Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp159559ybl; Tue, 28 Jan 2020 00:30:40 -0800 (PST) X-Google-Smtp-Source: APXvYqygTDOp3OVtIiOleLuzGv+7jzYcJ4oHsr78Km6cBYmCFRa+ig090buU8QXK8TYFbN/n59zn X-Received: by 2002:a05:6830:9a:: with SMTP id a26mr6717999oto.273.1580200240353; Tue, 28 Jan 2020 00:30:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1580200240; cv=none; d=google.com; s=arc-20160816; b=HV/89OteFj1Q9nnkTeknPdV9OLACQeshXAImsRWi2ICgTsDL6o/Xi0j1v4H99H7kol oZ3BO2C87tEtt1D+dl9FdHQFzmKDnVLBRZk6o0LPAs5TpXvu4kBWQULWlsplgNp2jQm0 GBcxMnzsU/01z2MVRCnOycjVjSFjuYuNRuCx9SE3aN0tTgHxuy2lx9iaV2+6QV1hDkA9 HcQBG9QZHwmJE6CsQkCw6/QMOwqpzdbdYAas0paxwvKws8MpsYeG0DLc4NM1+chR3/EM B6ojIdMk6Wg9e0m/tfyO9Th4dPORsWvQGnnNlby8a0lxIzQ8PY6cMV5ShaQJ9RrBwbMf UV2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version; bh=F8IiVdfZ3rxPkzrseqHvTR0l5JtOng4PGW9CTdvaeUQ=; b=nTkpMKiSclwrMoemU1yUEk2Wm5WWALgUa6rC/28Wg/c67OsLCcbUZFeYfbMyTtOSvH c0LAiLHNJQ/GmyZCsYtxXBw3nKjArMBsO7xYHyerLXuQbXh3PRJpn4uAyPUZxKsbUOYL WRMOyv/pBQDmNeDjzqglYC+gXckLe2De60JfCoyQ3terrfdOko+AeOT9avCfAV3vG2wi OriYPSbIwWN54asIEZOz28BWc5hNaPy249DeajaOxdNkRXmPPqz/eRbl7aQ/hx10R2u+ nJZHsJhE26z7AqaQpi/jBqSKnADLlV5ym0DNxDbOS8D4VvXZwIpFtJ0ZGb8s5aiKk2hN axiw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c79si5076729oig.208.2020.01.28.00.30.18; Tue, 28 Jan 2020 00:30:40 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725853AbgA1IaR (ORCPT + 99 others); Tue, 28 Jan 2020 03:30:17 -0500 Received: from mail-ot1-f66.google.com ([209.85.210.66]:40066 "EHLO mail-ot1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725848AbgA1IaR (ORCPT ); Tue, 28 Jan 2020 03:30:17 -0500 Received: by mail-ot1-f66.google.com with SMTP id i6so7353904otr.7; Tue, 28 Jan 2020 00:30:16 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=F8IiVdfZ3rxPkzrseqHvTR0l5JtOng4PGW9CTdvaeUQ=; b=KbjID6+wbMhXqkAH7mN5IhpPRWgTGNmroMCYkP9BsE/iLlixjW574jjwOPi7ssJCOk RD2pMMu9jVn2oPiRySVEtJwvsOlPnwmz8mC/AwZT/2QWedpycwRxU0PLs3NQhJ1DVLDK eMVrvcGDafUeVRTTxmbYNP6GOsYqaGa0yJmx9KleAyhAGAX18oahzxG0z9Hx6TT9NzzG hmWH6uYUBG+RupiJNnQQeDiHOQ671pLqpboYaZ8KaAlhXWsOw9+LXGLw7OIvJGwYcXu8 6UDnwt2zfzm4uMTPPI9dEJhc2moIZho5yrFxtQcFUpt6lF6damcHqrhLM2wAhg3mIcRn Rqqg== X-Gm-Message-State: APjAAAVwAMth3pcUCccZ2jYnUJrM+mLpMQw0jxPW4p10c1IoeDuMDCQQ WN88iClW5NMjU3M3ueNoTVDskSBk31UaZFqRNDp+HdSK X-Received: by 2002:a9d:146:: with SMTP id 64mr10914414otu.39.1580200215995; Tue, 28 Jan 2020 00:30:15 -0800 (PST) MIME-Version: 1.0 References: <20200127150822.12126-1-gilad@benyossef.com> <20200128030107.GF960@sol.localdomain> In-Reply-To: <20200128030107.GF960@sol.localdomain> From: Geert Uytterhoeven Date: Tue, 28 Jan 2020 09:30:04 +0100 Message-ID: Subject: Re: [RFC v3] crypto: ccree - protect against short scatterlists To: Eric Biggers Cc: Gilad Ben-Yossef , Herbert Xu , "David S. Miller" , Ofir Drang , Linux Crypto Mailing List , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hi Eric, On Tue, Jan 28, 2020 at 4:01 AM Eric Biggers wrote: > On Mon, Jan 27, 2020 at 04:22:53PM +0100, Geert Uytterhoeven wrote: > > On Mon, Jan 27, 2020 at 4:08 PM Gilad Ben-Yossef wrote: > > > Deal gracefully with the event of being handed a scatterlist > > > which is shorter than expected. > > > > > > This mitigates a crash in some cases due to > > > attempt to map empty (but not NULL) scatterlists with none > > > zero lengths. > > > > > > Signed-off-by: Gilad Ben-Yossef > > > Reported-by: Geert Uytterhoeven > > > > Thank you, boots fine on Salvator-XS with R-Car H3ES2.0, and > > CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y. > > > > Tested-by: Geert Uytterhoeven > > Note that you need to *unset* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS to enable the > self-tests. Sorry, that's what I meant (too used to type "=y" to enable something ;-) > So to run the full tests, the following is needed: > > # CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set With just this, it no longer crashes. > CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y With the extra tests enabled, it still crashes :-( +alg: hash: skipping comparison tests for ghash-neon because ghash-generic is unavailable +alg: hash: skipping comparison tests for ghash-ce because ghash-generic is unavailable +alg: aead: skipping comparison tests for gcm-aes-ce because gcm_base(ctr(aes-generic),ghash-generic) is unavailable +alg: aead: skipping comparison tests for ccm-aes-ce because ccm_base(ctr(aes-generic),cbcmac(aes-generic)) is unavailable +alg: hash: skipping comparison tests for cmac-aes-ce because cmac(aes-generic) is unavailable +alg: hash: skipping comparison tests for xcbc-aes-ce because xcbc(aes-generic) is unavailable +alg: hash: skipping comparison tests for cbcmac-aes-ce because cbcmac(aes-generic) is unavailable +alg: skcipher: skipping comparison tests for cts-cbc-aes-ce because cts(cbc(aes-generic)) is unavailable +alg: skcipher: skipping comparison tests for essiv-cbc-aes-sha256-ce because essiv(cbc(aes-generic),sha256-generic) is unavailable [...] ccree e6601000.crypto: ARM CryptoCell 630P Driver: HW version 0xAF400001/0xDCC63000, Driver version 5.0 +alg: skcipher: blocksize for xts-aes-ccree (1) doesn't match generic impl (16) +alg: skcipher: skipping comparison tests for ofb-aes-ccree because ofb(aes-generic) is unavailable +alg: skcipher: skipping comparison tests for cts-cbc-aes-ccree because cts(cbc(aes-generic)) is unavailable +alg: skcipher: skipping comparison tests for cbc-3des-ccree because cbc(des3_ede-generic) is unavailable +alg: skcipher: skipping comparison tests for ecb-3des-ccree because ecb(des3_ede-generic) is unavailable +alg: skcipher: skipping comparison tests for cbc-des-ccree because cbc(des-generic) is unavailable +alg: skcipher: skipping comparison tests for ecb-des-ccree because ecb(des-generic) is unavailable +random: crng init done +alg: hash: skipping comparison tests for xcbc-aes-ccree because xcbc(aes-generic) is unavailable +alg: hash: skipping comparison tests for cmac-aes-ccree because cmac(aes-generic) is unavailable +alg: aead: blocksize for authenc-hmac-sha1-cbc-aes-ccree (0) doesn't match generic impl (16) +alg: aead: skipping comparison tests for authenc-hmac-sha1-cbc-des3-ccree because authenc(hmac(sha1-generic),cbc(des3_ede-generic)) is unavailable +alg: aead: blocksize for authenc-hmac-sha256-cbc-aes-ccree (0) doesn't match generic impl (16) +alg: aead: skipping comparison tests for authenc-hmac-sha256-cbc-des3-ccree because authenc(hmac(sha256-generic),cbc(des3_ede-generic)) is unavailable alg: No test for authenc(xcbc(aes),cbc(aes)) (authenc-xcbc-aes-cbc-aes-ccree) alg: No test for authenc(xcbc(aes),rfc3686(ctr(aes))) (authenc-xcbc-aes-rfc3686-ctr-aes-ccree) -ccree e6601000.crypto: ARM ccree device initialized [...] +------------[ cut here ]------------ +kernel BUG at kernel/dma/swiotlb.c:497! +Internal error: Oops - BUG: 0 [#1] PREEMPT SMP +CPU: 1 PID: 270 Comm: cryptomgr_test Not tainted 5.5.0-rc6-arm64-renesas-00814-g967bcc92bb54b957 #525 +Hardware name: Renesas Salvator-X 2nd version board based on r8a77951 (DT) +pstate: 80000005 (Nzcv daif -PAN -UAO) +pc : swiotlb_tbl_map_single+0x30c/0x380 +lr : swiotlb_map+0xb0/0x300 +sp : ffff80000a7e3500 +x29: ffff80000a7e3500 x28: 0000000000000000 +x27: 0000000000000000 x26: 0000800048000000 +x25: ffff0006fa648010 x24: 0000000000000000 +x23: ffff800009b1d000 x22: 0000000000000000 +x21: 0000000000000000 x20: 00000000000e8000 +x19: ffff80000908f000 x18: ffffffffffffffff +x17: 0000000000000007 x16: 0000000000000001 +x15: ffff800008f8f908 x14: 019a33cc65fe9730 +x13: c962fb942dc65ff8 x12: 912ac35cf58e27c0 +x11: 59f28b24bd56ef88 x10: 0000000000200000 +x9 : 0000000000000000 x8 : 0000000000000001 +x7 : ffff800009b1d9e0 x6 : 0000000000000000 +x5 : 0000000000000000 x4 : 0000000000000000 +x3 : 0000000000000000 x2 : 0000000000000000 +x1 : 0000000074000000 x0 : 0000000000000000 +Call trace: + swiotlb_tbl_map_single+0x30c/0x380 + swiotlb_map+0xb0/0x300 + dma_direct_map_page+0xb8/0x140 + dma_direct_map_sg+0x78/0xe0 + cc_map_sg+0x7c/0xd8 + cc_map_aead_request+0x160/0x990 + cc_proc_aead+0x140/0xeb0 + cc_aead_encrypt+0x48/0x68 + crypto_aead_encrypt+0x20/0x30 + generate_aead_message+0x158/0x338 + generate_random_aead_testvec.constprop.43+0x110/0x1c8 + alg_test_aead+0x350/0x400 + alg_test+0x108/0x410 + cryptomgr_test+0x40/0x48 + kthread+0x11c/0x120 + ret_from_fork+0x10/0x18 +Code: f9402fbc 17ffffa0 f9000bb3 f9002fbc (d4210000) +---[ end trace 42a5d23b5191edbc ]--- +note: cryptomgr_test[270] exited with preempt_count 1 +------------[ cut here ]------------ Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds