Re: [PATCH 4/8] crypto: stm32/cryp - fix race condition

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/29/21 5:21 PM, Nicolas Toromanoff wrote:
On Fri, 29 Oct 2021, Marek Vasut wrote:

On 10/29/21 3:54 PM, Nicolas Toromanoff wrote:
Erase key before finalizing request.
Fixes: 9e054ec21ef8 ("crypto: stm32 - Support for STM32 CRYP crypto module")

Can you be a bit more specific in your commit messages ? That applies to the entire patchset. It is absolutely impossible to tell what race is fixed here or why it is fixed by exactly this change. This applies to the entire series.

I'll send a v2 with better commit messages.

for this specific patch:
We reset the saved key before the crypto_finalize_*() call. Otherwise a still pending crypto action could be ran with a wrong key = {0};

And while I am at it, does the CRYP finally pass at least the most basic kernel boot time crypto tests or does running those still overwrite kernel memory and/or completely crash or lock up the machine ?

All extra tests (finally) pass.

With a kernel config :
   # CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
   CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y
   CONFIG_CRYPTO_DEV_STM32_CRYP=m

Can you also do a boot test with CRYP compiled into the kernel ?
I recall that is how the original bug was reported -- the machine crashed completely on boot even before reaching userspace, or the kernel crashed on memory corruption before reaching userspace.



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux