Re: [PATCHv2 3/7] crypto: omap-crypto: fix userspace copied buffer access

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 22/05/2020 16:12, Herbert Xu wrote:
On Mon, May 11, 2020 at 02:19:09PM +0300, Tero Kristo wrote:
In case buffers are copied from userspace, directly accessing the page
will most likely fail because it hasn't been mapped into the kernel
memory space. Fix the issue by forcing a kmap / kunmap within the
cleanup functionality.

Signed-off-by: Tero Kristo <t-kristo@xxxxxx>
---
  drivers/crypto/omap-crypto.c | 9 +++++++--
  1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/omap-crypto.c b/drivers/crypto/omap-crypto.c
index cc88b7362bc2..31bdb1d76d11 100644
--- a/drivers/crypto/omap-crypto.c
+++ b/drivers/crypto/omap-crypto.c
@@ -178,11 +178,16 @@ static void omap_crypto_copy_data(struct scatterlist *src,
  		amt = min(src->length - srco, dst->length - dsto);
  		amt = min(len, amt);
- srcb = sg_virt(src) + srco;
-		dstb = sg_virt(dst) + dsto;
+		srcb = kmap_atomic(sg_page(src)) + srco + src->offset;
+		dstb = kmap_atomic(sg_page(dst)) + dsto + dst->offset;
memcpy(dstb, srcb, amt); + flush_dcache_page(sg_page(dst));

You need to check !PageSlab as it's illegal to call it on a kernel
page.  Also you should be using flush_kernel_dcache_page.  scatterwalk
uses flush_dcache_page only because when it was created the other
function didn't exist.

Ok will fix that.

Would it be possible to use the sg_miter interface to do the copy?
In fact your function could possibly be added to lib/scatterlist.c
as it seems to be quite generic.

I think it would make sense to use that, however as I am just fixing an existing bug here, would it be ok if I just fix your above comment and post v3? I can convert this later to sg_miter and take a shot at moving this to lib/scatterlist.c as that seems slightly bigger effort and I would not want to block this whole series because of that...

-Tero
--
Texas Instruments Finland Oy, Porkkalankatu 22, 00180 Helsinki. Y-tunnus/Business ID: 0615521-4. Kotipaikka/Domicile: Helsinki



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux