• Eric Biggers's avatar
    crypto: skcipher - fix crash flushing dcache in error path · 744ff5f0
    Eric Biggers authored
    commit 8088d3dd upstream.
    
    scatterwalk_done() is only meant to be called after a nonzero number of
    bytes have been processed, since scatterwalk_pagedone() will flush the
    dcache of the *previous* page.  But in the error case of
    skcipher_walk_done(), e.g. if the input wasn't an integer number of
    blocks, scatterwalk_done() was actually called after advancing 0 bytes.
    This caused a crash ("BUG: unable to handle kernel paging request")
    during '!PageSlab(page)' on architectures like arm and arm64 that define
    ARCH_IMPLEMENTS_FLUSH_DCACHE_PAGE, provided that the input was
    page-aligned as in that case walk->offset == 0.
    
    Fix it by reorganizing skcipher_walk_done() to skip the
    scatterwalk_advance() and scatterwalk_done() if an error has occurred.
    
    This bug was found by syzkaller fuzzing.
    
    Reproducer, assuming ARCH_IMPLEMENTS_FLUSH_DCACHE_PAGE:
    
    	#include <linux/if_alg.h>
    	#include <sys/socket.h>
    	#include <unistd.h>
    
    	int main()
    	{
    		struct sockaddr_alg addr = {
    			.salg_type = "skcipher",
    			.salg_name = "cbc(aes-generic)",
    		};
    		char buffer[4096] __attribute__((aligned(4096))) = { 0 };
    		int fd;
    
    		fd = socket(AF_ALG, SOCK_SEQPACKET, 0);
    		bind(fd, (void *)&addr, sizeof(addr));
    		setsockopt(fd, SOL_ALG, ALG_SET_KEY, buffer, 16);
    		fd = accept(fd, NULL, NULL);
    		write(fd, buffer, 15);
    		read(fd, buffer, 15);
    	}
    Reported-by: 's avatarLiu Chao <liuchao741@huawei.com>
    Fixes: b286d8b1 ("crypto: skcipher - Add skcipher walk interface")
    Cc: <stable@vger.kernel.org> # v4.10+
    Signed-off-by: 's avatarEric Biggers <ebiggers@google.com>
    Signed-off-by: 's avatarHerbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: 's avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    744ff5f0
Name
Last commit
Last update
..
asymmetric_keys Loading commit data...
async_tx Loading commit data...
842.c Loading commit data...
Kconfig Loading commit data...
Makefile Loading commit data...
ablkcipher.c Loading commit data...
acompress.c Loading commit data...
aead.c Loading commit data...
aegis.h Loading commit data...
aegis128.c Loading commit data...
aegis128l.c Loading commit data...
aegis256.c Loading commit data...
aes_generic.c Loading commit data...
aes_ti.c Loading commit data...
af_alg.c Loading commit data...
ahash.c Loading commit data...
akcipher.c Loading commit data...
algapi.c Loading commit data...
algboss.c Loading commit data...
algif_aead.c Loading commit data...
algif_hash.c Loading commit data...
algif_rng.c Loading commit data...
algif_skcipher.c Loading commit data...
ansi_cprng.c Loading commit data...
anubis.c Loading commit data...
api.c Loading commit data...
arc4.c Loading commit data...
authenc.c Loading commit data...
authencesn.c Loading commit data...
blkcipher.c Loading commit data...
blowfish_common.c Loading commit data...
blowfish_generic.c Loading commit data...
camellia_generic.c Loading commit data...
cast5_generic.c Loading commit data...
cast6_generic.c Loading commit data...
cast_common.c Loading commit data...
cbc.c Loading commit data...
ccm.c Loading commit data...
cfb.c Loading commit data...
chacha20_generic.c Loading commit data...
chacha20poly1305.c Loading commit data...
cipher.c Loading commit data...
cmac.c Loading commit data...
compress.c Loading commit data...
crc32_generic.c Loading commit data...
crc32c_generic.c Loading commit data...
crct10dif_common.c Loading commit data...
crct10dif_generic.c Loading commit data...
cryptd.c Loading commit data...
crypto_engine.c Loading commit data...
crypto_null.c Loading commit data...
crypto_user.c Loading commit data...
crypto_wq.c Loading commit data...
ctr.c Loading commit data...
cts.c Loading commit data...
deflate.c Loading commit data...
des_generic.c Loading commit data...
dh.c Loading commit data...
dh_helper.c Loading commit data...
drbg.c Loading commit data...
ecb.c Loading commit data...
ecc.c Loading commit data...
ecc.h Loading commit data...
ecc_curve_defs.h Loading commit data...
ecdh.c Loading commit data...
ecdh_helper.c Loading commit data...
echainiv.c Loading commit data...
fcrypt.c Loading commit data...
fips.c Loading commit data...
gcm.c Loading commit data...
gf128mul.c Loading commit data...
ghash-generic.c Loading commit data...
hash_info.c Loading commit data...
hmac.c Loading commit data...
internal.h Loading commit data...
jitterentropy-kcapi.c Loading commit data...
jitterentropy.c Loading commit data...
keywrap.c Loading commit data...
khazad.c Loading commit data...
kpp.c Loading commit data...
lrw.c Loading commit data...
lz4.c Loading commit data...
lz4hc.c Loading commit data...
lzo.c Loading commit data...
mcryptd.c Loading commit data...
md4.c Loading commit data...
md5.c Loading commit data...
memneq.c Loading commit data...
michael_mic.c Loading commit data...
morus1280.c Loading commit data...
morus640.c Loading commit data...
pcbc.c Loading commit data...
pcrypt.c Loading commit data...
poly1305_generic.c Loading commit data...
proc.c Loading commit data...
ripemd.h Loading commit data...
rmd128.c Loading commit data...
rmd160.c Loading commit data...
rmd256.c Loading commit data...
rmd320.c Loading commit data...
rng.c Loading commit data...
rsa-pkcs1pad.c Loading commit data...
rsa.c Loading commit data...
rsa_helper.c Loading commit data...
rsaprivkey.asn1 Loading commit data...
rsapubkey.asn1 Loading commit data...
salsa20_generic.c Loading commit data...
scatterwalk.c Loading commit data...
scompress.c Loading commit data...
seed.c Loading commit data...
seqiv.c Loading commit data...
serpent_generic.c Loading commit data...
sha1_generic.c Loading commit data...
sha256_generic.c Loading commit data...
sha3_generic.c Loading commit data...
sha512_generic.c Loading commit data...
shash.c Loading commit data...
simd.c Loading commit data...
skcipher.c Loading commit data...
sm3_generic.c Loading commit data...
sm4_generic.c Loading commit data...
speck.c Loading commit data...
tcrypt.c Loading commit data...
tcrypt.h Loading commit data...
tea.c Loading commit data...
testmgr.c Loading commit data...
testmgr.h Loading commit data...
tgr192.c Loading commit data...
twofish_common.c Loading commit data...
twofish_generic.c Loading commit data...
vmac.c Loading commit data...
wp512.c Loading commit data...
xcbc.c Loading commit data...
xor.c Loading commit data...
xts.c Loading commit data...
zstd.c Loading commit data...