> -----Original Message----- > From: Longpeng (Mike, Cloud Infrastructure Service Product Dept.) > Sent: Tuesday, May 26, 2020 11:20 AM > To: linux-crypto@xxxxxxxxxxxxxxx > Cc: Longpeng (Mike, Cloud Infrastructure Service Product Dept.) > <longpeng2@xxxxxxxxxx>; LABBE Corentin <clabbe@xxxxxxxxxxxx>; Gonglei > (Arei) <arei.gonglei@xxxxxxxxxx>; Herbert Xu > <herbert@xxxxxxxxxxxxxxxxxxx>; Michael S. Tsirkin <mst@xxxxxxxxxx>; Jason > Wang <jasowang@xxxxxxxxxx>; David S. Miller <davem@xxxxxxxxxxxxx>; > Markus Elfring <Markus.Elfring@xxxxxx>; > virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx; > stable@xxxxxxxxxxxxxxx > Subject: [PATCH v2 2/2] crypto: virtio: Fix use-after-free in > virtio_crypto_skcipher_finalize_req() > > The system'll crash when the users insmod crypto/tcrypto.ko with mode=155 > ( testing "authenc(hmac(sha1),cbc(aes))" ). It's caused by reuse the memory of > request structure. > > In crypto_authenc_init_tfm(), the reqsize is set to: > [PART 1] sizeof(authenc_request_ctx) + > [PART 2] ictx->reqoff + > [PART 3] MAX(ahash part, skcipher part) and the 'PART 3' is used by both > ahash and skcipher in turn. > > When the virtio_crypto driver finish skcipher req, it'll call ->complete callback(in > crypto_finalize_skcipher_request) and then free its resources whose pointers > are recorded in 'skcipher parts'. > > However, the ->complete is 'crypto_authenc_encrypt_done' in this case, it will > use the 'ahash part' of the request and change its content, so virtio_crypto > driver will get the wrong pointer after ->complete finish and mistakenly free > some other's memory. So the system will crash when these memory will be used > again. > > The resources which need to be cleaned up are not used any more. But the > pointers of these resources may be changed in the function > "crypto_finalize_skcipher_request". Thus release specific resources before > calling this function. > > Fixes: dbaf0624ffa5 ("crypto: add virtio-crypto driver") > Reported-by: LABBE Corentin <clabbe@xxxxxxxxxxxx> > Cc: Gonglei <arei.gonglei@xxxxxxxxxx> > Cc: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> > Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> > Cc: Jason Wang <jasowang@xxxxxxxxxx> > Cc: "David S. Miller" <davem@xxxxxxxxxxxxx> > Cc: Markus Elfring <Markus.Elfring@xxxxxx> > Cc: virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx > Cc: linux-kernel@xxxxxxxxxxxxxxx > Cc: stable@xxxxxxxxxxxxxxx > Message-Id: <20200123101000.GB24255@Red> > Signed-off-by: Longpeng(Mike) <longpeng2@xxxxxxxxxx> > --- Acked-by: Gonglei <arei.gonglei@xxxxxxxxxx> Regards, -Gonglei > drivers/crypto/virtio/virtio_crypto_algs.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/drivers/crypto/virtio/virtio_crypto_algs.c > b/drivers/crypto/virtio/virtio_crypto_algs.c > index 5f8243563009..52261b6c247e 100644 > --- a/drivers/crypto/virtio/virtio_crypto_algs.c > +++ b/drivers/crypto/virtio/virtio_crypto_algs.c > @@ -582,10 +582,11 @@ static void virtio_crypto_skcipher_finalize_req( > scatterwalk_map_and_copy(req->iv, req->dst, > req->cryptlen - AES_BLOCK_SIZE, > AES_BLOCK_SIZE, 0); > - crypto_finalize_skcipher_request(vc_sym_req->base.dataq->engine, > - req, err); > kzfree(vc_sym_req->iv); > virtcrypto_clear_request(&vc_sym_req->base); > + > + crypto_finalize_skcipher_request(vc_sym_req->base.dataq->engine, > + req, err); > } > > static struct virtio_crypto_algo virtio_crypto_algs[] = { { > -- > 2.23.0 _______________________________________________ Virtualization mailing list Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/virtualization