLO
        mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1729643AbeHBLH2 (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Thu, 2 Aug 2018 07:07:28 -0400
Received: by mail-wr1-f66.google.com with SMTP id f12-v6so1332735wrv.12
        for <linux-crypto@vger.kernel.org>;
 Thu, 02 Aug 2018 02:17:11 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id;
        bh=6A8vYMXsmJTAhVESnlhF12deGzv3Oea/jOAfsQlERL4=;
        b=ZMg8fhnrgHE8qutKxNdWDvtgZOjOHiS4ux/M2CaJAkIdQucD0/pYXZUBcGUJeyMDXC
         DFEaimpW2UcceeVCZxyPD2R1o06a3K8DipryrUR5Q+VJhW/m4e51d5S62K87YO3MmVEN
         NGV5pEdbVP4dtwtYXf2xEyTeBBnoKoCy19LnANHvLUuRBEkCaeapJO1WVe+vMsgcxfHq
         ykx0viGZG9IrjrRWAaApFnC9Iw72oLfOMIEVlGBHOFvWrqMJVLfrRvZpoe8+fsf6wZCH
         HJW5tbMhzBa9ue70mJaFllS7RZ35ruHAMS2UcDFWPfUt0eaSTves8+tAh3yozOiA9+MG
         TPuw==
X-Gm-Message-State: AOUpUlGdfexFmn63K9R4K8ShEape98dQ6sSBXq4tppimIGGgU7haqQaR
        r65WJU9ndudzYrRk6goCVyGdZLRB3C0=
X-Google-Smtp-Source: 
 AAOMgpcrPkicLnqfMdf7bwLnig5e1FP1tyADV6qX1yZql5Jr7berLVDikcAJk1m9P6KAXJLoQ3QaAQ==
X-Received: by 2002:a5d:67c6:: with SMTP id
 n6-v6mr1330026wrw.39.1533201431260;
        Thu, 02 Aug 2018 02:17:11 -0700 (PDT)
Received: from localhost.localdomain.com (nat-pool-brq-t.redhat.com.
 [213.175.37.10])
        by smtp.gmail.com with ESMTPSA id
 w4-v6sm1016113wrt.40.2018.08.02.02.17.10
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Thu, 02 Aug 2018 02:17:10 -0700 (PDT)
From: Ondrej Mosnacek <omosnace@redhat.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: linux-crypto@vger.kernel.org, x86@kernel.org,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>,
        Andi Kleen <ak@linux.intel.com>,
        Milan Broz <gmazyland@gmail.com>,
        Ondrej Mosnacek <omosnace@redhat.com>
Subject: [PATCH] crypto: x86/aegis - Fix CPUID checks
Date: Thu,  2 Aug 2018 11:14:59 +0200
Message-Id: <20180802091459.28358-1-omosnace@redhat.com>
X-Mailer: git-send-email 2.17.1
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

It turns out I had misunderstood how the x86_match_cpu() function works.
It evaluates a logical OR of the matching conditions, not logical AND.
This caused the CPU feature checks to pass even if only SSE2 (but not
AES-NI) was supported (ir vice versa), leading to potential crashes if
something tried to use the registered algs.

This patch fixes the checks to ensure that both required CPU features
are supported. The MODULE_DEVICE_TABLE declaration is specified only for
the AES-NI feature array, because I'm not sure what having multiple such
declarations would cause and I believe it should suffice to match on the
more important feature at the alias level and let the init routine do
the full check.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
---
Hi Herbert,

this patch fixes the CPU checks of the AEGIS AES-NI/SSE2 implementations
that have been introduced in 4.18. Once reviewed, it should go to Linus'
tree since it may cause crashes on some systems if the corresponding
configs are enabled.

@x86 folks, please take a look if I use the MODULE_DEVICE_TABLE macro
correctly here (I'm not sure how to properly declare that the module
needs two CPU features to be both supported; all other modules I saw had
either only single match rule or required just one of the rules to
match).

Thanks,

Ondrej Mosnacek

 arch/x86/crypto/aegis128-aesni-glue.c  | 8 ++++++--
 arch/x86/crypto/aegis128l-aesni-glue.c | 8 ++++++--
 arch/x86/crypto/aegis256-aesni-glue.c  | 8 ++++++--
 3 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/arch/x86/crypto/aegis128-aesni-glue.c b/arch/x86/crypto/aegis128-aesni-glue.c
index 5de7c0d46edf..6a5abed59593 100644
--- a/arch/x86/crypto/aegis128-aesni-glue.c
+++ b/arch/x86/crypto/aegis128-aesni-glue.c
@@ -377,14 +377,18 @@ static struct aead_alg crypto_aegis128_aesni_alg[] = {
 
 static const struct x86_cpu_id aesni_cpu_id[] = {
 	X86_FEATURE_MATCH(X86_FEATURE_AES),
-	X86_FEATURE_MATCH(X86_FEATURE_XMM2),
 	{}
 };
 MODULE_DEVICE_TABLE(x86cpu, aesni_cpu_id);
 
+static const struct x86_cpu_id sse2_cpu_id[] = {
+	X86_FEATURE_MATCH(X86_FEATURE_XMM2),
+	{}
+};
+
 static int __init crypto_aegis128_aesni_module_init(void)
 {
-	if (!x86_match_cpu(aesni_cpu_id))
+	if (!x86_match_cpu(aesni_cpu_id) || !x86_match_cpu(sse2_cpu_id))
 		return -ENODEV;
 
 	return crypto_register_aeads(crypto_aegis128_aesni_alg,
diff --git a/arch/x86/crypto/aegis128l-aesni-glue.c b/arch/x86/crypto/aegis128l-aesni-glue.c
index 876e4866e633..691c52701c2d 100644
--- a/arch/x86/crypto/aegis128l-aesni-glue.c
+++ b/arch/x86/crypto/aegis128l-aesni-glue.c
@@ -377,14 +377,18 @@ static struct aead_alg crypto_aegis128l_aesni_alg[] = {
 
 static const struct x86_cpu_id aesni_cpu_id[] = {
 	X86_FEATURE_MATCH(X86_FEATURE_AES),
-	X86_FEATURE_MATCH(X86_FEATURE_XMM2),
 	{}
 };
 MODULE_DEVICE_TABLE(x86cpu, aesni_cpu_id);
 
+static const struct x86_cpu_id sse2_cpu_id[] = {
+	X86_FEATURE_MATCH(X86_FEATURE_XMM2),
+	{}
+};
+
 static int __init crypto_aegis128l_aesni_module_init(void)
 {
-	if (!x86_match_cpu(aesni_cpu_id))
+	if (!x86_match_cpu(aesni_cpu_id) || !x86_match_cpu(sse2_cpu_id))
 		return -ENODEV;
 
 	return crypto_register_aeads(crypto_aegis128l_aesni_alg,
diff --git a/arch/x86/crypto/aegis256-aesni-glue.c b/arch/x86/crypto/aegis256-aesni-glue.c
index 2b5dd3af8f4d..481b5e4f4fd0 100644
--- a/arch/x86/crypto/aegis256-aesni-glue.c
+++ b/arch/x86/crypto/aegis256-aesni-glue.c
@@ -377,14 +377,18 @@ static struct aead_alg crypto_aegis256_aesni_alg[] = {
 
 static const struct x86_cpu_id aesni_cpu_id[] = {
 	X86_FEATURE_MATCH(X86_FEATURE_AES),
-	X86_FEATURE_MATCH(X86_FEATURE_XMM2),
 	{}
 };
 MODULE_DEVICE_TABLE(x86cpu, aesni_cpu_id);
 
+static const struct x86_cpu_id sse2_cpu_id[] = {
+	X86_FEATURE_MATCH(X86_FEATURE_XMM2),
+	{}
+};
+
 static int __init crypto_aegis256_aesni_module_init(void)
 {
-	if (!x86_match_cpu(aesni_cpu_id))
+	if (!x86_match_cpu(aesni_cpu_id) || !x86_match_cpu(sse2_cpu_id))
 		return -ENODEV;
 
 	return crypto_register_aeads(crypto_aegis256_aesni_alg,