Re: [PATCH] crypto: qat - Fix for qat_aes_cbc_hmac_sha512

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Herbert,
On 01/13/2015 01:25 PM, Herbert Xu wrote:
>>  		memcpy(ipad, buff, digest_size);
>> >  		memcpy(opad, buff, digest_size);
>> > +		memset(ipad + digest_size, 0, block_size - digest_size);
>> > +		memset(opad + digest_size, 0, block_size - digest_size);
>> >  		memzero_explicit(buff, sizeof(buff));
> The very first thing we do in that function is zero the whole
> auth_state.  So why would we need to zero it here? The only thin
> I can think of is if auth_state is too small and we're encountering
> garbage on the stack which would be a serious bug.

Yes, it looks strange, but the issue is we don't really zero the whole
auth_state. Because struct qat_auth_state is no packed on my system

sizeof(MAX_AUTH_STATE_SIZE + 64) = 244

and sizeof(struct qat_auth_state) = 256

if instead of:

memzero_explicit(auth_state.data, MAX_AUTH_STATE_SIZE + 64);

it would be:

memzero_explicit(&auth_state, sizeof(auth_state));

then it would work as well.
I can send another patch that does the second if you like.
Thanks,
Tadeusz

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux