On Thu, Jun 22, 2017 at 4:58 PM, Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote: > On Thu, Jun 22, 2017 at 04:36:55PM +0300, Gilad Ben-Yossef wrote: >> static int ssi_ahash_export(struct ahash_request *req, void *out) >> { >> struct crypto_ahash *ahash = crypto_ahash_reqtfm(req); >> struct ssi_hash_ctx *ctx = crypto_ahash_ctx(ahash); >> + struct device *dev = &ctx->drvdata->plat_dev->dev; >> + struct ahash_req_ctx *state = ahash_request_ctx(req); >> + u8 *curr_buff = state->buff_index ? state->buff1 : state->buff0; >> + u32 curr_buff_cnt = state->buff_index ? state->buff1_cnt : >> + state->buff0_cnt; >> + const u32 tmp = CC_EXPORT_MAGIC; >> + >> + CHECK_AND_RETURN_UPON_FIPS_ERROR(); >> >> - return ssi_hash_export(ctx, out); >> + memcpy(out, &tmp, sizeof(u32)); >> + out += sizeof(u32); >> + >> + dma_sync_single_for_cpu(dev, state->digest_buff_dma_addr, >> + ctx->inter_digestsize, DMA_BIDIRECTIONAL); >> + memcpy(out, state->digest_buff, ctx->inter_digestsize); >> + out += ctx->inter_digestsize; >> + >> + if (state->digest_bytes_len_dma_addr) { >> + dma_sync_single_for_cpu(dev, state->digest_bytes_len_dma_addr, >> + HASH_LEN_SIZE, DMA_BIDIRECTIONAL); >> + memcpy(out, state->digest_bytes_len, HASH_LEN_SIZE); >> + } >> + out += HASH_LEN_SIZE; > > I'm sorry to ask this question now instead of on my first review. I was > waiting for my other computer to get ready so I could look up how this > is called. But now that I've looked at it, I'm still not sure how this > is called. No reason to be sorry. I value every review I get, no matter the timing :-) > > Anyway, my question is, is out zeroed memory? Should we have something > like: > } else { > memset(out, 0, HASH_LEN_SIZE); > } > out += HASH_LEN_SIZE; > The export/import function serialize internal hash state into/from a user supplied buffer, which may or may not be zeroed. The import/output is an opaque struct to the user, and in these specific circumstances that field (location in hashed data) is simply not used. After thinking about it, I think the correct thing to do here is to poison the unused field, rather than zero it to make it easier to debug cases where someone passes to export an import of a different hash/parameters. Thanks for pointing it out. > The ->import() function has a similar snippet. That one is easier as the internal data that is being imported is simply not allocated in this scenario at all. Thanks! Gilad -- Gilad Ben-Yossef Chief Coffee Drinker "If you take a class in large-scale robotics, can you end up in a situation where the homework eats your dog?" -- Jean-Baptiste Queru