From patchwork Thu Aug 9 18:38:56 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Stephan Mueller X-Patchwork-Id: 10561683 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 328A713AC for ; Thu, 9 Aug 2018 18:39:07 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 19EB72B807 for ; Thu, 9 Aug 2018 18:39:07 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 0BE342B832; Thu, 9 Aug 2018 18:39:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AB6812B807 for ; Thu, 9 Aug 2018 18:39:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726944AbeHIVFJ (ORCPT ); Thu, 9 Aug 2018 17:05:09 -0400 Received: from mo4-p00-ob.smtp.rzone.de ([81.169.146.221]:30793 "EHLO mo4-p00-ob.smtp.rzone.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726931AbeHIVFI (ORCPT ); Thu, 9 Aug 2018 17:05:08 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1533839937; s=strato-dkim-0002; d=chronox.de; h=Message-ID:Date:Subject:Cc:To:From:X-RZG-CLASS-ID:X-RZG-AUTH:From: Subject:Sender; bh=1Na2yyKLJGSJUwe9FZCTZ4ioULHBEWv3PToqn7KabJ8=; b=dfkJeORTHZcmhlJ8iq57nSyj8mmv5+Pk1Vedus/kFpOv0+ZSpu499UkFsIJAFVxPoO lKstA2cRgmnJz4KMeMQndGH1c+KRiKBzkc8ZRGqxB+PjNWmcKGIfrrWYNWJWPGnbUtze ZXZay+uQU3nY3zpuNP0ZcBOM88M3BpRV2Ciln1PykezBtgpyuzreQ1Heg9xqsSH3qWYi 197XbEPoBXXE+FNkajusTuDuWxcHlnGTMahljzC55B423f053H5xbEu1PD+juKLndsyw 0rdYzroXCFSJi6espg2JWEVgTJIgWa1NCsbtdkMHClpUDQLaGm/nqtGmLxSenY2//6bZ oGcA== X-RZG-AUTH: ":P2ERcEykfu11Y98lp/T7+hdri+uKZK8TKWEqNyiHySGSa9k9xmwdNnzHHXDbIvSa54E=" X-RZG-CLASS-ID: mo00 Received: from positron.chronox.de by smtp.strato.de (RZmta 43.15 DYNA|AUTH) with ESMTPSA id y0518bu79Icv95x (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp521r1 with 521 ECDH bits, eq. 15360 bits RSA)) (Client did not present a certificate); Thu, 9 Aug 2018 20:38:57 +0200 (CEST) From: Stephan =?iso-8859-1?q?M=FCller?= To: Tso Ted Cc: linux-crypto@vger.kernel.org Subject: random: ensure use of aligned buffers with ChaCha20 Date: Thu, 09 Aug 2018 20:38:56 +0200 Message-ID: <5834509.PAxzGmSUSz@positron.chronox.de> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The function extract_crng invokes the ChaCha20 block operation directly on the user-provided buffer. The block operation operates on u32 words. Thus the extract_crng function expects the buffer to be aligned to u32 as it is visible with the parameter type of extract_crng. However, get_random_bytes uses a void pointer which may or may not be aligned. Thus, an alignment check is necessary and the temporary buffer must be used if the alignment to u32 is not ensured. Cc: # v4.16+ Cc: Ted Tso Signed-off-by: Stephan Mueller Reported-by: Stephan Müller Signed-off-by: Eric Biggers --- drivers/char/random.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/drivers/char/random.c b/drivers/char/random.c index bd449ad52442..23f336872426 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -1617,8 +1617,14 @@ static void _get_random_bytes(void *buf, int nbytes) trace_get_random_bytes(nbytes, _RET_IP_); while (nbytes >= CHACHA20_BLOCK_SIZE) { - extract_crng(buf); - buf += CHACHA20_BLOCK_SIZE; + if (likely((unsigned long)buf & (sizeof(tmp[0]) - 1))) { + extract_crng(buf); + buf += CHACHA20_BLOCK_SIZE; + } else { + extract_crng(tmp); + memcpy(buf, tmp, CHACHA20_BLOCK_SIZE); + } + nbytes -= CHACHA20_BLOCK_SIZE; }