Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp2838230yba; Mon, 6 May 2019 12:21:13 -0700 (PDT) X-Google-Smtp-Source: APXvYqyW/M//aHR+sS+s6ADAu5QdMUOT1LbjMnMsUc5ekkNq4CLXYHziPf8yR9Bxoi7wZL3qo95z X-Received: by 2002:a65:6546:: with SMTP id a6mr34010245pgw.5.1557170473058; Mon, 06 May 2019 12:21:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557170473; cv=none; d=google.com; s=arc-20160816; b=qc/Z2UpNwmRkSDU6oDAbXLIDcvqk7HJt1VnkDu1SrWEm0AFoBxi/D0hv1loE8dAzXS OhgiC4xwrRM541JGRmCMLAy/2WjV0KAULGysv1z9d/4SmDyZl1Un9Wy+Bj7NICb3bOWc nmzT2cQSNBOc7OGOty/L1mK13hg9paOOBjsfoiaNsCmXrGR0QfA4UKQ7Dxy6KdmG2+Oi rASNVFKAm2XZ7M0mPyr+Tuq062c28L0yyfnFPd+1+Avdc9uffUHsNkBVWqizEgZ8biLC dqUXkWGuHZFJz2bt5E8PToDrM+W3vPX83OtETMbk5IOdf/7AyTXu1j+GvkuZ4hKbjCXS F9vA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from; bh=tCB/iET8GAY+FANYUWUij8+JiUspEMSWPSff6wvNqIY=; b=SP7yZSoxHX6amNImcegWIVW4eS6M2QoHuLWCGJBBS9pyIvH/I7nsL40An+OlV8Mh2y Zdee7vNfqS4Ln4sru+LVbAZRF83LkXfHP/mRtjYsNFVpDzRdBGRjXZ76B0mLEL1OU7A8 HxDeHFALY+3jYvMGQ1YtmaoRTmwHFI+UXEbqgPZGMdLdaa5vf/+O2bmmttm/OFaBh5zR MK5/UAdmjwi5RQ/wSeR6TfSH0UulqUF2A2s+TAwnAbsRbuk8De7wOggLhJj4f5auVQck JZc1fveIIhw/7Zkvx5Tf/Ss2jAXV2VkTnLEH/TP4R8czwSaZVX6ppmECFhcqgK+wbCpA v6Ag== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j7si17274364pfb.75.2019.05.06.12.20.57; Mon, 06 May 2019 12:21:13 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726413AbfEFTUD (ORCPT + 99 others); Mon, 6 May 2019 15:20:03 -0400 Received: from mx2.suse.de ([195.135.220.15]:41084 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726145AbfEFTUC (ORCPT ); Mon, 6 May 2019 15:20:02 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id 893FFAEA1; Mon, 6 May 2019 19:20:01 +0000 (UTC) From: Joao Moreira To: kernel-hardening@lists.openwall.com Cc: linux-kernel@vger.kernel.org, x86@kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net, tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, gregkh@linuxfoundation.org, keescook@chromium.org Subject: [RFC PATCH v2 0/4] x86/crypto: Fix crypto function casts Date: Mon, 6 May 2019 16:19:46 -0300 Message-Id: <20190506191950.9521-1-jmoreira@suse.de> X-Mailer: git-send-email 2.16.4 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org It is possible to indirectly invoke functions with prototypes that do not match those of the respectively used function pointers by using void types. This feature is frequently used as a way of relaxing function invocation, making it possible that different data structures are passed to different functions through the same pointer. Despite the benefits, this can lead to a situation where functions with a given prototype are invoked by pointers with a different prototype, what is undesirable as it may prevent the use of heuristics such as prototype matching-based Control-Flow Integrity, which can be used to prevent ROP-based attacks. One way of fixing this situation is through the use of helper functions with prototypes that match the one in the respective invoking pointer. Given the above, the current efforts to improve the Linux security, and the upcoming kernel support to compilers with CFI features, fix the prototype casting of x86/crypto algorithms camellia, cast6, serpent and twofish with the use of a macro that generates the helper function. This patch does not introduce semantic changes to the cryptographic algorithms, yet, if someone finds relevant, the affected algorithms were tested with the help of tcrypt.ko without any visible harm. Joao Moreira (4): Fix serpent crypto function prototypes Fix camellia crypto function prototypes Fix twofish crypto function prototypes Fix cast6 crypto function prototypes arch/x86/crypto/camellia_aesni_avx2_glue.c | 69 ++++++++-------------- arch/x86/crypto/camellia_aesni_avx_glue.c | 45 +++++++-------- arch/x86/crypto/camellia_glue.c | 19 +++--- arch/x86/crypto/cast6_avx_glue.c | 54 +++++++---------- arch/x86/crypto/serpent_avx2_glue.c | 68 ++++++++++------------ arch/x86/crypto/serpent_avx_glue.c | 63 ++++++++------------ arch/x86/crypto/serpent_sse2_glue.c | 24 +++++--- arch/x86/crypto/twofish_avx_glue.c | 65 ++++++++++----------- arch/x86/crypto/twofish_glue_3way.c | 33 ++++++----- arch/x86/include/asm/crypto/camellia.h | 93 +++++++++++++++--------------- arch/x86/include/asm/crypto/serpent-avx.h | 39 ++++++++----- arch/x86/include/asm/crypto/serpent-sse2.h | 10 ++++ arch/x86/include/asm/crypto/twofish.h | 33 ++++++++--- include/crypto/cast6.h | 23 +++++++- 14 files changed, 320 insertions(+), 318 deletions(-) -- 2.16.4