The crypto completion function currently takes a pointer to a
struct crypto_async_request object. However, in reality the API
does not allow the use of any part of the object apart from the
data field. For example, ahash/shash will create a fake object
on the stack to pass along a different data field.
This leads to potential bugs where the user may try to dereference
or otherwise use the crypto_async_request object.
This patch adds some temporary scaffolding so that the completion
function can take a void * instead. Once affected users have been
converted this can be removed.
The helper crypto_request_complete will remain even after the
conversion is complete. It should be used instead of calling
the completion functino directly.
Signed-off-by: Herbert Xu <[email protected]>
---
include/crypto/algapi.h | 7 +++++++
include/linux/crypto.h | 6 ++++++
2 files changed, 13 insertions(+)
diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h
index 61b327206b55..1fd81e74a174 100644
--- a/include/crypto/algapi.h
+++ b/include/crypto/algapi.h
@@ -302,4 +302,11 @@ enum {
CRYPTO_MSG_ALG_LOADED,
};
+static inline void crypto_request_complete(struct crypto_async_request *req,
+ int err)
+{
+ crypto_completion_t complete = req->complete;
+ complete(req, err);
+}
+
#endif /* _CRYPTO_ALGAPI_H */
diff --git a/include/linux/crypto.h b/include/linux/crypto.h
index 5d1e961f810e..b18f6e669fb1 100644
--- a/include/linux/crypto.h
+++ b/include/linux/crypto.h
@@ -176,6 +176,7 @@ struct crypto_async_request;
struct crypto_tfm;
struct crypto_type;
+typedef struct crypto_async_request crypto_completion_data_t;
typedef void (*crypto_completion_t)(struct crypto_async_request *req, int err);
/**
@@ -595,6 +596,11 @@ struct crypto_wait {
/*
* Async ops completion helper functioons
*/
+static inline void *crypto_get_completion_data(crypto_completion_data_t *req)
+{
+ return req->data;
+}
+
void crypto_req_done(struct crypto_async_request *req, int err);
static inline int crypto_wait_req(int err, struct crypto_wait *wait)
On Tue, Jan 31, 2023 at 04:01:45PM +0800, Herbert Xu wrote:
> The crypto completion function currently takes a pointer to a
> struct crypto_async_request object. However, in reality the API
> does not allow the use of any part of the object apart from the
> data field. For example, ahash/shash will create a fake object
> on the stack to pass along a different data field.
>
> This leads to potential bugs where the user may try to dereference
> or otherwise use the crypto_async_request object.
>
> This patch adds some temporary scaffolding so that the completion
> function can take a void * instead. Once affected users have been
> converted this can be removed.
>
> The helper crypto_request_complete will remain even after the
> conversion is complete. It should be used instead of calling
> the completion functino directly.
Typo
/s/functino/function
>
> Signed-off-by: Herbert Xu <[email protected]>
Reviewed-by: Giovanni Cabiddu <[email protected]>