2021-09-11 11:08:35

by Shreyansh Chouhan

[permalink] [raw]
Subject: [PATCH] crypto: x86/aes-ni - check walk.nbytes instead of err

In the code for xts_crypt(), we check for the err value returned by
skcipher_walk_virt() and return from the function if it is non zero.
However, skcipher_walk_virt() can set walk.nbytes to 0, which would cause
us to call kernel_fpu_begin(), and then skip the kernel_fpu_end() call.

This patch checks for the walk.nbytes value instead, and returns if
walk.nbytes is 0. This prevents us from calling kernel_fpu_begin() in
the first place and also covers the case of having a non zero err value
returned from skcipher_walk_virt().

Reported-by: Dan Carpenter <[email protected]>
Signed-off-by: Shreyansh Chouhan <[email protected]>
---
arch/x86/crypto/aesni-intel_glue.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c
index 0fc961bef299..e09f4672dd38 100644
--- a/arch/x86/crypto/aesni-intel_glue.c
+++ b/arch/x86/crypto/aesni-intel_glue.c
@@ -866,7 +866,7 @@ static int xts_crypt(struct skcipher_request *req, bool encrypt)
req = &subreq;

err = skcipher_walk_virt(&walk, req, false);
- if (err)
+ if (!walk.nbytes)
return err;
} else {
tail = 0;
--
2.31.1


2021-09-17 12:08:09

by Herbert Xu

[permalink] [raw]
Subject: Re: [PATCH] crypto: x86/aes-ni - check walk.nbytes instead of err

On Sat, Sep 11, 2021 at 04:37:59PM +0530, Shreyansh Chouhan wrote:
> In the code for xts_crypt(), we check for the err value returned by
> skcipher_walk_virt() and return from the function if it is non zero.
> However, skcipher_walk_virt() can set walk.nbytes to 0, which would cause
> us to call kernel_fpu_begin(), and then skip the kernel_fpu_end() call.
>
> This patch checks for the walk.nbytes value instead, and returns if
> walk.nbytes is 0. This prevents us from calling kernel_fpu_begin() in
> the first place and also covers the case of having a non zero err value
> returned from skcipher_walk_virt().
>
> Reported-by: Dan Carpenter <[email protected]>
> Signed-off-by: Shreyansh Chouhan <[email protected]>
> ---
> arch/x86/crypto/aesni-intel_glue.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)

Patch applied. Thanks.
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt