Re: [PATCH v5 2/2] crypto: ti: Add driver for DTHE V2 AES Engine (ECB, CBC)

From: T Pratham
Date: Thu Jun 12 2025 - 06:16:30 EST

Next message: Jiri Bohac: "[PATCH v5 2/5] kdump: implement reserve_crashkernel_cma"
Previous message: Krzysztof Kozlowski: "Re: [PATCH v0 1/5] dt-bindings: arm: aspeed: Add AST2700 board compatible"
In reply to: Herbert Xu: "Re: [PATCH v5 2/2] crypto: ti: Add driver for DTHE V2 AES Engine (ECB, CBC)"
Next in thread: Herbert Xu: "Re: [PATCH v5 2/2] crypto: ti: Add driver for DTHE V2 AES Engine (ECB, CBC)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/06/25 15:23, Herbert Xu wrote:
> On Tue, Jun 03, 2025 at 06:07:29PM +0530, T Pratham wrote:
>>
>> + // Need to do a timeout to ensure finalise gets called if DMA callback fails for any reason
>> + ret = wait_for_completion_timeout(&rctx->aes_compl, msecs_to_jiffies(DTHE_DMA_TIMEOUT_MS));
>
> This doesn't look safe. What if the callback is invoked after a
> timeout? That would be a UAF.
>
> Does the DMA engine provide any timeout mechanism? If not, then
> you could do it with a delayed work struct. Just make sure that
> you cancel the work struct in the normal path callback. Vice versa
> you need to terminate the DMA job in the timeout work struct.
>
> Cheers,

Calling dma_terminate_sync() here should suffice I presume? I'll update the code accordingly.

Regards
T Pratham <t-pratham@xxxxxx>

Next message: Jiri Bohac: "[PATCH v5 2/5] kdump: implement reserve_crashkernel_cma"
Previous message: Krzysztof Kozlowski: "Re: [PATCH v0 1/5] dt-bindings: arm: aspeed: Add AST2700 board compatible"
In reply to: Herbert Xu: "Re: [PATCH v5 2/2] crypto: ti: Add driver for DTHE V2 AES Engine (ECB, CBC)"
Next in thread: Herbert Xu: "Re: [PATCH v5 2/2] crypto: ti: Add driver for DTHE V2 AES Engine (ECB, CBC)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]