Re: [PATCH] crypto: arm64/sm4 - Fix possible crash in GCM cryption

[Herbert Xu]

On Wed, Jan 18, 2023 at 10:19:28PM +0800, Tianjia Zhang wrote:
> When the cryption total length is zero, GCM cryption call
> skcipher_walk_done() will cause an unexpected crash, so skip calling
> this function to avoid possible crash when the GCM cryption length
> is equal to zero.
> 
> Fixes: ae1b83c7d572 ("crypto: arm64/sm4 - add CE implementation for GCM mode")
> Signed-off-by: Tianjia Zhang <tianjia.zhang@xxxxxxxxxxxxxxxxx>
> ---
>  arch/arm64/crypto/sm4-ce-gcm-glue.c | 12 +++++++-----
>  1 file changed, 7 insertions(+), 5 deletions(-)
> 
> diff --git a/arch/arm64/crypto/sm4-ce-gcm-glue.c b/arch/arm64/crypto/sm4-ce-gcm-glue.c
> index c450a2025ca9..9b63bcf9aa85 100644
> --- a/arch/arm64/crypto/sm4-ce-gcm-glue.c
> +++ b/arch/arm64/crypto/sm4-ce-gcm-glue.c
> @@ -178,11 +178,13 @@ static int gcm_crypt(struct aead_request *req, struct skcipher_walk *walk,
>  
>  		kernel_neon_end();
>  
> -		err = skcipher_walk_done(walk, tail);
> -		if (err)
> -			return err;
> -		if (walk->nbytes)
> -			kernel_neon_begin();
> +		if (walk->nbytes) {

Please do
		if (!walk->nbytes)
			break;

As an additional improvement, the tail calculation can be removed
entirely because you already set the chunksize so the walker should
only be feeding you multiples of chunksize except at the end.

Cheers,
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt