On Thu, May 18, 2017 at 8:09 AM, Herbert Xu wrote:
> On Thu, May 11, 2017 at 02:53:43PM +0300, Gilad Ben-Yossef wrote:
>> drbg_kcapi_sym_ctr() was using wait_for_completion_interruptible() to
>> wait for completion of async crypto op but if a signal occurs it
>> may
The sample code was showing use of wait_for_completion_interruptible()
for waiting for an async. crypto op to finish. However, if a signal
arrived it would free the buffers used even while crypto HW might
still DMA from/into the buffers.
Resolve this by using wait_for_completion() instead.
crypto_gcm_setkey() was using wait_for_completion_interruptible() to
wait for completion of async crypto op but if a signal occurs it
may return before DMA ops of HW crypto provider finish, thus
corrupting the data buffer that is kfree'ed in this case.
Resolve this by using wait_for_completion()
drbg_kcapi_sym_ctr() was using wait_for_completion_interruptible() to
wait for completion of async crypto op but if a signal occurs it
may return before DMA ops of HW crypto provider finish, thus
corrupting the output buffer.
Resolve this by using wait_for_completion() instead.
Reported-by: Eric
public_key_verify_signature() was passing the CRYPTO_TFM_REQ_MAY_BACKLOG
flag to akcipher_request_set_callback() but was not handling correctly
the case where a -EBUSY error could be returned from the call to
crypto_akcipher_verify() if backlog was used, possibly casuing
data corruption due to
2017-04-07 8:12 GMT+02:00 Herbert Xu :
> On Fri, Mar 10, 2017 at 02:44:26PM +0100, Ondrej Mosnacek wrote:
>>
>> ISSUES:
>> a) The 'keycount' parameter.
>> In order to support multi-key modes from Loop-AES,
>> dm-crypt accepts a keycount
drbg_kcapi_sym_ctr() was using wait_for_completion_interruptible() to
wait for completion of async crypto op but if a signal occurs it
may return before DMA ops of HW crypto provider finish, thus
corrupting the output buffer.
Resolve this by using wait_for_completion() instead.
Reported-by: Eric
This patch set fixes various usage and documentation errors
in waiting for async crypto op to complete which can result
in data corruption.
Note: these were discovered in the process of working on a
patch set that replaces these call sites and more with a
generic implementation that will prevent
crypto_gcm_setkey() was using wait_for_completion_interruptible() to
wait for completion of async crypto op but if a signal occurs it
may return before DMA ops of HW crypto provider finish, thus
corrupting the data buffer that is kfree'ed in this case.
Resolve this by using wait_for_completion()
public_key_verify_signature() was passing the CRYPTO_TFM_REQ_MAY_BACKLOG
flag to akcipher_request_set_callback() but was not handling correctly
the case where a -EBUSY error could be returned from the call to
crypto_akcipher_verify() if backlog was used, possibly casuing
data corruption due to
The sample code was showing use of wait_for_completion_interruptible()
for waiting for an async. crypto op to finish. However, if a signal
arrived it would free the buffers used even while crypto HW might
still DMA from/into the buffers.
Resolve this by using wait_for_completion() instead.
Fixes checkpatch warning:
WARNING: please, no space before tabs
Signed-off-by: Branislav Katreniak
---
drivers/staging/ccree/cc_crypto_ctx.h | 18 +-
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/drivers/staging/ccree/cc_crypto_ctx.h
Each document under Documentation/*.txt has its own format.
Some follow markup notations, some don't even have a title!
In order to try to get some order on it, change the document
style to the standard we're adopting after the adoption of
ReStructured Text.
The documents touched on this series
Each text file under Documentation follows a different
format. Some doesn't even have titles!
Change its representation to follow the adopted standard,
using ReST markups for it to be parseable by Sphinx:
- use proper markups for titles;
- adjust section identation;
- use proper markup for notes
On Thu, May 18, 2017 at 08:56:32PM -0500, Josh Poimboeuf wrote:
> >
> > Hmm, it looks like a number of other algorithms in arch/x86/crypto/ use
> > %rbp (or
> > %ebp), e.g. blowfish, camellia, cast5, and aes-i586. Presumably they have
> > the
> > same problem. I'm a little confused: do these
Each text file under Documentation follows a different
format. Some doesn't even have titles!
Change its representation to follow the adopted standard,
using ReST markups for it to be parseable by Sphinx:
- mark document title;
- mark literal blocks.
Signed-off-by: Mauro Carvalho Chehab
On Wed, May 17, 2017 at 03:21:41PM -0700, Eric Biggers wrote:
> On Wed, May 17, 2017 at 03:44:27PM -0500, Josh Poimboeuf wrote:
> > On Tue, May 16, 2017 at 09:03:08PM -0700, Eric Biggers wrote:
> > > From: Eric Biggers
> > >
> > > When using the "aes-asm" implementation of
17 matches
Mail list logo