From: Herbert Xu <herbert@gondor.apana.org.au>
To: Linus Walleij <linus.walleij@linaro.org>
Cc: Lionel Debieve <lionel.debieve@foss.st.com>,
Li kunyu <kunyu@nfschina.com>,
davem@davemloft.net, linux-arm-kernel@lists.infradead.org,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-stm32@st-md-mailman.stormreply.com,
mcoquelin.stm32@gmail.com
Subject: [v2 PATCH] crypto: stm32 - Save and restore between each request
Date: Fri, 24 Feb 2023 13:51:51 +0800 [thread overview]
Message-ID: <Y/hQdzsKMYgkIfMY@gondor.apana.org.au> (raw)
In-Reply-To: <Y/c7iVW67Xhhdu8e@gondor.apana.org.au>
v2 fixes potential state clobbering from the disconnect between
hdev->flags and rctx->flags.
---8<---
The Crypto API hashing paradigm requires the hardware state to
be exported between *each* request because multiple unrelated
hashes may be processed concurrently.
The stm32 hardware is capable of producing the hardware hashing
state but it was only doing it in the export function. This is
not only broken for export as you can't export a kernel pointer
and reimport it, but it also means that concurrent hashing was
fundamentally broken.
Fix this by moving the saving and restoring of hardware hash
state between each and every hashing request.
Fixes: 8a1012d3f2ab ("crypto: stm32 - Support for STM32 HASH module")
Reported-by: Li kunyu <kunyu@nfschina.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
diff --git a/drivers/crypto/stm32/stm32-hash.c b/drivers/crypto/stm32/stm32-hash.c
index acf8bfc8de4b..523312f47166 100644
--- a/drivers/crypto/stm32/stm32-hash.c
+++ b/drivers/crypto/stm32/stm32-hash.c
@@ -152,8 +152,8 @@ struct stm32_hash_request_ctx {
u8 buffer[HASH_BUFLEN] __aligned(sizeof(u32));
- /* Export Context */
- u32 *hw_context;
+ /* hash state */
+ u32 hw_context[3 + HASH_CSR_REGISTER_NUMBER];
};
struct stm32_hash_algs_info {
@@ -184,7 +184,6 @@ struct stm32_hash_dev {
struct ahash_request *req;
struct crypto_engine *engine;
- int err;
unsigned long flags;
struct dma_chan *dma_lch;
@@ -442,6 +441,18 @@ static int stm32_hash_update_cpu(struct stm32_hash_dev *hdev)
hdev->flags |= HASH_FLAGS_OUTPUT_READY;
err = 0;
}
+ } else {
+ u32 *preg = rctx->hw_context;
+ int i;
+
+ if (!hdev->pdata->ux500)
+ *preg++ = stm32_hash_read(hdev, HASH_IMR);
+ *preg++ = stm32_hash_read(hdev, HASH_STR);
+ *preg++ = stm32_hash_read(hdev, HASH_CR);
+ for (i = 0; i < HASH_CSR_REGISTER_NUMBER; i++)
+ *preg++ = stm32_hash_read(hdev, HASH_CSR(i));
+
+ rctx->flags |= HASH_FLAGS_INIT;
}
return err;
@@ -884,11 +895,6 @@ static void stm32_hash_finish_req(struct ahash_request *req, int err)
if (!err && (HASH_FLAGS_FINAL & hdev->flags)) {
stm32_hash_copy_hash(req);
err = stm32_hash_finish(req);
- hdev->flags &= ~(HASH_FLAGS_FINAL | HASH_FLAGS_CPU |
- HASH_FLAGS_INIT | HASH_FLAGS_DMA_READY |
- HASH_FLAGS_OUTPUT_READY | HASH_FLAGS_HMAC |
- HASH_FLAGS_HMAC_INIT | HASH_FLAGS_HMAC_FINAL |
- HASH_FLAGS_HMAC_KEY);
} else {
rctx->flags |= HASH_FLAGS_ERRORS;
}
@@ -899,68 +905,58 @@ static void stm32_hash_finish_req(struct ahash_request *req, int err)
crypto_finalize_hash_request(hdev->engine, req, err);
}
-static int stm32_hash_hw_init(struct stm32_hash_dev *hdev,
+static void stm32_hash_hw_init(struct stm32_hash_dev *hdev,
struct stm32_hash_request_ctx *rctx)
{
pm_runtime_get_sync(hdev->dev);
-
- if (!(HASH_FLAGS_INIT & hdev->flags)) {
- stm32_hash_write(hdev, HASH_CR, HASH_CR_INIT);
- stm32_hash_write(hdev, HASH_STR, 0);
- stm32_hash_write(hdev, HASH_DIN, 0);
- stm32_hash_write(hdev, HASH_IMR, 0);
- hdev->err = 0;
- }
-
- return 0;
}
-static int stm32_hash_one_request(struct crypto_engine *engine, void *areq);
-static int stm32_hash_prepare_req(struct crypto_engine *engine, void *areq);
-
static int stm32_hash_handle_queue(struct stm32_hash_dev *hdev,
struct ahash_request *req)
{
return crypto_transfer_hash_request_to_engine(hdev->engine, req);
}
-static int stm32_hash_prepare_req(struct crypto_engine *engine, void *areq)
+static int stm32_hash_one_request(struct crypto_engine *engine, void *areq)
{
struct ahash_request *req = container_of(areq, struct ahash_request,
base);
struct stm32_hash_ctx *ctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req));
struct stm32_hash_dev *hdev = stm32_hash_find_dev(ctx);
struct stm32_hash_request_ctx *rctx;
+ int err = 0;
if (!hdev)
return -ENODEV;
- hdev->req = req;
-
- rctx = ahash_request_ctx(req);
-
dev_dbg(hdev->dev, "processing new req, op: %lu, nbytes %d\n",
rctx->op, req->nbytes);
- return stm32_hash_hw_init(hdev, rctx);
-}
-
-static int stm32_hash_one_request(struct crypto_engine *engine, void *areq)
-{
- struct ahash_request *req = container_of(areq, struct ahash_request,
- base);
- struct stm32_hash_ctx *ctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req));
- struct stm32_hash_dev *hdev = stm32_hash_find_dev(ctx);
- struct stm32_hash_request_ctx *rctx;
- int err = 0;
-
- if (!hdev)
- return -ENODEV;
+ stm32_hash_hw_init(hdev, rctx);
hdev->req = req;
+ hdev->flags = 0;
rctx = ahash_request_ctx(req);
+ if (rctx->flags & HASH_FLAGS_INIT) {
+ u32 *preg = rctx->hw_context;
+ u32 reg;
+ int i;
+
+ if (!hdev->pdata->ux500)
+ stm32_hash_write(hdev, HASH_IMR, *preg++);
+ stm32_hash_write(hdev, HASH_STR, *preg++);
+ stm32_hash_write(hdev, HASH_CR, *preg);
+ reg = *preg++ | HASH_CR_INIT;
+ stm32_hash_write(hdev, HASH_CR, reg);
+
+ for (i = 0; i < HASH_CSR_REGISTER_NUMBER; i++)
+ stm32_hash_write(hdev, HASH_CSR(i), *preg++);
+
+ hdev->flags |= HASH_FLAGS_INIT;
+ }
+
if (rctx->op == HASH_OP_UPDATE)
err = stm32_hash_update_req(hdev);
else if (rctx->op == HASH_OP_FINAL)
@@ -1048,33 +1044,6 @@ static int stm32_hash_digest(struct ahash_request *req)
static int stm32_hash_export(struct ahash_request *req, void *out)
{
struct stm32_hash_request_ctx *rctx = ahash_request_ctx(req);
- struct stm32_hash_ctx *ctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req));
- struct stm32_hash_dev *hdev = stm32_hash_find_dev(ctx);
- u32 *preg;
- unsigned int i;
- int ret;
-
- pm_runtime_get_sync(hdev->dev);
-
- ret = stm32_hash_wait_busy(hdev);
- if (ret)
- return ret;
-
- rctx->hw_context = kmalloc_array(3 + HASH_CSR_REGISTER_NUMBER,
- sizeof(u32),
- GFP_KERNEL);
-
- preg = rctx->hw_context;
-
- if (!hdev->pdata->ux500)
- *preg++ = stm32_hash_read(hdev, HASH_IMR);
- *preg++ = stm32_hash_read(hdev, HASH_STR);
- *preg++ = stm32_hash_read(hdev, HASH_CR);
- for (i = 0; i < HASH_CSR_REGISTER_NUMBER; i++)
- *preg++ = stm32_hash_read(hdev, HASH_CSR(i));
-
- pm_runtime_mark_last_busy(hdev->dev);
- pm_runtime_put_autosuspend(hdev->dev);
memcpy(out, rctx, sizeof(*rctx));
@@ -1084,33 +1053,9 @@ static int stm32_hash_export(struct ahash_request *req, void *out)
static int stm32_hash_import(struct ahash_request *req, const void *in)
{
struct stm32_hash_request_ctx *rctx = ahash_request_ctx(req);
- struct stm32_hash_ctx *ctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req));
- struct stm32_hash_dev *hdev = stm32_hash_find_dev(ctx);
- const u32 *preg = in;
- u32 reg;
- unsigned int i;
memcpy(rctx, in, sizeof(*rctx));
- preg = rctx->hw_context;
-
- pm_runtime_get_sync(hdev->dev);
-
- if (!hdev->pdata->ux500)
- stm32_hash_write(hdev, HASH_IMR, *preg++);
- stm32_hash_write(hdev, HASH_STR, *preg++);
- stm32_hash_write(hdev, HASH_CR, *preg);
- reg = *preg++ | HASH_CR_INIT;
- stm32_hash_write(hdev, HASH_CR, reg);
-
- for (i = 0; i < HASH_CSR_REGISTER_NUMBER; i++)
- stm32_hash_write(hdev, HASH_CSR(i), *preg++);
-
- pm_runtime_mark_last_busy(hdev->dev);
- pm_runtime_put_autosuspend(hdev->dev);
-
- kfree(rctx->hw_context);
-
return 0;
}
@@ -1166,8 +1111,6 @@ static int stm32_hash_cra_init_algs(struct crypto_tfm *tfm,
ctx->flags |= HASH_FLAGS_HMAC;
ctx->enginectx.op.do_one_request = stm32_hash_one_request;
- ctx->enginectx.op.prepare_request = stm32_hash_prepare_req;
- ctx->enginectx.op.unprepare_request = NULL;
return stm32_hash_init_fallback(tfm);
}
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
next prev parent reply other threads:[~2023-02-24 5:52 UTC|newest]
Thread overview: 78+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-24 21:50 [PATCH] stm32: stm32-hash: Add kmalloc_array allocation check Li kunyu
2023-02-23 6:00 ` Herbert Xu
2023-02-24 23:14 ` Li kunyu
2023-02-23 9:33 ` Herbert Xu
2023-02-23 9:52 ` Linus Walleij
2023-02-23 10:10 ` [PATCH] crypto: stm32 - Save and restore between each request Herbert Xu
2023-02-24 5:51 ` Herbert Xu [this message]
2023-02-25 0:01 ` [v2 PATCH] " Linus Walleij
2023-02-25 2:26 ` Li kunyu
2023-02-25 23:15 ` Linus Walleij
2023-02-27 10:39 ` [v3 " Herbert Xu
2023-02-27 21:17 ` Linus Walleij
2023-02-27 21:28 ` Linus Walleij
2023-02-28 8:58 ` Herbert Xu
2023-02-28 9:12 ` Herbert Xu
2023-02-28 9:23 ` Herbert Xu
2023-02-28 9:48 ` [v4 " Herbert Xu
2023-02-28 20:50 ` Linus Walleij
2023-03-01 1:30 ` Herbert Xu
2023-03-01 1:36 ` Herbert Xu
2023-03-01 1:46 ` Herbert Xu
2023-03-01 12:22 ` Linus Walleij
2023-03-02 1:16 ` Herbert Xu
2023-03-02 6:04 ` Herbert Xu
2023-03-04 9:34 ` [v5 PATCH 0/7] " Herbert Xu
2023-03-04 9:37 ` [v5 PATCH 1/7] crypto: stm32 - Save 54 CSR registers Herbert Xu
2023-03-05 21:48 ` Linus Walleij
2023-03-04 9:37 ` [v5 PATCH 2/7] crypto: stm32 - Move polling into do_one_request Herbert Xu
2023-03-05 21:51 ` Linus Walleij
2023-03-04 9:37 ` [v5 PATCH 3/7] crypto: stm32 - Simplify finup Herbert Xu
2023-03-05 22:08 ` Linus Walleij
