Re: [bug] sha1-avx2 and read beyond

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06/23/2017 01:48 AM, Jan Stancek wrote:
> 
> 
> ----- Original Message -----
>> On Wed, May 24, 2017 at 08:46:57AM -0400, Jan Stancek wrote:
>>>
>>>
>>> ----- Original Message -----
>>>> Hi,
>>>>
>>>> I'm seeing rare crashes during NFS cthon with krb5 auth. After
>>>> some digging I arrived at potential problem with sha1-avx2.
>>>
>>> Adding more sha1_avx2 experts to CC.
>>>
>>>>
>>>> Problem appears to be that sha1_transform_avx2() reads beyond
>>>> number of blocks you pass, if it is an odd number. It appears
>>>> to try read one block more. This creates a problem if it falls
>>>> beyond a page and there's nothing there.
>>>
>>> As noted in my reply, worst case appears to be read ahead
>>> of up to 3 SHA1 blocks beyond end of data:
>>>   http://marc.info/?l=linux-crypto-vger&m=149373371023377
>>>
>>>  +----------+---------+---------+---------+
>>>  | 2*SHA1_BLOCK_SIZE  | 2*SHA1_BLOCK_SIZE |
>>>  +----------+---------+---------+---------+
>>>             ^ page boundary
>>>     ^ data end
>>>
>>> It is still reproducible with 4.12-rc2.
>>
>> Can someone from Intel please look into this? Otherwise we'll have
>> to disable sha-avx2.
> 
> So I take it my workaround patch [1] is not acceptable in
> short-term as well?
> 
> [1] http://marc.info/?l=linux-crypto-vger&m=149373371023377
> 
> Regards,
> Jan
> 

Megha,

Can you take a look at this issue?

Thanks.

Tim



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux