From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6CAF5C636CC for ; Tue, 31 Jan 2023 09:39:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230013AbjAaJj5 (ORCPT ); Tue, 31 Jan 2023 04:39:57 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37504 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229874AbjAaJj5 (ORCPT ); Tue, 31 Jan 2023 04:39:57 -0500 Received: from out30-99.freemail.mail.aliyun.com (out30-99.freemail.mail.aliyun.com [115.124.30.99]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EA3ABAE; Tue, 31 Jan 2023 01:39:55 -0800 (PST) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R191e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018046059;MF=tianjia.zhang@linux.alibaba.com;NM=1;PH=DS;RN=8;SR=0;TI=SMTPD_---0VaWI3H1_1675157991; Received: from 30.240.102.229(mailfrom:tianjia.zhang@linux.alibaba.com fp:SMTPD_---0VaWI3H1_1675157991) by smtp.aliyun-inc.com; Tue, 31 Jan 2023 17:39:52 +0800 Message-ID: Date: Tue, 31 Jan 2023 17:39:50 +0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.6.1 Subject: Re: [PATCH] crypto: arm64/sm4 - Fix possible crash in GCM cryption Content-Language: en-US To: Herbert Xu Cc: "David S. Miller" , Catalin Marinas , Will Deacon , linux-crypto@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Ard Biesheuvel References: <20230118141928.48136-1-tianjia.zhang@linux.alibaba.com> From: Tianjia Zhang In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hi Herbert, On 1/30/23 5:01 PM, Herbert Xu wrote: > On Mon, Jan 30, 2023 at 04:15:33PM +0800, Herbert Xu wrote: >> >> Actually I think there is a serious bug here. If you're doing an >> empty message, you must not call skcipher_walk_done as that may >> then free random uninitialised stack memory. > > Hah, I had forgotten that this thread started with your patch > to fix this exact bug :) > > Could you confirm that you did copy this from ccm? > > It would be nice if you could rewrite your loop in a form similar > to my patch to ccm. > > Thanks, These codes are copied from gcm and ccm at the same time. I am not sure which has more components, but I will rewrite the gcm and ccm encryption loop of sm4 as soon as possible. Cheers, Tianjia From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id E52C8C38142 for ; Tue, 31 Jan 2023 09:41:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:Content-Type: Content-Transfer-Encoding:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:From:References:Cc:To:Subject: MIME-Version:Date:Message-ID:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=EEcudgpvIXMkTDbZbBm4VKPOWyyyERWQgItVV5i8uKE=; b=kwdLfprAwyPCDL cW8iBJ37loZoDlsbDSr/xF5Vq+EjYgT7UQhh+TtVVcfh2cGLVWRW7STp5A6nS3T2iBz2im6WjuBuc p3D5p/ZXmQMYg9Rv3h/iC80TJkSPJ4ca5n+DyOuawURdFKpkhMaHbwsD3PAbt7Q7cIgw79oLnHUf4 dWRrT+Ba+GG5yJulFCV9uWI5UWTpgpwsju8njnFbeVnOQjT7lfGI2BmLdU+xRSS6F199E3Ju8L30K nmzZmjutgk30JKYmzGWZWnEjne9vSzepG1Xp6idz9XHmk5zHvMpziME//R/vKNfYh/J5hpoMa2CJv IUi0oaMQBhIBGshVKP3Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pMn7b-0074d3-P5; Tue, 31 Jan 2023 09:40:11 +0000 Received: from out199-8.us.a.mail.aliyun.com ([47.90.199.8]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pMn7S-0074Sh-U7 for linux-arm-kernel@lists.infradead.org; Tue, 31 Jan 2023 09:40:08 +0000 X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R191e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018046059;MF=tianjia.zhang@linux.alibaba.com;NM=1;PH=DS;RN=8;SR=0;TI=SMTPD_---0VaWI3H1_1675157991; Received: from 30.240.102.229(mailfrom:tianjia.zhang@linux.alibaba.com fp:SMTPD_---0VaWI3H1_1675157991) by smtp.aliyun-inc.com; Tue, 31 Jan 2023 17:39:52 +0800 Message-ID: Date: Tue, 31 Jan 2023 17:39:50 +0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.6.1 Subject: Re: [PATCH] crypto: arm64/sm4 - Fix possible crash in GCM cryption Content-Language: en-US To: Herbert Xu Cc: "David S. Miller" , Catalin Marinas , Will Deacon , linux-crypto@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Ard Biesheuvel References: <20230118141928.48136-1-tianjia.zhang@linux.alibaba.com> From: Tianjia Zhang In-Reply-To: X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230131_014003_633313_1FF70187 X-CRM114-Status: GOOD ( 14.34 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Hi Herbert, On 1/30/23 5:01 PM, Herbert Xu wrote: > On Mon, Jan 30, 2023 at 04:15:33PM +0800, Herbert Xu wrote: >> >> Actually I think there is a serious bug here. If you're doing an >> empty message, you must not call skcipher_walk_done as that may >> then free random uninitialised stack memory. > > Hah, I had forgotten that this thread started with your patch > to fix this exact bug :) > > Could you confirm that you did copy this from ccm? > > It would be nice if you could rewrite your loop in a form similar > to my patch to ccm. > > Thanks, These codes are copied from gcm and ccm at the same time. I am not sure which has more components, but I will rewrite the gcm and ccm encryption loop of sm4 as soon as possible. Cheers, Tianjia _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel