From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753869AbdDCPz7 (ORCPT ); Mon, 3 Apr 2017 11:55:59 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:49500 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753753AbdDCPz5 (ORCPT ); Mon, 3 Apr 2017 11:55:57 -0400 Subject: Re: [PATCH] KEYS: encrypted: avoid encrypting/decrypting stack buffers From: Mimi Zohar To: Eric Biggers Cc: keyrings@vger.kernel.org, David Howells , Andy Lutomirski , Herbert Xu , Eric Biggers , linux-kernel@vger.kernel.org, stable@vger.kernel.org Date: Mon, 03 Apr 2017 11:55:42 -0400 In-Reply-To: <20170402033349.GA5346@zzz> References: <20170401191709.25170-1-ebiggers3@gmail.com> <1491099837.3499.163.camel@linux.vnet.ibm.com> <20170402033349.GA5346@zzz> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-MML: disable x-cbid: 17040315-0032-0000-0000-00000208396C X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17040315-0033-0000-0000-0000123D3CF9 Message-Id: <1491234942.2928.10.camel@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-04-03_14:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1702020001 definitions=main-1704030142 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, 2017-04-01 at 20:33 -0700, Eric Biggers wrote: > On Sat, Apr 01, 2017 at 10:23:57PM -0400, Mimi Zohar wrote: > > On Sat, 2017-04-01 at 12:17 -0700, Eric Biggers wrote: > > > From: Eric Biggers > > > > > > Since v4.9, the crypto API cannot (normally) be used to encrypt/decrypt > > > stack buffers because the stack may be virtually mapped. Fix this for > > > the padding buffers in encrypted-keys by using ZERO_PAGE for the > > > encryption padding and by allocating a temporary heap buffer for the > > > decryption padding. > > > > > > Tested with CONFIG_DEBUG_SG=y: > > > keyctl new_session > > > keyctl add user master "abcdefghijklmnop" @s > > > keyid=$(keyctl add encrypted desc "new user:master 25" @s) > > > datablob="$(keyctl pipe $keyid)" > > > keyctl unlink $keyid > > > keyid=$(keyctl add encrypted desc "load $datablob" @s) > > > datablob2="$(keyctl pipe $keyid)" > > > [ "$datablob" = "$datablob2" ] && echo "Success!" > > > > Have you created an encrypted key on a kernel without this patch and > > attempted to load that key on a kernel with this patch?  Does it still > > work? > > > > Yes, a key exported from an unpatched kernel (with DEBUG_SG and DEBUG_VIRTUAL > turned off so it doesn't crash) can be loaded on a patched kernel, then exported > again. The exported data is identical. This patch removes calculating the "padlen".  Will this change break other use cases? Mimi