From: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> To: Herbert Xu <herbert@gondor.apana.org.au>, "David S . Miller" <davem@davemloft.net>, Maxime Coquelin <mcoquelin.stm32@gmail.com>, Alexandre Torgue <alexandre.torgue@foss.st.com> Cc: Marek Vasut <marex@denx.de>, Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>, Ard Biesheuvel <ardb@kernel.org>, <linux-crypto@vger.kernel.org>, <linux-stm32@st-md-mailman.stormreply.com>, <linux-arm-kernel@lists.infradead.org>, <linux-kernel@vger.kernel.org> Subject: [PATCH v2 4/8] crypto: stm32/cryp - fix race condition in crypto_engine requests Date: Tue, 2 Nov 2021 17:47:25 +0100 [thread overview] Message-ID: <20211102164729.9957-5-nicolas.toromanoff@foss.st.com> (raw) In-Reply-To: <20211102164729.9957-1-nicolas.toromanoff@foss.st.com> Erase key after finalizing request. The key was reseted to 0 before the crypto_finalize_.*_request() call, in some running path a pending call could run with a key={ 0 }. Fixes: 9e054ec21ef8 ("crypto: stm32 - Support for STM32 CRYP crypto module") Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> --- drivers/crypto/stm32/stm32-cryp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/stm32/stm32-cryp.c b/drivers/crypto/stm32/stm32-cryp.c index 9d6ccf1eb4ce..c0903025a4cc 100644 --- a/drivers/crypto/stm32/stm32-cryp.c +++ b/drivers/crypto/stm32/stm32-cryp.c @@ -666,6 +666,8 @@ static void stm32_cryp_finish_req(struct stm32_cryp *cryp, int err) free_pages((unsigned long)buf_out, pages); } + memset(cryp->ctx->key, 0, sizeof(cryp->ctx->key)); + pm_runtime_mark_last_busy(cryp->dev); pm_runtime_put_autosuspend(cryp->dev); @@ -674,8 +676,6 @@ static void stm32_cryp_finish_req(struct stm32_cryp *cryp, int err) else crypto_finalize_skcipher_request(cryp->engine, cryp->req, err); - - memset(cryp->ctx->key, 0, cryp->ctx->keylen); } static int stm32_cryp_cpu_start(struct stm32_cryp *cryp) -- 2.17.1
WARNING: multiple messages have this Message-ID (diff)
From: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> To: Herbert Xu <herbert@gondor.apana.org.au>, "David S . Miller" <davem@davemloft.net>, Maxime Coquelin <mcoquelin.stm32@gmail.com>, Alexandre Torgue <alexandre.torgue@foss.st.com> Cc: Marek Vasut <marex@denx.de>, Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>, Ard Biesheuvel <ardb@kernel.org>, <linux-crypto@vger.kernel.org>, <linux-stm32@st-md-mailman.stormreply.com>, <linux-arm-kernel@lists.infradead.org>, <linux-kernel@vger.kernel.org> Subject: [PATCH v2 4/8] crypto: stm32/cryp - fix race condition in crypto_engine requests Date: Tue, 2 Nov 2021 17:47:25 +0100 [thread overview] Message-ID: <20211102164729.9957-5-nicolas.toromanoff@foss.st.com> (raw) In-Reply-To: <20211102164729.9957-1-nicolas.toromanoff@foss.st.com> Erase key after finalizing request. The key was reseted to 0 before the crypto_finalize_.*_request() call, in some running path a pending call could run with a key={ 0 }. Fixes: 9e054ec21ef8 ("crypto: stm32 - Support for STM32 CRYP crypto module") Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> --- drivers/crypto/stm32/stm32-cryp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/stm32/stm32-cryp.c b/drivers/crypto/stm32/stm32-cryp.c index 9d6ccf1eb4ce..c0903025a4cc 100644 --- a/drivers/crypto/stm32/stm32-cryp.c +++ b/drivers/crypto/stm32/stm32-cryp.c @@ -666,6 +666,8 @@ static void stm32_cryp_finish_req(struct stm32_cryp *cryp, int err) free_pages((unsigned long)buf_out, pages); } + memset(cryp->ctx->key, 0, sizeof(cryp->ctx->key)); + pm_runtime_mark_last_busy(cryp->dev); pm_runtime_put_autosuspend(cryp->dev); @@ -674,8 +676,6 @@ static void stm32_cryp_finish_req(struct stm32_cryp *cryp, int err) else crypto_finalize_skcipher_request(cryp->engine, cryp->req, err); - - memset(cryp->ctx->key, 0, cryp->ctx->keylen); } static int stm32_cryp_cpu_start(struct stm32_cryp *cryp) -- 2.17.1 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-11-02 16:49 UTC|newest] Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-11-02 16:47 [PATCH v2 0/8] STM32 CRYP driver: many fixes Nicolas Toromanoff 2021-11-02 16:47 ` Nicolas Toromanoff 2021-11-02 16:47 ` [PATCH v2 1/8] crypto: stm32/cryp - defer probe for reset controller Nicolas Toromanoff 2021-11-02 16:47 ` Nicolas Toromanoff 2021-11-02 16:47 ` [PATCH v2 2/8] crypto: stm32/cryp - don't print error on probe deferral Nicolas Toromanoff 2021-11-02 16:47 ` Nicolas Toromanoff 2021-11-02 16:47 ` [PATCH v2 3/8] crypto: stm32/cryp - fix CTR counter carry Nicolas Toromanoff 2021-11-02 16:47 ` Nicolas Toromanoff 2021-11-02 16:47 ` Nicolas Toromanoff [this message] 2021-11-02 16:47 ` [PATCH v2 4/8] crypto: stm32/cryp - fix race condition in crypto_engine requests Nicolas Toromanoff 2021-11-02 16:47 ` [PATCH v2 5/8] crypto: stm32/cryp - check early input data Nicolas Toromanoff 2021-11-02 16:47 ` Nicolas Toromanoff 2021-11-02 16:47 ` [PATCH v2 6/8] crypto: stm32/cryp - fix double pm exit Nicolas Toromanoff 2021-11-02 16:47 ` Nicolas Toromanoff 2021-11-02 16:47 ` [PATCH v2 7/8] crypto: stm32/cryp - fix bugs and crash in tests Nicolas Toromanoff 2021-11-02 16:47 ` Nicolas Toromanoff 2021-11-16 15:20 ` Nicolas Toromanoff 2021-11-16 15:20 ` Nicolas Toromanoff 2021-11-02 16:47 ` [PATCH v2 8/8] crypto: stm32/cryp - reorder hw initialization Nicolas Toromanoff 2021-11-02 16:47 ` Nicolas Toromanoff
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20211102164729.9957-5-nicolas.toromanoff@foss.st.com \ --to=nicolas.toromanoff@foss.st.com \ --cc=alexandre.torgue@foss.st.com \ --cc=ardb@kernel.org \ --cc=davem@davemloft.net \ --cc=herbert@gondor.apana.org.au \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-crypto@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-stm32@st-md-mailman.stormreply.com \ --cc=marex@denx.de \ --cc=mcoquelin.stm32@gmail.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.