Re: [PATCH] omap-aes - fix crypto cleanup and IV reporting

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Francis,

This has similar checkpatch issues + being split into multipart message as your other patch.

Also, I think this patch should be split up in two, as there are two issues you are fixing; the bad pointer issue (which I think you only fixed partially, also the in->sgl has similar problem), and the missing output IVI. Why is this needed btw, I have never faced the requirement to update the IVI on the ahash request? Any crypto test cases I have ran just work fine without this bit.

-Tero

On 22/03/18 16:58, Francis Le Bourse wrote:
Hello,

omap_aes_(cbc/ctr)(encrypt/decrypt) don't return the updated IV, add the code to do just that at the end of the operation.

In omap_aes_done_task(), omap_crypto_cleanup() is called with:
     omap_crypto_cleanup(&dd->out_sgl, dd->orig_out, 0, dd->total_save,
                         FLAGS_OUT_DATA_ST_SHIFT, dd->flags);
this ends up in freeing the part of the omap_aes_dev structure starting at the address of the out_sgl member. As the memory released is soon reused the kernel crashes at the next encrypt/decrypt call:

    [  334.559643] Unable to handle kernel paging request at virtual address 30627375
     [  334.566922] pgd = c0004000
     [  334.569650] [30627375] *pgd=00000000
     [  334.573252] Internal error: Oops: 5 [#1] SMP ARM

     Entering kdb (current=0xee5fb0c0, pid 89) on processor 1 Oops: (null)
     due to oops @ 0xc0b36a20
    CPU: 1 PID: 89 Comm: 4b500000.aes-en Tainted: G         C 4.14.13-ti-r25 #55
     Hardware name: Generic DRA74X (Flattened Device Tree)
     task: ee5fb0c0 task.stack: ee782000
     PC is at omap_aes_crypt_dma+0x234/0x58c
     LR is at irq_work_queue+0x14/0x90
     pc : [<c0b36a20>]    lr : [<c0256020>]    psr: 60080013
     sp : ee783e48  ip : 00000007  fp : ee783eac
     r10: eba7f740  r9 : eba7f740  r8 : ee70d380
     r7 : 00000001  r6 : c011a320  r5 : c1504dc8  r4 : ee70d310
     r3 : 5c40a269  r2 : 5c40a269  r1 : 00000000  r0 : 30627375
     Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
     Control: 10c5387d  Table: ad69c06a  DAC: 00000051
    CPU: 1 PID: 89 Comm: 4b500000.aes-en Tainted: G         C 4.14.13-ti-r25 #55
     Hardware name: Generic DRA74X (Flattened Device Tree)

    [<c0d881f8>] (__dabt_svc) from [<c0b36a20>] (omap_aes_crypt_dma+0x234/0x58c)     [<c0b36a20>] (omap_aes_crypt_dma) from [<c0b36fa0>] (omap_aes_crypt_dma_start+0x228/0x400)     [<c0b36fa0>] (omap_aes_crypt_dma_start) from [<c0b3720c>] (omap_aes_crypt_req+0x94/0x128)     [<c0b3720c>] (omap_aes_crypt_req) from [<c073bbf4>] (crypto_pump_work+0x278/0x2f8)     [<c073bbf4>] (crypto_pump_work) from [<c016665c>] (kthread_worker_fn+0x11c/0x20c)     [<c016665c>] (kthread_worker_fn) from [<c01664f4>] (kthread+0x170/0x178)
     [<c01664f4>] (kthread) from [<c0108fa8>] (ret_from_fork+0x14/0x2c)

Here the call should be omap_crypt_cleanup(dd->out_sg, ...);
A similar issue exists in omap-des.c.




--
Texas Instruments Finland Oy, Porkkalankatu 22, 00180 Helsinki. Y-tunnus/Business ID: 0615521-4. Kotipaikka/Domicile: Helsinki



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux