Received: by 2002:a05:7412:419a:b0:f3:1519:9f41 with SMTP id i26csp4658820rdh; Wed, 29 Nov 2023 07:20:54 -0800 (PST) X-Google-Smtp-Source: AGHT+IF/aAJKwwgI3jcTIbMEnGYbB9ipCMjz6al7eNYo9cNLTvG5VYot9EF7gAaGnH+VTdSnQjIs X-Received: by 2002:a05:6830:3b0e:b0:6c6:4843:2abb with SMTP id dk14-20020a0568303b0e00b006c648432abbmr18254429otb.12.1701271254338; Wed, 29 Nov 2023 07:20:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701271254; cv=none; d=google.com; s=arc-20160816; b=G/op70axdFi0JZanILKWFkoeD7OlmKY53dzRZx9tTGYJtdD3MpmwNJQ65cVkhPhaGx yOys5203JSfAbA2jRWdcGVgDrBrJLSlURt76jQsHFhv4WPXuINb0sgTJIVZolnuGFJEY a1cePqf6hhtPfYieBDb4BVAMs+CEzhhlj2N7IfVP3w+47gOsqCmtrXeTgR8097BSlINl Qv+vwedXE3XqfGyQXuk8wkz5u/1WTn2gwcz6m/eJdXgMkJslGq7mss+U43vgs669AnA6 3Xv2BCMt/S6rVD5Lw64rsDt+Ks9XDmIH32g2m8O64yUWLFcpnPswRhK80PVe6554mvwV sRVw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=PIBWCubcDObO1zEswJYqTbKHW/j4xGorbYQE7SjlL0E=; fh=6FyO0wd9Kk/FNtd22ji0aApFi0F/pH+83rOWkkMumQw=; b=VHwuQ0YUXjmoDdkDLUcTtQjOUigk1WO5NigJw5fVhAu6YkzQvEOLepwC/BY2DYI3/C Z85Cf+SZh1PhtepzKTrt49awxG+aCSDoceOurXsz50JerMJYWFXZJAnFK0YL4jwk2r0v XBOqQkuV+8YkIuSXajsU76s3REwWAR+0EFkkCJGmf+FyFnc+e6H/QUmV8xzbt5NBuIA3 dvRn5ZRzkYmybhqt8Bd7JTMkj2F/zbw6OlR9CmQtI+D4eupv6NyQCx3vZOjGai2J+Yq2 te0DHFftx5SwHp4Dn9gkKjhxxUuptpTWd+iXY9vL93dxj/JU/ib2CXWzOXDNU/6gHnnE xBSQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from fry.vger.email (fry.vger.email. [2620:137:e000::3:8]) by mx.google.com with ESMTPS id ch9-20020a056a0208c900b005c277eadf93si15529577pgb.318.2023.11.29.07.20.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 29 Nov 2023 07:20:54 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) client-ip=2620:137:e000::3:8; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id 161218057E79; Wed, 29 Nov 2023 07:20:34 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234629AbjK2PUQ (ORCPT + 99 others); Wed, 29 Nov 2023 10:20:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51186 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233426AbjK2PUP (ORCPT ); Wed, 29 Nov 2023 10:20:15 -0500 X-Greylist: delayed 62 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Wed, 29 Nov 2023 07:20:20 PST Received: from exchange.fintech.ru (exchange.fintech.ru [195.54.195.159]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 22D9584; Wed, 29 Nov 2023 07:20:20 -0800 (PST) Received: from Ex16-01.fintech.ru (10.0.10.18) by exchange.fintech.ru (195.54.195.159) with Microsoft SMTP Server (TLS) id 14.3.498.0; Wed, 29 Nov 2023 18:19:14 +0300 Received: from localhost (10.0.253.138) by Ex16-01.fintech.ru (10.0.10.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4; Wed, 29 Nov 2023 18:19:14 +0300 From: Nikita Zhandarovich To: Antoine Tenart CC: Nikita Zhandarovich , Herbert Xu , "David S. Miller" , , Subject: crypto: safexcel - Add error handling for dma_map_sg() calls Date: Wed, 29 Nov 2023 07:19:04 -0800 Message-ID: <20231129151904.7693-1-n.zhandarovich@fintech.ru> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 7BIT Content-Type: text/plain; charset=US-ASCII X-Originating-IP: [10.0.253.138] X-ClientProxiedBy: Ex16-02.fintech.ru (10.0.10.19) To Ex16-01.fintech.ru (10.0.10.18) X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Wed, 29 Nov 2023 07:20:34 -0800 (PST) Macro dma_map_sg() may return 0 on error. This patch enables checks in case of the macro failure and ensures unmapping of previously mapped buffers with dma_unmap_sg(). Found by Linux Verification Center (linuxtesting.org) with static analysis tool SVACE. Fixes: 49186a7d9e46 ("crypto: inside_secure - Avoid dma map if size is zero") Signed-off-by: Nikita Zhandarovich drivers/crypto/inside-secure/safexcel_cipher.c | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c index 272c28b5a088..ca660f31c15f 100644 --- a/drivers/crypto/inside-secure/safexcel_cipher.c +++ b/drivers/crypto/inside-secure/safexcel_cipher.c @@ -742,9 +742,9 @@ static int safexcel_send_req(struct crypto_async_request *base, int ring, max(totlen_src, totlen_dst)); return -EINVAL; } - if (sreq->nr_src > 0) - dma_map_sg(priv->dev, src, sreq->nr_src, - DMA_BIDIRECTIONAL); + if ((sreq->nr_src > 0) && + (!dma_map_sg(priv->dev, src, sreq->nr_src, DMA_BIDIRECTIONAL))) + return -ENOMEM; } else { if (unlikely(totlen_src && (sreq->nr_src <= 0))) { dev_err(priv->dev, "Source buffer not large enough (need %d bytes)!", @@ -752,8 +752,9 @@ static int safexcel_send_req(struct crypto_async_request *base, int ring, return -EINVAL; } - if (sreq->nr_src > 0) - dma_map_sg(priv->dev, src, sreq->nr_src, DMA_TO_DEVICE); + if ((sreq->nr_src > 0) && + (!dma_map_sg(priv->dev, src, sreq->nr_src, DMA_TO_DEVICE))) + return -ENOMEM; if (unlikely(totlen_dst && (sreq->nr_dst <= 0))) { dev_err(priv->dev, "Dest buffer not large enough (need %d bytes)!", @@ -762,9 +763,11 @@ static int safexcel_send_req(struct crypto_async_request *base, int ring, goto unmap; } - if (sreq->nr_dst > 0) - dma_map_sg(priv->dev, dst, sreq->nr_dst, - DMA_FROM_DEVICE); + if ((sreq->nr_dst > 0) && + (!dma_map_sg(priv->dev, dst, sreq->nr_dst, DMA_FROM_DEVICE))) { + ret = -ENOMEM; + goto unmap; + } } memcpy(ctx->base.ctxr->data, ctx->key, ctx->key_len);