2023-03-06 4:37 ` Herbert Xu
2023-03-04 9:37 ` [v5 PATCH 4/7] crypto: stm32 - Remove unused hdev->err field Herbert Xu
2023-03-05 22:11 ` Linus Walleij
2023-03-04 9:37 ` [v5 PATCH 5/7] crypto: stm32 - Move hash state into separate structure Herbert Xu
2023-03-04 9:37 ` [v5 PATCH 6/7] crypto: stm32 - Remove unused HASH_FLAGS_ERRORS Herbert Xu
2023-03-04 9:37 ` [v5 PATCH 7/7] crypto: stm32 - Save and restore between each request Herbert Xu
2023-03-06 4:41 ` [v6 PATCH 0/7] " Herbert Xu
2023-03-06 4:41 ` [v5 PATCH 1/7] crypto: stm32 - Save 54 CSR registers Herbert Xu
2023-03-06 4:42 ` [v5 PATCH 2/7] crypto: stm32 - Move polling into do_one_request Herbert Xu
2023-03-06 4:42 ` [v5 PATCH 3/7] crypto: stm32 - Simplify finup Herbert Xu
2023-03-06 8:28 ` Linus Walleij
2023-03-06 4:42 ` [v5 PATCH 4/7] crypto: stm32 - Remove unused hdev->err field Herbert Xu
2023-03-06 4:42 ` [v5 PATCH 5/7] crypto: stm32 - Move hash state into separate structure Herbert Xu
2023-03-06 9:59 ` Linus Walleij
2023-03-06 4:42 ` [v5 PATCH 6/7] crypto: stm32 - Remove unused HASH_FLAGS_ERRORS Herbert Xu
2023-03-06 10:01 ` Linus Walleij
2023-03-06 4:42 ` [v5 PATCH 7/7] crypto: stm32 - Save and restore between each request Herbert Xu
2023-03-06 10:08 ` Linus Walleij
2023-03-07 10:10 ` Herbert Xu
2023-03-07 15:31 ` Linus Walleij
2023-03-08 3:23 ` Herbert Xu
2023-03-08 3:40 ` Herbert Xu
2023-03-08 3:52 ` Herbert Xu
2023-03-08 9:05 ` Linus Walleij
2023-03-08 9:13 ` Herbert Xu
2023-03-08 10:10 ` Herbert Xu
2023-03-08 10:19 ` Herbert Xu
2023-03-08 21:19 ` Linus Walleij
2023-03-09 5:58 ` Herbert Xu
2023-03-09 7:35 ` Linus Walleij
2023-03-09 9:59 ` Herbert Xu
2023-03-09 22:19 ` David Laight
2023-03-10 8:07 ` Linus Walleij
2023-03-07 13:55 ` [v6 PATCH 0/7] " lionel.debieve
2023-03-08 3:46 ` Herbert Xu
2023-03-11 9:08 ` [v7 PATCH 0/8] " Herbert Xu
2023-03-11 9:09 ` [v7 PATCH 1/8] crypto: stm32 - Save 54 CSR registers Herbert Xu
2023-03-11 9:09 ` [v7 PATCH 2/8] crypto: stm32 - Move polling into do_one_request Herbert Xu
2023-03-11 9:09 ` [v7 PATCH 3/8] crypto: stm32 - Simplify finup Herbert Xu
2023-03-11 9:09 ` [v7 PATCH 4/8] crypto: stm32 - Remove unused hdev->err field Herbert Xu
2023-03-11 9:09 ` [v7 PATCH 5/8] crypto: stm32 - Move hash state into separate structure Herbert Xu
2023-03-11 9:09 ` [v7 PATCH 6/8] crypto: stm32 - Remove unused HASH_FLAGS_ERRORS Herbert Xu
2023-03-11 9:09 ` [v7 PATCH 7/8] crypto: stm32 - Fix empty message processing Herbert Xu
2023-03-11 21:44 ` Linus Walleij
2023-03-11 9:09 ` [v7 PATCH 8/8] crypto: stm32 - Save and restore between each request Herbert Xu
2023-03-11 21:45 ` Linus Walleij
[not found] ` <e7cd1e8b-9ebc-ff6d-a8c4-1ccd11df6de1@foss.st.com>
2023-03-28 3:58 ` [Linux-stm32] " Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y/hQdzsKMYgkIfMY@gondor.apana.org.au \
--to=herbert@gondor.apana.org.au \
--cc=davem@davemloft.net \
--cc=kunyu@nfschina.com \
--cc=linus.walleij@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-stm32@st-md-mailman.stormreply.com \
--cc=lionel.debieve@foss.st.com \
--cc=mcoquelin.stm32@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).