Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp4227362ybl; Tue, 20 Aug 2019 08:46:46 -0700 (PDT) X-Google-Smtp-Source: APXvYqyzcKZOFAORgFfLdfnr8LGhkR/gT7etnlO64Rzr7Ci6xE/CRJIaCYg63hHh2r/lKaNnR/F+ X-Received: by 2002:a17:902:2d24:: with SMTP id o33mr22622944plb.269.1566316005973; Tue, 20 Aug 2019 08:46:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1566316005; cv=none; d=google.com; s=arc-20160816; b=O4ycsVy+mbcQzLGqIs3V//83F/cPtMe1K3Y2K3GJgzQX++w7fZufW5df7P6wftVNvV D3CYE7hCLzPWig62bUbuLqtFsd8d6TB0GXUz8aF0yd2dIWPKlFUfe4kV3fDYfA6AiiR0 STWkKo8xsFMUFWtwdo2B19V6q8EcExLUjwAef3QFd3YYWElVuuakCb0YXLhra39vSUy+ swbRPi5SFBHUEK6rB7xSPOH0dJi4XyaAHs0jr58FCoLQ6gPaK778KCbAtQIBUZ5v3Svp 16No5CVipVMVyB4gRU1yvjo/AoMzlRaiwBzo6gFC4ylZrBNQya3g6yKsdlbwTC79LM/X H+NQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:subject:message-id:date:from :mime-version:dkim-signature; bh=86CfnVRSUR5lU0gtFdEJI3KaYVGV/NC7wFzqBZ7PYz8=; b=Ad0lgsw+SsniRRRbSc4l85/+H/6Tzb6Q+tSrv7sS3Xz/vQN0o7eGpyOAPWCQHojloo kWnLwqNJlKkub9c8kqdCjEpnw25mxiL4BKFzAqt8A7YPcN3ae6SXh8imi5N8ieFWI8ex OatNA1Th4ophH+4RWhJ9XxOuQrwefYVPF4qfzwiu8rNi/0mfFwTbHqFnVdfNgituNWe6 178wXP+4yxH34eP1lyq7JTmcOyC33X+OzaBxa+/2XTRNP9eQs6tnZ95iK4owvl3O4Ds9 PKfiKc81RrJ0Jci8tZBcoMFhHaQQxJVCVtM/hecVxcUQcJq3x87OibXJ9RMrzDl/rYn4 7Gkg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=XkmL6WnP; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k192si12112427pge.222.2019.08.20.08.46.21; Tue, 20 Aug 2019 08:46:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=XkmL6WnP; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730105AbfHTPpi (ORCPT + 99 others); Tue, 20 Aug 2019 11:45:38 -0400 Received: from mail-wr1-f54.google.com ([209.85.221.54]:42004 "EHLO mail-wr1-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728344AbfHTPpi (ORCPT ); Tue, 20 Aug 2019 11:45:38 -0400 Received: by mail-wr1-f54.google.com with SMTP id b16so12903424wrq.9 for ; Tue, 20 Aug 2019 08:45:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:from:date:message-id:subject:to; bh=86CfnVRSUR5lU0gtFdEJI3KaYVGV/NC7wFzqBZ7PYz8=; b=XkmL6WnPm9Bt5A+MrIuXZtobgZwoeKtjVtXWTKwvHGqMqXpyn/FD6DH0vnZQLbELE6 lL7H6OT3C/mNfTs+35OkVc7DFLf07JVpaeGtJ7PxKGsVykpUPqQ0VFT4ugV3OuhbDmxG kcjrHGGEJ1uJA3ShQmcr/thDrxfzNfRCy5M3dulkw9+uCHZ9ZhuIyLZBLEt5yOw3VlVq kI8y+ZbCPWBatPepM2gf5++QY70DmvcOhUZ0qXv5cTOuUmFFURUtCxAvIJwV/RvSCj0U hpaRVXkg31kUdvWcu02cf6Kwk99gdsN4iTFyK/PLOl7WmwRNNUriXSAFNuGNT8o9wsLK QqWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=86CfnVRSUR5lU0gtFdEJI3KaYVGV/NC7wFzqBZ7PYz8=; b=n0V/2lkmXEC9fM//OIS7852sULrl2fd5tTW207zGQ+9C0IN3pDrZ2JVUNBIcUdoNyo rAmmSPDbilKinpJTPNtyUa5yv+fXX2mMpzXS7okA1fvo1ogBROi5emsOQI5mSPOvFGt0 RmUeEuRwrwIJM3oVJdF5iyEg3HNuMD8L3+U/HyiUixcg+9Um71MN0RVEhMDejsc0pagt ZZE1zKRbaYAFjnq8j/u7/isEmRUyJ3cZJuHBfAeFoHYcKamM16zysLLAgW4kpwA9yHW3 C0M+F8qZpN5SpO4pzif9IMh4WsnfuKoaQs/yEakyIW0oJCvOMTUjUxdSj06usS2gAjcp MDaA== X-Gm-Message-State: APjAAAULRqooJRHKsKD7BUkzzT3KYuX9wJkV3S76/O6PaacZgGPthnvY y2L8GnPeOiGKWQXx654BN++PfioshPgV8wj1Kv5xx918wnXl5g== X-Received: by 2002:adf:9e09:: with SMTP id u9mr2956379wre.169.1566315936373; Tue, 20 Aug 2019 08:45:36 -0700 (PDT) MIME-Version: 1.0 From: Ard Biesheuvel Date: Tue, 20 Aug 2019 18:45:25 +0300 Message-ID: Subject: cbc mode broken in rk3288 driver To: "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" , Herbert Xu , Eric Biggers , Zhang Zhijie Content-Type: text/plain; charset="UTF-8" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hello all, While playing around with the fuzz tests on kernelci.org (which has a couple of rk3288 based boards for boot testing), I noticed that the rk3288 cbc mode driver is still broken (both AES and DES fail). For instance, one of the runs failed with alg: skcipher: cbc-aes-rk encryption test failed (wrong result) on test vector \"random: len=6848 klen=32\", cfg=\"random: may_sleep use_digest src_divs=[93.41%@+1655, 2.19%@+3968, 4.40%@+22]\" (but see below for the details of a few runs) However, more importantly, it looks like the driver violates the scatterlist API, by assuming that sg entries are always mapped and that sg_virt() and/or page_address(sg_page()) can always be called on arbitrary scatterlist entries The failures in question all occur with inputs whose size > PAGE_SIZE, so it looks like the PAGE_SIZE limit is interacting poorly with the way the next IV is obtained. Broken CBC is a recipe for disaster, and so this should really be fixed, or the driver disabled. -- Ard. https://storage.kernelci.org/ardb/for-kernelci/v5.3-rc1-195-gd84aa2e87b0e/arm/multi_v7_defconfig/gcc-8/lab-collabora/boot-rk3288-veyron-jaq.html https://storage.kernelci.org/ardb/for-kernelci/v5.3-rc1-195-gd84aa2e87b0e/arm/multi_v7_defconfig+CONFIG_EFI=y+CONFIG_ARM_LPAE=y/gcc-8/lab-collabora/boot-rk3288-veyron-jaq.html https://storage.kernelci.org/ardb/for-kernelci/v5.3-rc1-195-gd84aa2e87b0e/arm/multi_v7_defconfig+CONFIG_SMP=n/gcc-8/lab-collabora/boot-rk3288-veyron-jaq.html