Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp1786116ybk; Mon, 11 May 2020 04:20:25 -0700 (PDT) X-Google-Smtp-Source: APiQypKK3n22BTYuNpWJwiYXlAKo8LcRtdzuetWjFKLsJnUXcpWgegH/Lvt6OLkvZi81M45O9Fpr X-Received: by 2002:a05:6402:2293:: with SMTP id cw19mr12874637edb.351.1589196025057; Mon, 11 May 2020 04:20:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589196025; cv=none; d=google.com; s=arc-20160816; b=Hy5COrlTHtQmn1cE9Kfcm8OzwCTPg2qsMg63VQGPuu5BoKgZfqjEeka89ItMmftpHX mpIGCf7mxSocR9Ks6uxAfW9ofpWCmzYh6IhK2ha8y93ZwttfbLU35Xy7oqeCGmBZZaGx sOPgzMd/Sqcp9S2MC+nIR6mNB1uiNqZND2lRvHJUUAD6lnbQ3R9KNNj8OhnTCtjTvUXO h3c+RaWj+hxkVQQDvHBMwYK+N6DR1uraGKl2jj5/6adLkvOLdhOnfodoFHj53lCnJEn/ 93qw1u5JXZC95rzspiWU3di4RisYzBo9Uml7905cAu58ZPUZCgS0yjqzNlEV72yccZFR 58pA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=D+FkBTnlxhFt8rwKSbgbew41pOYqmQRAEPiRqzTmXOQ=; b=WeoD5wRwxuQMA57UFEFKmMrcB+MMiJO7DyVKPW9/pAgvn/7xQCN4E/Vf428pffBmoo c/CmYBsqU4paAcfUeAvbmJy6ooRPEcYdfMjaPxjvsLYyhduBudsvSB1C30SZGOi+ZdCG G6F+Ae5Q/VIz4pbJKUB0Aqp3ymt8iXEEFyXLc7XZZOuYp7c9ZRgcNZ+1eX3KpYw9jz6N APL1orUYHSF6F3Am9AEVaqUrBXr7rXbgpyuC6hqmpdy5N8ltcqOg052Xc2vqFSkFomjC yK3/Bg4eXx/pUaMrVZbcRfvKkpguZBBp/Q2BhkFXx52ZeU6lE6ewGuY9S92iGFL8XGj7 610g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ti.com header.s=ti-com-17Q1 header.b=k7SqLLlC; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=ti.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w6si5686330edf.40.2020.05.11.04.20.02; Mon, 11 May 2020 04:20:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@ti.com header.s=ti-com-17Q1 header.b=k7SqLLlC; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=ti.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729264AbgEKLTm (ORCPT + 99 others); Mon, 11 May 2020 07:19:42 -0400 Received: from lelv0142.ext.ti.com ([198.47.23.249]:52254 "EHLO lelv0142.ext.ti.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729260AbgEKLTk (ORCPT ); Mon, 11 May 2020 07:19:40 -0400 Received: from fllv0034.itg.ti.com ([10.64.40.246]) by lelv0142.ext.ti.com (8.15.2/8.15.2) with ESMTP id 04BBJSah099239; Mon, 11 May 2020 06:19:28 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1589195968; bh=D+FkBTnlxhFt8rwKSbgbew41pOYqmQRAEPiRqzTmXOQ=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=k7SqLLlClB8ZEFDGzF/pEUjn9BCGo8CrPPLntbI3b+zIRIG5Y5f+HFEkqF/iHxxmM rptNWFqR9e5RqifD7oSS0UxIFqrIPgD+VXAzz9u9Uz7HBCgqRoZbashL7sLX+DNUEF u59A9G19vHup5sEpc5STyVYuRMfsE9RvYj5S1cvQ= Received: from DLEE104.ent.ti.com (dlee104.ent.ti.com [157.170.170.34]) by fllv0034.itg.ti.com (8.15.2/8.15.2) with ESMTPS id 04BBJSUk003413 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Mon, 11 May 2020 06:19:28 -0500 Received: from DLEE104.ent.ti.com (157.170.170.34) by DLEE104.ent.ti.com (157.170.170.34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1979.3; Mon, 11 May 2020 06:19:28 -0500 Received: from lelv0326.itg.ti.com (10.180.67.84) by DLEE104.ent.ti.com (157.170.170.34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1979.3 via Frontend Transport; Mon, 11 May 2020 06:19:28 -0500 Received: from sokoban.ti.com (ileax41-snat.itg.ti.com [10.172.224.153]) by lelv0326.itg.ti.com (8.15.2/8.15.2) with ESMTP id 04BBJKOY004306; Mon, 11 May 2020 06:19:27 -0500 From: Tero Kristo To: , , CC: Subject: [PATCHv2 4/7] crypto: omap-sham: huge buffer access fixes Date: Mon, 11 May 2020 14:19:10 +0300 Message-ID: <20200511111913.26541-5-t-kristo@ti.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200511111913.26541-1-t-kristo@ti.com> References: <20200511111913.26541-1-t-kristo@ti.com> MIME-Version: 1.0 Content-Type: text/plain X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The ctx internal buffer can only hold buflen amount of data, don't try to copy over more than that. Also, initialize the context sg pointer if we only have data in the context internal buffer, this can happen when closing a hash with certain data amounts. Signed-off-by: Tero Kristo --- drivers/crypto/omap-sham.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c index 0c837bbd8f0c..9823d7dfca9c 100644 --- a/drivers/crypto/omap-sham.c +++ b/drivers/crypto/omap-sham.c @@ -751,8 +751,15 @@ static int omap_sham_align_sgs(struct scatterlist *sg, int offset = rctx->offset; int bufcnt = rctx->bufcnt; - if (!sg || !sg->length || !nbytes) + if (!sg || !sg->length || !nbytes) { + if (bufcnt) { + sg_init_table(rctx->sgl, 1); + sg_set_buf(rctx->sgl, rctx->dd->xmit_buf, bufcnt); + rctx->sg = rctx->sgl; + } + return 0; + } new_len = nbytes; @@ -896,7 +903,7 @@ static int omap_sham_prepare_request(struct ahash_request *req, bool update) if (hash_later < 0) hash_later = 0; - if (hash_later) { + if (hash_later && hash_later <= rctx->buflen) { scatterwalk_map_and_copy(rctx->buffer, req->src, req->nbytes - hash_later, -- 2.17.1 -- Texas Instruments Finland Oy, Porkkalankatu 22, 00180 Helsinki. Y-tunnus/Business ID: 0615521-4. Kotipaikka/Domicile: Helsinki