Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp288290pxb; Fri, 29 Oct 2021 09:51:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw4pkZnmcBY3l2tejiazgtKMcnXYmFyrvoXaRaelBFH7bSo0EOdx+NEiB5DioZToVAu/vBd X-Received: by 2002:a05:6402:438f:: with SMTP id o15mr16218623edc.53.1635526280492; Fri, 29 Oct 2021 09:51:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635526280; cv=none; d=google.com; s=arc-20160816; b=iHOvFn4uczLVSrwE9VuHaBJzJu4T+k/ER0OQgtd4xNeOLsqigGoZTwArwvlj/d99mg Xfsks2b2DwfyDpM5KLMA9EM2IpD8cpfj4jlOAytxi0ptrLRh9AXPoa/QF/pxpcaiQSVC /djFaY5v8eJO52Zzp2vJ9Z14EF32bTXmWLON7gLZ+7Ian20t9Chlq0xXgQ8EMjhkBFGL GVmZmCbvwuCYdocLJva/rtXbnUDRsgYizEljt/dg5UzpTWLzVejV6bELLMKXCEPByhbC Vv7VpjSzD/lvmtwwV2iRwrVM5JiNIb4y6ISte7b7/3GCpkWj7EGA043+ilwO8QMqcHnw G+7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:dkim-signature; bh=6zdVEZVllSYH2Pu2kQDESwjXTwsDnaWusbLxdvceA80=; b=vQK4x7PG8DbDhhLDLelkJjNBCDIwK2AoTMnoUbzdCQRbQZOCaKKK7CUBFC3nQsT1eU PiGqchzT+/sy2s9sg8rlItjIipAlQ5+A9Sl0rNIASe0qEffYAdEZ3WKjoZwNnsbSU+/D 2nRiBPeNX2AONsa5jXhkQfFyPnz584Vg2/sosoItNC30qMO9mAuIWz5cy2kAHLj9unyP YW2LSNUnTppY9NlqPm3ASb/TXP17zMsKKrqt/GikkvboXQYF1LKpA16Vp63tnL6ZQ5J7 EaJpVSgQMEhAjVvSPet2d6Xakk4PDWmQJtWx0GkOelblHipYfrRQq6jLGZceUnTSBi8D 9SLQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@denx.de header.s=phobos-20191101 header.b=Qm2LC35D; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j26si7675123ejd.175.2021.10.29.09.50.19; Fri, 29 Oct 2021 09:51:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@denx.de header.s=phobos-20191101 header.b=Qm2LC35D; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229979AbhJ2QvS (ORCPT + 99 others); Fri, 29 Oct 2021 12:51:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49098 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229811AbhJ2QvR (ORCPT ); Fri, 29 Oct 2021 12:51:17 -0400 Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A389AC061570; Fri, 29 Oct 2021 09:48:48 -0700 (PDT) Received: from [IPv6:::1] (p578adb1c.dip0.t-ipconnect.de [87.138.219.28]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: marex@denx.de) by phobos.denx.de (Postfix) with ESMTPSA id 28B7C82952; Fri, 29 Oct 2021 18:48:44 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=denx.de; s=phobos-20191101; t=1635526125; bh=6zdVEZVllSYH2Pu2kQDESwjXTwsDnaWusbLxdvceA80=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=Qm2LC35DVg0x4tRrz3XRlrKkmMk8WgAGYcTHDq6/7sMIka9JAy/hBAu+OpkwqD8B9 L0nM++Z+eWa3pgNf/ecCpkmYgU4FZqeyLZQYOS7+33nCZuIAoMu10RaKDbWBlt6Kem KH8cPSoiFHst4BMuQ/x6zvmVw9bOWGcXmCB0Eu4jlx1gVEa+SzLFAxiYTKe+c+GncX buALthx3xKmG3TINMPfhBBZZ59wqTkjFQqkFMICmYpM/VBbAx1hzW3YhRey3cqYszs 4uxXTYK+gZYHLpMFxCcdJOAOi4/sV6N2CUFN3Q6KsiSXAwAd5rfw4l8WoLErO+QNp5 VJCLO/wL+V0DA== Subject: Re: [PATCH 4/8] crypto: stm32/cryp - fix race condition To: Nicolas Toromanoff Cc: Herbert Xu , "David S . Miller" , Maxime Coquelin , Alexandre Torgue , linux-crypto@vger.kernel.org, linux-stm32@st-md-mailman.stormreply.com, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org References: <20211029135454.4383-1-nicolas.toromanoff@foss.st.com> <20211029135454.4383-5-nicolas.toromanoff@foss.st.com> <1ec60d9c-1ab4-8a92-1c6d-8093232ca039@denx.de> From: Marek Vasut Message-ID: Date: Fri, 29 Oct 2021 18:48:43 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 10/29/21 5:21 PM, Nicolas Toromanoff wrote: > On Fri, 29 Oct 2021, Marek Vasut wrote: > >> On 10/29/21 3:54 PM, Nicolas Toromanoff wrote: >>> Erase key before finalizing request. >>> Fixes: 9e054ec21ef8 ("crypto: stm32 - Support for STM32 CRYP crypto >>> module") >> >> Can you be a bit more specific in your commit messages ? That applies >> to the entire patchset. It is absolutely impossible to tell what race >> is fixed here or why it is fixed by exactly this change. This applies >> to the entire series. > > I'll send a v2 with better commit messages. > > for this specific patch: > We reset the saved key before the crypto_finalize_*() call. Otherwise a > still pending crypto action could be ran with a wrong key = {0}; > >> And while I am at it, does the CRYP finally pass at least the most >> basic kernel boot time crypto tests or does running those still >> overwrite kernel memory and/or completely crash or lock up the machine ? > > All extra tests (finally) pass. > > With a kernel config : >   # CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set >   CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y >   CONFIG_CRYPTO_DEV_STM32_CRYP=m Can you also do a boot test with CRYP compiled into the kernel ? I recall that is how the original bug was reported -- the machine crashed completely on boot even before reaching userspace, or the kernel crashed on memory corruption before reaching userspace.