Re: [PATCH] crypto: vmx - fix null dereference in p8_aes_xts_crypt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Aug 24, 2016 at 03:34:40PM +0800, Li Zhong wrote:
> walk.iv is not assigned a value in blkcipher_walk_init. It makes iv uninitialized.
> It is possibly a null value(as shown below), which is then used by aes_p8_encrypt. 
> 
> This patch moves iv = walk.iv after blkcipher_walk_virt, in which walk.iv is set.
>  
> [17856.268050] Unable to handle kernel paging request for data at address 0x00000000
> [17856.268212] Faulting instruction address: 0xd000000002ff04bc
> 7:mon> t
> [link register   ] d000000002ff47b8 p8_aes_xts_crypt+0x168/0x2a0 [vmx_crypto]   (938)
> [c000000013b77960] d000000002ff4794 p8_aes_xts_crypt+0x144/0x2a0 [vmx_crypto] (unreliable)
> [c000000013b77a70] c000000000544d64 skcipher_decrypt_blkcipher+0x64/0x80
> [c000000013b77ac0] d000000003c0175c crypt_convert+0x53c/0x620 [dm_crypt]
> [c000000013b77ba0] d000000003c043fc kcryptd_crypt+0x3cc/0x440 [dm_crypt]
> [c000000013b77c50] c0000000000f3070 process_one_work+0x1e0/0x590
> [c000000013b77ce0] c0000000000f34c8 worker_thread+0xa8/0x660
> [c000000013b77d80] c0000000000fc0b0 kthread+0x110/0x130
> [c000000013b77e30] c0000000000098f0 ret_from_kernel_thread+0x5c/0x6c
> 
> Signed-off-by: Li Zhong <zhong@xxxxxxxxxxxxxxxxxx>

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux