Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp142993ybv;
        Wed, 12 Feb 2020 21:06:26 -0800 (PST)
X-Google-Smtp-Source: APXvYqyw4DJ4Dx8+knBCXQz/x8YqiWweXovWQCVOkjVhneHBWnXFwejcisS9aCddN92o1CawDWCe
X-Received: by 2002:a05:6830:1203:: with SMTP id r3mr5355516otp.230.1581570385935;
        Wed, 12 Feb 2020 21:06:25 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1581570385; cv=none;
        d=google.com; s=arc-20160816;
        b=wZVnSsbqoxwdYyyGqozPTIIexvEV1xU6/5M7uT5aA6hlx+r7Kj2z8bWmtIwhIi6NYk
         u+zzHjjAbC4CuUqZGWMODFWVeDD9fDThgpURjGj0pinUlbU6gndgz4YnQ3vVQVGQlmDt
         //xmcVA53C+nn0ClJ61HtZDyb7MKJvGLL5V/o42b4gemOGHd3rRzviyKPFqKOyLfxAJN
         vhNu/YAGcbfVtMMSaIFL0LIzbE9lQE6qUh1+SPvndGU7mVPQCOUxpgeTJOzPWtfMF3hB
         /8hRWuTc9JzWs4l72lWAZ+y2dYDsquJXA0dbk17mq4dFgHFRDgnIDB0e0FrmViGkAADA
         Qz8w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=p+yDZQvryiMhkVPXdBVeDpaCFiOqKTfmXkoNlvayVAk=;
        b=EwpJ6iEPbPsRmch5X2KDqo4pgnQBA/z9HCpW7W4jbRpfwuSE/BtrnzKGRBwwdZ3xPP
         zO+bXAVzn/yCwPi8agpgW+KT84siweBdnmrwrJvCQPEQsqBWqqaMARTfupK2IcvA84l5
         VJPtlZOVHxDNU7iJSt55dALItgrsOtYnMwO6CuLGfqRS3vtqZr7TtrFaOwGLKtv7++N4
         jor4Z1oAZp44K9dxfXfPN6zOvn1JErYxKlcB9mZ/Eg10u5ibQKE3qK8wO8MQLdscOqaQ
         E77XjcWkHzW9vN12NQp8KXttVGctN6PSLUztiTf6WukX1hjYozfoPwFKUgTCX50HLp8s
         6q/g==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id w13si572154oti.291.2020.02.12.21.06.01;
        Wed, 12 Feb 2020 21:06:25 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726087AbgBMFF5 (ORCPT <rfc822;msmegsbcn@gmail.com> + 99 others);
        Thu, 13 Feb 2020 00:05:57 -0500
Received: from helcar.hmeau.com ([216.24.177.18]:36038 "EHLO deadmen.hmeau.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1725446AbgBMFF5 (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
        Thu, 13 Feb 2020 00:05:57 -0500
Received: from gondobar.mordor.me.apana.org.au ([192.168.128.4] helo=gondobar)
        by deadmen.hmeau.com with esmtps (Exim 4.89 #2 (Debian))
        id 1j26hG-0002hc-Jz; Thu, 13 Feb 2020 13:05:54 +0800
Received: from herbert by gondobar with local (Exim 4.89)
        (envelope-from <herbert@gondor.apana.org.au>)
        id 1j26hE-0000t3-D0; Thu, 13 Feb 2020 13:05:52 +0800
Date:   Thu, 13 Feb 2020 13:05:52 +0800
From:   Herbert Xu <herbert@gondor.apana.org.au>
To:     Corentin Labbe <clabbe.montjoie@gmail.com>
Cc:     Eric Biggers <ebiggers@kernel.org>, davem@davemloft.net,
        linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [BUG] crypto: export() overran state buffer on test vector
Message-ID: <20200213050552.b5fkkravjirsey5y@gondor.apana.org.au>
References: <20200206085442.GA5585@Red>
 <20200207065719.GA8284@sol.localdomain>
 <20200207104659.GA10979@Red>
 <20200208085713.ftuqxhatk6iioz7e@gondor.apana.org.au>
 <20200211192118.GA24059@Red>
 <20200212020628.7grnopgwm6shn3hi@gondor.apana.org.au>
 <20200212185749.GA9886@Red>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20200212185749.GA9886@Red>
User-Agent: NeoMutt/20170113 (1.7.2)
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Wed, Feb 12, 2020 at 07:57:49PM +0100, Corentin Labbe wrote:
>
> I just found the problem, it happen with ARM CE which has a bigger state_size (sha256_ce_state) of 4bytes.
> 
> Since my driver didnt use statesize at all, I detect this on cra_init() like this:
> if (algt->alg.hash.halg.statesize < crypto_ahash_statesize(op->fallback_tfm))
> 	algt->alg.hash.halg.statesize = crypto_ahash_statesize(op->fallback_tfm);

Thanks for finding this.

I think this can be fixed by simply adding export/imort functions
that exported the sha state without the extra finalize field which
is never used for the exported state (it's only used as an internal
function parameter).

We should also add some tests to ensure that shash SHA algorithms
all use the same geometry for export/import.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt