Re: [BUG] crypto: export() overran state buffer on test vector

From: Herbert Xu
Date: Thu Feb 13 2020 - 00:06:34 EST

Next message: Suman Anna: "[PATCH] clocksource: timer-ti-dm: Drop bogus omap_dm_timer_of_set_source()"
Previous message: syzbot: "possible deadlock in tty_port_close_start"
In reply to: Corentin Labbe: "Re: [BUG] crypto: export() overran state buffer on test vector"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Feb 12, 2020 at 07:57:49PM +0100, Corentin Labbe wrote:
>
> I just found the problem, it happen with ARM CE which has a bigger state_size (sha256_ce_state) of 4bytes.
>
> Since my driver didnt use statesize at all, I detect this on cra_init() like this:
> if (algt->alg.hash.halg.statesize < crypto_ahash_statesize(op->fallback_tfm))
> algt->alg.hash.halg.statesize = crypto_ahash_statesize(op->fallback_tfm);

Thanks for finding this.

I think this can be fixed by simply adding export/imort functions
that exported the sha state without the extra finalize field which
is never used for the exported state (it's only used as an internal
function parameter).

We should also add some tests to ensure that shash SHA algorithms
all use the same geometry for export/import.

Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Next message: Suman Anna: "[PATCH] clocksource: timer-ti-dm: Drop bogus omap_dm_timer_of_set_source()"
Previous message: syzbot: "possible deadlock in tty_port_close_start"
In reply to: Corentin Labbe: "Re: [BUG] crypto: export() overran state buffer on test vector"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]