From: Herbert Xu <herbert@gondor.apana.org.au>
To: Bagas Sanjaya <bagasdotme@gmail.com>,
Linux Crypto Mailing List <linux-crypto@vger.kernel.org>
Cc: "Tatu Heikkilä" <tatu.heikkila@gmail.com>,
"Linux Kernel Mailing List" <linux-kernel@vger.kernel.org>,
"Linux Device Mapper" <dm-devel@redhat.com>,
"Mike Snitzer" <snitzer@kernel.org>,
"Alasdair Kergon" <agk@redhat.com>,
"Linux Regressions" <regressions@lists.linux.dev>
Subject: [PATCH] dm crypt: Fix reqsize in crypt_iv_eboiv_gen
Date: Fri, 6 Oct 2023 09:41:55 +0800 [thread overview]
Message-ID: <ZR9l446ndB4n1Xl4@gondor.apana.org.au> (raw)
In-Reply-To: <ZR9dEiXhQv-wBVA2@debian.me>
On Fri, Oct 06, 2023 at 08:04:18AM +0700, Bagas Sanjaya wrote:
>
> > Git bisect lead me to:
> > # first bad commit: [e3023094dffb41540330fb0c74cd3a019cd525c2] dm crypt:
> > Avoid using MAX_CIPHER_BLOCKSIZE
> >
> > If I git revert e3023094dffb41540330fb0c74cd3a019cd525c2 on current Linus'
> > git master, the issue goes away. So I'm personally not all that affected
> > anymore (if I'm ready to compile my kernels from now on), and I understand
> > that you have no clear way to reproduce this as it seems strongly bound to
> > hardware, but seems like this could point to a potentially serious security
> > issue since it involves both crypto and undefined behaviour.
Thanks for the report. Sorry this is indeed my fault. The allocated
buffer is too small as it's missing the size for the request object
itself.
Mike, would you be OK with me picking this fix up and pushing it to
Linus?
Cheers,
---8<---
A skcipher_request object is made up of struct skcipher_request
followed by a variable-sized trailer. The allocation of the
skcipher_request and IV in crypt_iv_eboiv_gen is missing the
memory for struct skcipher_request. Fix it by adding it to
reqsize.
Fixes: e3023094dffb ("dm crypt: Avoid using MAX_CIPHER_BLOCKSIZE")
Reported-by: Tatu Heikkil� <tatu.heikkila@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index f2662c21a6df..5315fd261c23 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -753,7 +753,8 @@ static int crypt_iv_eboiv_gen(struct crypt_config *cc, u8 *iv,
int err;
u8 *buf;
- reqsize = ALIGN(crypto_skcipher_reqsize(tfm), __alignof__(__le64));
+ reqsize = sizeof(*req) + crypto_skcipher_reqsize(tfm);
+ reqsize = ALIGN(reqsize, __alignof__(__le64));
req = kmalloc(reqsize + cc->iv_size, GFP_NOIO);
if (!req)
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
WARNING: multiple messages have this Message-ID (diff)
From: Herbert Xu <herbert@gondor.apana.org.au>
To: Bagas Sanjaya <bagasdotme@gmail.com>,
Linux Crypto Mailing List <linux-crypto@vger.kernel.org>
Cc: "Linux Regressions" <regressions@lists.linux.dev>,
"Tatu Heikkilä" <tatu.heikkila@gmail.com>,
"Mike Snitzer" <snitzer@kernel.org>,
"Linux Kernel Mailing List" <linux-kernel@vger.kernel.org>,
"Linux Device Mapper" <dm-devel@redhat.com>,
"Alasdair Kergon" <agk@redhat.com>
Subject: [dm-devel] [PATCH] dm crypt: Fix reqsize in crypt_iv_eboiv_gen
Date: Fri, 6 Oct 2023 09:41:55 +0800 [thread overview]
Message-ID: <ZR9l446ndB4n1Xl4@gondor.apana.org.au> (raw)
In-Reply-To: <ZR9dEiXhQv-wBVA2@debian.me>
On Fri, Oct 06, 2023 at 08:04:18AM +0700, Bagas Sanjaya wrote:
>
> > Git bisect lead me to:
> > # first bad commit: [e3023094dffb41540330fb0c74cd3a019cd525c2] dm crypt:
> > Avoid using MAX_CIPHER_BLOCKSIZE
> >
> > If I git revert e3023094dffb41540330fb0c74cd3a019cd525c2 on current Linus'
> > git master, the issue goes away. So I'm personally not all that affected
> > anymore (if I'm ready to compile my kernels from now on), and I understand
> > that you have no clear way to reproduce this as it seems strongly bound to
> > hardware, but seems like this could point to a potentially serious security
> > issue since it involves both crypto and undefined behaviour.
