* [PATCH] crypto: nx: Fix memcpy() over-reading in nonce
@ 2021-06-16 20:34 Kees Cook
2021-06-17 6:08 ` Michael Ellerman
2021-06-24 7:36 ` Herbert Xu
0 siblings, 2 replies; 4+ messages in thread
From: Kees Cook @ 2021-06-16 20:34 UTC (permalink / raw)
To: Herbert Xu
Cc: Kees Cook, stable, Breno Leitão, Nayna Jain,
Paulo Flabiano Smorigo, Michael Ellerman, Benjamin Herrenschmidt,
Paul Mackerras, David S. Miller, linux-kernel, linux-crypto,
linuxppc-dev, linux-hardening
Fix typo in memcpy() where size should be CTR_RFC3686_NONCE_SIZE.
Fixes: 030f4e968741 ("crypto: nx - Fix reentrancy bugs")
Cc: stable@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
drivers/crypto/nx/nx-aes-ctr.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/nx/nx-aes-ctr.c b/drivers/crypto/nx/nx-aes-ctr.c
index 13f518802343..6120e350ff71 100644
--- a/drivers/crypto/nx/nx-aes-ctr.c
+++ b/drivers/crypto/nx/nx-aes-ctr.c
@@ -118,7 +118,7 @@ static int ctr3686_aes_nx_crypt(struct skcipher_request *req)
struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm);
u8 iv[16];
- memcpy(iv, nx_ctx->priv.ctr.nonce, CTR_RFC3686_IV_SIZE);
+ memcpy(iv, nx_ctx->priv.ctr.nonce, CTR_RFC3686_NONCE_SIZE);
memcpy(iv + CTR_RFC3686_NONCE_SIZE, req->iv, CTR_RFC3686_IV_SIZE);
iv[12] = iv[13] = iv[14] = 0;
iv[15] = 1;
--
2.25.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] crypto: nx: Fix memcpy() over-reading in nonce
2021-06-16 20:34 [PATCH] crypto: nx: Fix memcpy() over-reading in nonce Kees Cook
@ 2021-06-17 6:08 ` Michael Ellerman
2021-06-18 23:49 ` Kees Cook
2021-06-24 7:36 ` Herbert Xu
1 sibling, 1 reply; 4+ messages in thread
From: Michael Ellerman @ 2021-06-17 6:08 UTC (permalink / raw)
To: Kees Cook, Herbert Xu
Cc: Kees Cook, stable, Breno Leitão, Nayna Jain,
Paulo Flabiano Smorigo, Benjamin Herrenschmidt, Paul Mackerras,
David S. Miller, linux-kernel, linux-crypto, linuxppc-dev,
linux-hardening
Kees Cook <keescook@chromium.org> writes:
> Fix typo in memcpy() where size should be CTR_RFC3686_NONCE_SIZE.
>
> Fixes: 030f4e968741 ("crypto: nx - Fix reentrancy bugs")
> Cc: stable@vger.kernel.org
> Signed-off-by: Kees Cook <keescook@chromium.org>
Thanks.
> ---
> drivers/crypto/nx/nx-aes-ctr.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/nx/nx-aes-ctr.c b/drivers/crypto/nx/nx-aes-ctr.c
> index 13f518802343..6120e350ff71 100644
> --- a/drivers/crypto/nx/nx-aes-ctr.c
> +++ b/drivers/crypto/nx/nx-aes-ctr.c
> @@ -118,7 +118,7 @@ static int ctr3686_aes_nx_crypt(struct skcipher_request *req)
> struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm);
> u8 iv[16];
>
> - memcpy(iv, nx_ctx->priv.ctr.nonce, CTR_RFC3686_IV_SIZE);
> + memcpy(iv, nx_ctx->priv.ctr.nonce, CTR_RFC3686_NONCE_SIZE);
> memcpy(iv + CTR_RFC3686_NONCE_SIZE, req->iv, CTR_RFC3686_IV_SIZE);
> iv[12] = iv[13] = iv[14] = 0;
> iv[15] = 1;
Where IV_SIZE is 8 and NONCE_SIZE is 4.
And iv is 16 bytes, so it's not a buffer overflow.
But priv.ctr.nonce is 4 bytes, and at the end of the struct, so it reads
4 bytes past the end of the nx_crypto_ctx, which is not good.
