Received: by 10.223.176.5 with SMTP id f5csp587221wra; Tue, 6 Feb 2018 04:12:21 -0800 (PST) X-Google-Smtp-Source: AH8x225zdfRwxjwHCE1EONvrdal7ePl4vS1YH/YpBHV9T4ScUBadGfosLAUfDfEptUbR4QqIy9L2 X-Received: by 2002:a17:902:7486:: with SMTP id h6-v6mr2269092pll.236.1517919141853; Tue, 06 Feb 2018 04:12:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517919141; cv=none; d=google.com; s=arc-20160816; b=gWzKs7p2IBp7ano+M8aSWxQBJdQ8hSdDhLl0P+WtF3HfZThzwjSTDE7iPwrv57P8lh tDSiRzg2vrd3326hijeRdRzWLVgqEimEuaB0a+eBqXW13T3V0jC4Oz1jaRTdmAVm0CJP /lxE9Ff8PkCNNFeS3iVnuFzN/HPLHbNYTFylTCd0wizJhEOFFT1I3YQFE0ROzGWlW5uh ESL1Fs374ow9VkZfBz/ShfBrBLfUhN45aUZIFq8ufIoO5CW7qDtEc0EehxN9h9DLhgB+ tuhzticGyluzHaZVB5TW7J0Iu1xk0LvPlSttnJ7uL4lBp367NMdqAH12Y9oZ9GA3WTIL nPMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dmarc-filter :arc-authentication-results; bh=kTW8u+33gKl0bByFFTRIgaOeOKXnzgCZLnfe4Pho4Uo=; b=OjzBhbA9QgJ59SuYrKZ1rrHWhDkgAl1bL/DscQHfPnJ/JcmgTUqHDyCBZMXe5rkkH2 I3R/u/hii4UwKRQ15qpQMz4RjnH17oFuDvbLkANn/mtyQ24sGrjIMnw+SQ/2vJfXmtV8 IMNYxY6RbfKBWWxBypBaJEC7GUHF8/kS94jYPfUv6CBtMVjrwT+YbjOpkOgueYWfmNOr 3feK4FcgocRda4Xe/A54qbGifacAXKnoCd042+AoKjSclbGR34F0unXqq0RnyuFd7Scb IZhL0OvgAcLqbkXWdPoDRA3UAxLysmKgNHJOt2DC+um2mneyj3JJR+6B84BpMD12+oeC dyMA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e6si586298pgf.240.2018.02.06.04.12.07; Tue, 06 Feb 2018 04:12:21 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752763AbeBFMLo (ORCPT + 99 others); Tue, 6 Feb 2018 07:11:44 -0500 Received: from mail.kernel.org ([198.145.29.99]:53666 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752324AbeBFMLi (ORCPT ); Tue, 6 Feb 2018 07:11:38 -0500 Received: from mail-wr0-f176.google.com (mail-wr0-f176.google.com [209.85.128.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id D7B792179F; Tue, 6 Feb 2018 12:11:37 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D7B792179F Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=krzk@kernel.org Received: by mail-wr0-f176.google.com with SMTP id 41so1657743wrc.9; Tue, 06 Feb 2018 04:11:37 -0800 (PST) X-Gm-Message-State: APf1xPCniKYSOKkXS7mKF3Eo/Tdqm8Fp5RGmWRHifPCFQT6waxfxaUq5 u9vK0ipaUQzY78nmAFpvdbgEBhX0/DcO5Yu7Gw0= X-Received: by 10.223.164.197 with SMTP id h5mr2083214wrb.108.1517919096301; Tue, 06 Feb 2018 04:11:36 -0800 (PST) MIME-Version: 1.0 Received: by 10.223.146.101 with HTTP; Tue, 6 Feb 2018 04:11:35 -0800 (PST) In-Reply-To: <224788c7-426b-d3a9-d0a6-412d2b8afb75@partner.samsung.com> References: <224788c7-426b-d3a9-d0a6-412d2b8afb75@partner.samsung.com> From: Krzysztof Kozlowski Date: Tue, 6 Feb 2018 13:11:35 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] crypto: s5p-sss.c: Fix kernel Oops in AES-ECB mode To: Kamil Konieczny Cc: Herbert Xu , Vladimir Zapolskiy , "David S. Miller" , Bartlomiej Zolnierkiewicz , Marek Szyprowski , Anand Moon , linux-crypto@vger.kernel.org, linux-samsung-soc@vger.kernel.org, linux-kernel Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Feb 5, 2018 at 6:40 PM, Kamil Konieczny wrote: > > In AES-ECB mode crypt is done with key only, so any use of IV > can cause kernel Oops, as reported by Anand Moon. > Fixed it by using IV only in AES-CBC and AES-CTR. > > Signed-off-by: Kamil Konieczny > Reported-by: Anand Moon > --- > Tested on Odroid XU4/HC1, kernel 4.15 with following command: > > fallocate -l 128MiB /tmp/test.bin > dd if=/dev/urandom of=/tmp/testkey.key bs=128 count=1 > sync > cryptsetup luksFormat --debug -q -d /tmp/testkey.key \ > --cipher aes-cbc-essiv:sha256 -h sha256 -s 128 /tmp/test.bin > > The original report by Anand Moon: > https://www.spinics.net/lists/linux-crypto/msg31180.html > > Oops reproduced with cryptsetup 2.0.0, kernel 4.15, > in .config in crypto API ECB support was turned off, and s5p-sss AES driver on. > > cryptsetup is using aes-ecb and has req->info in aes_ctx set to 0x10, > which caused Oops: > > [ 2078.683779] Internal error: Oops: 17 [#1] PREEMPT SMP ARM > [ 2078.689148] Modules linked in: algif_skcipher af_alg sd_mod sg > evdev uas usb_storage scsi_mod gpio_keys fbtft(C) spidev spi_s3c64xx > ipv6 > [ 2078.701377] CPU: 1 PID: 15 Comm: ksoftirqd/1 Tainted: G C > 4.15.0-rc9-xu4krck #1 > [ 2078.709861] Hardware name: SAMSUNG EXYNOS (Flattened Device Tree) > [ 2078.715932] PC is at memcpy+0x80/0x330 > [ 2078.719652] LR is at s5p_tasklet_cb+0x19c/0x328 > > drivers/crypto/s5p-sss.c | 12 +++++++++--- > 1 file changed, 9 insertions(+), 3 deletions(-) Fixes and cc-stable? Reviewed-by: Krzysztof Kozlowski Best regards, Krzysztof