• Eric Biggers's avatar
    crypto: blkcipher - fix crash flushing dcache in error path · 4b900641
    Eric Biggers authored
    commit 0868def3 upstream.
    
    Like the skcipher_walk case:
    
    scatterwalk_done() is only meant to be called after a nonzero number of
    bytes have been processed, since scatterwalk_pagedone() will flush the
    dcache of the *previous* page.  But in the error case of
    blkcipher_walk_done(), e.g. if the input wasn't an integer number of
    blocks, scatterwalk_done() was actually called after advancing 0 bytes.
    This caused a crash ("BUG: unable to handle kernel paging request")
    during '!PageSlab(page)' on architectures like arm and arm64 that define
    ARCH_IMPLEMENTS_FLUSH_DCACHE_PAGE, provided that the input was
    page-aligned as in that case walk->offset == 0.
    
    Fix it by reorganizing blkcipher_walk_done() to skip the
    scatterwalk_advance() and scatterwalk_done() if an error has occurred.
    
    This bug was found by syzkaller fuzzing.
    
    Reproducer, assuming ARCH_IMPLEMENTS_FLUSH_DCACHE_PAGE:
    
    	#include <linux/if_alg.h>
    	#include <sys/socket.h>
    	#include <unistd.h>
    
    	int main()
    	{
    		struct sockaddr_alg addr = {
    			.salg_type = "skcipher",
    			.salg_name = "ecb(aes-generic)",
    		};
    		char buffer[4096] __attribute__((aligned(4096))) = { 0 };
    		int fd;
    
    		fd = socket(AF_ALG, SOCK_SEQPACKET, 0);
    		bind(fd, (void *)&addr, sizeof(addr));
    		setsockopt(fd, SOL_ALG, ALG_SET_KEY, buffer, 16);
    		fd = accept(fd, NULL, NULL);
    		write(fd, buffer, 15);
    		read(fd, buffer, 15);
    	}
    Reported-by: 's avatarLiu Chao <liuchao741@huawei.com>
    Fixes: 5cde0af2 ("[CRYPTO] cipher: Added block cipher type")
    Cc: <stable@vger.kernel.org> # v2.6.19+
    Signed-off-by: 's avatarEric Biggers <ebiggers@google.com>
    Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: 's avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    4b900641
Name
Last commit
Last update
..
asymmetric_keys Loading commit data...
async_tx Loading commit data...
842.c Loading commit data...
Kconfig Loading commit data...
Makefile Loading commit data...
ablkcipher.c Loading commit data...
acompress.c Loading commit data...
aead.c Loading commit data...
aegis.h Loading commit data...
aegis128.c Loading commit data...
aegis128l.c Loading commit data...
aegis256.c Loading commit data...
aes_generic.c Loading commit data...
aes_ti.c Loading commit data...
af_alg.c Loading commit data...
ahash.c Loading commit data...
akcipher.c Loading commit data...
algapi.c Loading commit data...
algboss.c Loading commit data...
algif_aead.c Loading commit data...
algif_hash.c Loading commit data...
algif_rng.c Loading commit data...
algif_skcipher.c Loading commit data...
ansi_cprng.c Loading commit data...
anubis.c Loading commit data...
api.c Loading commit data...
arc4.c Loading commit data...
authenc.c Loading commit data...
authencesn.c Loading commit data...
blkcipher.c Loading commit data...
blowfish_common.c Loading commit data...
blowfish_generic.c Loading commit data...
camellia_generic.c Loading commit data...
cast5_generic.c Loading commit data...
cast6_generic.c Loading commit data...
cast_common.c Loading commit data...
cbc.c Loading commit data...
ccm.c Loading commit data...
cfb.c Loading commit data...
chacha20_generic.c Loading commit data...
chacha20poly1305.c Loading commit data...
cipher.c Loading commit data...
cmac.c Loading commit data...
compress.c Loading commit data...
crc32_generic.c Loading commit data...
crc32c_generic.c Loading commit data...
crct10dif_common.c Loading commit data...
crct10dif_generic.c Loading commit data...
cryptd.c Loading commit data...
crypto_engine.c Loading commit data...
crypto_null.c Loading commit data...
crypto_user.c Loading commit data...
crypto_wq.c Loading commit data...
ctr.c Loading commit data...
cts.c Loading commit data...
deflate.c Loading commit data...
des_generic.c Loading commit data...
dh.c Loading commit data...
dh_helper.c Loading commit data...
drbg.c Loading commit data...
ecb.c Loading commit data...
ecc.c Loading commit data...
ecc.h Loading commit data...
ecc_curve_defs.h Loading commit data...
ecdh.c Loading commit data...
ecdh_helper.c Loading commit data...
echainiv.c Loading commit data...
fcrypt.c Loading commit data...
fips.c Loading commit data...
gcm.c Loading commit data...
gf128mul.c Loading commit data...
ghash-generic.c Loading commit data...
hash_info.c Loading commit data...
hmac.c Loading commit data...
internal.h Loading commit data...
jitterentropy-kcapi.c Loading commit data...
jitterentropy.c Loading commit data...
keywrap.c Loading commit data...
khazad.c Loading commit data...
kpp.c Loading commit data...
lrw.c Loading commit data...
lz4.c Loading commit data...
lz4hc.c Loading commit data...
lzo.c Loading commit data...
mcryptd.c Loading commit data...
md4.c Loading commit data...
md5.c Loading commit data...
memneq.c Loading commit data...
michael_mic.c Loading commit data...
morus1280.c Loading commit data...
morus640.c Loading commit data...
pcbc.c Loading commit data...
pcrypt.c Loading commit data...
poly1305_generic.c Loading commit data...
proc.c Loading commit data...
ripemd.h Loading commit data...
rmd128.c Loading commit data...
rmd160.c Loading commit data...
rmd256.c Loading commit data...
rmd320.c Loading commit data...
rng.c Loading commit data...
rsa-pkcs1pad.c Loading commit data...
rsa.c Loading commit data...
rsa_helper.c Loading commit data...
rsaprivkey.asn1 Loading commit data...
rsapubkey.asn1 Loading commit data...
salsa20_generic.c Loading commit data...
scatterwalk.c Loading commit data...
scompress.c Loading commit data...
seed.c Loading commit data...
seqiv.c Loading commit data...
serpent_generic.c Loading commit data...
sha1_generic.c Loading commit data...
sha256_generic.c Loading commit data...
sha3_generic.c Loading commit data...
sha512_generic.c Loading commit data...
shash.c Loading commit data...
simd.c Loading commit data...
skcipher.c Loading commit data...
sm3_generic.c Loading commit data...
sm4_generic.c Loading commit data...
speck.c Loading commit data...
tcrypt.c Loading commit data...
tcrypt.h Loading commit data...
tea.c Loading commit data...
testmgr.c Loading commit data...
testmgr.h Loading commit data...
tgr192.c Loading commit data...
twofish_common.c Loading commit data...
twofish_generic.c Loading commit data...
vmac.c Loading commit data...
wp512.c Loading commit data...
xcbc.c Loading commit data...
xor.c Loading commit data...
xts.c Loading commit data...
zstd.c Loading commit data...