Thanks for the report. Sorry this is indeed my fault. The allocated
buffer is too small as it's missing the size for the request object
itself.
Mike, would you be OK with me picking this fix up and pushing it to
Linus?
Cheers,
---8<---
A skcipher_request object is made up of struct skcipher_request
followed by a variable-sized trailer. The allocation of the
skcipher_request and IV in crypt_iv_eboiv_gen is missing the
memory for struct skcipher_request. Fix it by adding it to
reqsize.
Fixes: e3023094dffb ("dm crypt: Avoid using MAX_CIPHER_BLOCKSIZE")
Reported-by: Tatu Heikkil� <tatu.heikkila@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index f2662c21a6df..5315fd261c23 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -753,7 +753,8 @@ static int crypt_iv_eboiv_gen(struct crypt_config *cc, u8 *iv,
int err;
u8 *buf;
- reqsize = ALIGN(crypto_skcipher_reqsize(tfm), __alignof__(__le64));
+ reqsize = sizeof(*req) + crypto_skcipher_reqsize(tfm);
+ reqsize = ALIGN(reqsize, __alignof__(__le64));
req = kmalloc(reqsize + cc->iv_size, GFP_NOIO);
if (!req)
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel
next prev parent reply other threads:[~2023-10-06 1:42 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-05 17:15 (Bisected) Accessing opened Bitlocker partition leads to memory fault and kernel panic on Imac8,1 Tatu Heikkilä
2023-10-05 17:15 ` [dm-devel] (Bisected) Accessing opened Bitlocker partition leads to memory fault and kernel panic on Imac8, 1 Tatu Heikkilä
2023-10-06 1:04 ` (Bisected) Accessing opened Bitlocker partition leads to memory fault and kernel panic on Imac8,1 Bagas Sanjaya
2023-10-06 1:04 ` [dm-devel] (Bisected) Accessing opened Bitlocker partition leads to memory fault and kernel panic on Imac8, 1 Bagas Sanjaya
2023-10-06 1:41 ` Herbert Xu [this message]
2023-10-06 1:41 ` [dm-devel] [PATCH] dm crypt: Fix reqsize in crypt_iv_eboiv_gen Herbert Xu
2023-10-06 2:26 ` [dm-devel] " Mike Snitzer
2023-10-06 2:26 ` Mike Snitzer
2023-10-06 2:33 ` Herbert Xu
2023-10-06 2:33 ` [dm-devel] " Herbert Xu
2023-10-06 8:20 ` Linux regression tracking (Thorsten Leemhuis)
2023-10-06 8:20 ` [dm-devel] " Linux regression tracking (Thorsten Leemhuis)
2023-10-06 11:03 ` [PATCH] " Tatu Heikkilä
2023-10-06 11:03 ` [dm-devel] " Tatu Heikkilä
2023-10-16 8:33 ` (Bisected) Accessing opened Bitlocker partition leads to memory fault and kernel panic on Imac8,1 Linux regression tracking #update (Thorsten Leemhuis)
2023-10-16 8:33 ` Linux regression tracking #update (Thorsten Leemhuis)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZR9l446ndB4n1Xl4@gondor.apana.org.au \
--to=herbert@gondor.apana.org.au \
--cc=agk@redhat.com \
--cc=bagasdotme@gmail.com \
--cc=dm-devel@redhat.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=regressions@lists.linux.dev \
--cc=snitzer@kernel.org \
--cc=tatu.heikkila@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.