Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp9131432pxu; Mon, 28 Dec 2020 07:23:36 -0800 (PST) X-Google-Smtp-Source: ABdhPJzGhY7mw3pl07s5rAa3Tt0ZDO+Rg8QVPtFqad9a6odsNLq9UfQ3y12xxlZZIg9xZhr1bhwe X-Received: by 2002:a17:906:591a:: with SMTP id h26mr41399514ejq.174.1609169016644; Mon, 28 Dec 2020 07:23:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1609169016; cv=none; d=google.com; s=arc-20160816; b=Sr+9B6Gb12i50LeIeqEePVRv0t4yUMnCtcEwQczCIG8BWgXjKPYasDW63vRjsXYhex ibobAe/CFRqsCHvp2shnbmHLD10ODUowK3rK0vdRgLsWUt94u2VcWoe1XyuXA6jtQSaw Pmldv58grXRNHvhX2YTfAAzTahnWi+3F8i6/w1QGeui9yuV40FuJ+fvkaHPoeXRc+vQp yeWEz9H1ZlREsny7ptBUQ3SjSUvsLX0MsP+U7tf2KksVmBXZeDBfoEbOhqmm7OWLotgH GYOIn5yhWCHm1bSsoyeEjyttuWgGdfBpj5cHEgIMNR1b+PUqESeOZZDr3Ju/sTUZ93ZJ Xk0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=UCMpeeXFgLjSZwDzx95xx2VYNoJfv6Mq0w178/RE39M=; b=nH1ks7LTpGv26YPoLzMSNKWGALZz3GDe/AX+nKQUG+UGIX06NZSKj5jjrXddsYYvsv vxOSSueo4CLhXbywLi9o4uUWfr5LyIBUmxwjeR0Cxv34GlqlJM0dVuZzYccQTGAeUx5C ktrBheR2GWNiGmGIvgvOzpHAKKiOvW8blVWwgf2hx5Ebf/iSXNheeACoP0eufmaVcjET vVYt+PBdQYgwwj9W+UlJbvugEB3rQPIF7kGIomFUzcvc6EHjxgYhajmWETSo+V5J1Koi YE3RmMlEaoQSrkc43IYiZO//THd/TZmOYD42Z4Aus0erA5dA2pcX8N3FFlQ9ck/sii7X N8HA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=dyIvn5jW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i19si21109170edq.373.2020.12.28.07.23.13; Mon, 28 Dec 2020 07:23:36 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=dyIvn5jW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2436808AbgL1OCM (ORCPT + 99 others); Mon, 28 Dec 2020 09:02:12 -0500 Received: from mail.kernel.org ([198.145.29.99]:35968 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2436779AbgL1OCI (ORCPT ); Mon, 28 Dec 2020 09:02:08 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 5BCDA20731; Mon, 28 Dec 2020 14:01:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1609164088; bh=0fnv0UIBbTODUrQK1CeIPBPfnLukRyy9Epf9av9hHnA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=dyIvn5jWGVWejFcSPvzAY9CJIzqKp/7CG1mPJlVctkfymbObbQtvyGBLJ0K6sy47E GDKO208yPHv6Bq3homh7JxY0pApwJ7qHgZGHKkCZpb8X1f20jCBlVlZli7kwqLaL6Q M+82gZFiDwjWZislf4eFGbUBijQRlSktqHWb8WzI= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Ard Biesheuvel , Herbert Xu , Sasha Levin Subject: [PATCH 5.10 056/717] crypto: arm64/poly1305-neon - reorder PAC authentication with SP update Date: Mon, 28 Dec 2020 13:40:54 +0100 Message-Id: <20201228125023.678780150@linuxfoundation.org> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20201228125020.963311703@linuxfoundation.org> References: <20201228125020.963311703@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Ard Biesheuvel [ Upstream commit 519a0d7e495a6d3ce62594e485aea2a3a4a2ca0a ] PAC pointer authentication signs the return address against the value of the stack pointer, to prevent stack overrun exploits from corrupting the control flow. However, this requires that the AUTIASP is issued with SP holding the same value as it held when the PAC value was generated. The Poly1305 NEON code got this wrong, resulting in crashes on PAC capable hardware. Fixes: f569ca164751 ("crypto: arm64/poly1305 - incorporate OpenSSL/CRYPTOGAMS ...") Signed-off-by: Ard Biesheuvel Signed-off-by: Herbert Xu Signed-off-by: Sasha Levin --- arch/arm64/crypto/poly1305-armv8.pl | 2 +- arch/arm64/crypto/poly1305-core.S_shipped | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm64/crypto/poly1305-armv8.pl b/arch/arm64/crypto/poly1305-armv8.pl index 6e5576d19af8f..cbc980fb02e33 100644 --- a/arch/arm64/crypto/poly1305-armv8.pl +++ b/arch/arm64/crypto/poly1305-armv8.pl @@ -840,7 +840,6 @@ poly1305_blocks_neon: ldp d14,d15,[sp,#64] addp $ACC2,$ACC2,$ACC2 ldr x30,[sp,#8] - .inst 0xd50323bf // autiasp //////////////////////////////////////////////////////////////// // lazy reduction, but without narrowing @@ -882,6 +881,7 @@ poly1305_blocks_neon: str x4,[$ctx,#8] // set is_base2_26 ldr x29,[sp],#80 + .inst 0xd50323bf // autiasp ret .size poly1305_blocks_neon,.-poly1305_blocks_neon diff --git a/arch/arm64/crypto/poly1305-core.S_shipped b/arch/arm64/crypto/poly1305-core.S_shipped index 8d1c4e420ccdc..fb2822abf63aa 100644 --- a/arch/arm64/crypto/poly1305-core.S_shipped +++ b/arch/arm64/crypto/poly1305-core.S_shipped @@ -779,7 +779,6 @@ poly1305_blocks_neon: ldp d14,d15,[sp,#64] addp v21.2d,v21.2d,v21.2d ldr x30,[sp,#8] - .inst 0xd50323bf // autiasp //////////////////////////////////////////////////////////////// // lazy reduction, but without narrowing @@ -821,6 +820,7 @@ poly1305_blocks_neon: str x4,[x0,#8] // set is_base2_26 ldr x29,[sp],#80 + .inst 0xd50323bf // autiasp ret .size poly1305_blocks_neon,.-poly1305_blocks_neon -- 2.27.0