But then immediately overwrites whatever it read with req->iv.
So seems pretty harmless in practice?
cheers
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] crypto: nx: Fix memcpy() over-reading in nonce
2021-06-17 6:08 ` Michael Ellerman
@ 2021-06-18 23:49 ` Kees Cook
0 siblings, 0 replies; 4+ messages in thread
From: Kees Cook @ 2021-06-18 23:49 UTC (permalink / raw)
To: Michael Ellerman
Cc: Herbert Xu, stable, Breno Leitão, Nayna Jain,
Paulo Flabiano Smorigo, Benjamin Herrenschmidt, Paul Mackerras,
David S. Miller, linux-kernel, linux-crypto, linuxppc-dev,
linux-hardening
On Thu, Jun 17, 2021 at 04:08:15PM +1000, Michael Ellerman wrote:
> Kees Cook <keescook@chromium.org> writes:
> > Fix typo in memcpy() where size should be CTR_RFC3686_NONCE_SIZE.
> >
> > Fixes: 030f4e968741 ("crypto: nx - Fix reentrancy bugs")
> > Cc: stable@vger.kernel.org
> > Signed-off-by: Kees Cook <keescook@chromium.org>
>
> Thanks.
>
> > ---
> > drivers/crypto/nx/nx-aes-ctr.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/crypto/nx/nx-aes-ctr.c b/drivers/crypto/nx/nx-aes-ctr.c
> > index 13f518802343..6120e350ff71 100644
> > --- a/drivers/crypto/nx/nx-aes-ctr.c
> > +++ b/drivers/crypto/nx/nx-aes-ctr.c
> > @@ -118,7 +118,7 @@ static int ctr3686_aes_nx_crypt(struct skcipher_request *req)
> > struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm);
> > u8 iv[16];
> >
> > - memcpy(iv, nx_ctx->priv.ctr.nonce, CTR_RFC3686_IV_SIZE);
> > + memcpy(iv, nx_ctx->priv.ctr.nonce, CTR_RFC3686_NONCE_SIZE);
> > memcpy(iv + CTR_RFC3686_NONCE_SIZE, req->iv, CTR_RFC3686_IV_SIZE);
> > iv[12] = iv[13] = iv[14] = 0;
> > iv[15] = 1;
>
> Where IV_SIZE is 8 and NONCE_SIZE is 4.
>
> And iv is 16 bytes, so it's not a buffer overflow.
>
> But priv.ctr.nonce is 4 bytes, and at the end of the struct, so it reads
> 4 bytes past the end of the nx_crypto_ctx, which is not good.
>
> But then immediately overwrites whatever it read with req->iv.
>
> So seems pretty harmless in practice?
Right -- there's no damage done, but future memcpy() FORTIFY work alerts
on this, so I'm going through cleaning all of these up. :)
--
Kees Cook
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] crypto: nx: Fix memcpy() over-reading in nonce
2021-06-16 20:34 [PATCH] crypto: nx: Fix memcpy() over-reading in nonce Kees Cook
2021-06-17 6:08 ` Michael Ellerman
@ 2021-06-24 7:36 ` Herbert Xu
1 sibling, 0 replies; 4+ messages in thread
From: Herbert Xu @ 2021-06-24 7:36 UTC (permalink / raw)
To: Kees Cook
Cc: stable, Breno Leitão, Nayna Jain, Paulo Flabiano Smorigo,
Michael Ellerman, Benjamin Herrenschmidt, Paul Mackerras,
David S. Miller, linux-kernel, linux-crypto, linuxppc-dev,
linux-hardening
On Wed, Jun 16, 2021 at 01:34:59PM -0700, Kees Cook wrote:
> Fix typo in memcpy() where size should be CTR_RFC3686_NONCE_SIZE.
>
> Fixes: 030f4e968741 ("crypto: nx - Fix reentrancy bugs")
> Cc: stable@vger.kernel.org
> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---
> drivers/crypto/nx/nx-aes-ctr.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-06-24 7:36 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-16 20:34 [PATCH] crypto: nx: Fix memcpy() over-reading in nonce Kees Cook
2021-06-17 6:08 ` Michael Ellerman
2021-06-18 23:49 ` Kees Cook
2021-06-24 7:36 ` Herbert Xu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).