Re: [PATCH 4/8] crypto: stm32/cryp - fix race condition

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 29 Oct 2021, Marek Vasut wrote:

On 10/29/21 3:54 PM, Nicolas Toromanoff wrote:
Erase key before finalizing request.
Fixes: 9e054ec21ef8 ("crypto: stm32 - Support for STM32 CRYP crypto module")

Can you be a bit more specific in your commit messages ? That applies to the entire patchset. It is absolutely impossible to tell what race is fixed here or why it is fixed by exactly this change. This applies to the entire series.

I'll send a v2 with better commit messages.

for this specific patch:
We reset the saved key before the crypto_finalize_*() call. Otherwise a still pending crypto action could be ran with a wrong key = {0};

And while I am at it, does the CRYP finally pass at least the most basic kernel boot time crypto tests or does running those still overwrite kernel memory and/or completely crash or lock up the machine ?

All extra tests (finally) pass.

With a kernel config :
  # CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
  CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y
  CONFIG_CRYPTO_DEV_STM32_CRYP=m

while(true) do ; modprobe stm32-cryp && modprobe -r stm32-cryp ; done

ran a whole day without a crash, nor a detected error.

--
Nicolas.



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux