Re: [PATCH v2 3/4] crypto: inside-secure - only update the result buffer when provided

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Antoine,

On 01.12.2017 11:24, Antoine Tenart wrote:
> Hi Kamil,
> 
> On Fri, Dec 01, 2017 at 11:18:30AM +0100, Kamil Konieczny wrote:
>> On 01.12.2017 09:11, Antoine Tenart wrote:
>>> - Other drivers are doing this check (grep "if (!req->result)" or
>>>   "if (req->result)" to see some of them).
>>> - I see at least one commit fixing the exact same issue I'm facing here,
>>>   393897c5156a415533ff85aa381458840417b032:
>>>
>>>     crypto: ccp - Check for caller result area before using it
>>>
>>>     For a hash operation, the caller doesn't have to supply a result
>>>     area on every call so don't use it / update it if it hasn't
>>>     been supplied.
>>
>> Do you set last_req true for digest/finup/final ? If yes,
>> then you need to copy result only when it is true,
>>
>> 	if (sreq->last_req) {
>> 		result_sz = crypto_ahash_digestsize(ahash);
>> 		memcpy(sreq->state, areq->result, result_sz);
>> 	}
> 
> Yes the last_req flag is set for the last request, so when
> digest/finup/final are called. But no we can't copy the result into the
> state based on this as an user might want to perform multiple updates,
> then export the context, to import it again before sending more updates.

IMHO set them to false in hash update and init, set finish false and last_req true
for hash final, and set both true for hash finup and digest.

As Herbert tells in https://www.spinics.net/lists/linux-crypto/msg28658.html
you should support scenario export + update/finup, so basically export is reading
state but it do not halt your hash driver.

-- 
Best regards,
Kamil Konieczny
Samsung R&D Institute Poland




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux