diff mbox series

[3/3] crypto: ahash - Enforce MAX_SYNC_HASH_REQSIZE for sync ahash

Message ID 2e1012848db6e18f538a3917de700b782d0b38d6.1746176535.git.herbert@gondor.apana.org.au
State New
Headers show
Series [1/3] crypto: shash - Cap state size to HASH_MAX_DESCSIZE | expand

Commit Message

Herbert Xu May 2, 2025, 9:04 a.m. UTC 
As sync ahash algorithms (currently there are none) are used without
a fallback, ensure that they obey the MAX_SYNC_HASH_REQSIZE rule
just like shash algorithms.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
 crypto/ahash.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
diff mbox series

Patch

diff --git a/crypto/ahash.c b/crypto/ahash.c
index cc9885d5cfd2..e3446581370c 100644
--- a/crypto/ahash.c
+++ b/crypto/ahash.c
@@ -768,6 +768,14 @@  static int crypto_ahash_init_tfm(struct crypto_tfm *tfm)
 		if (err)
 			goto out_free_sync_hash;
 
+		if (!ahash_is_async(hash) && crypto_ahash_reqsize(hash) >
+					     MAX_SYNC_HASH_REQSIZE) {
+			if (tfm->__crt_alg->cra_exit)
+				tfm->__crt_alg->cra_exit(tfm);
+			err = -EINVAL;
+			goto out_free_sync_hash;
+		}
+
 		return 0;
 	}
 
@@ -775,6 +783,14 @@  static int crypto_ahash_init_tfm(struct crypto_tfm *tfm)
 	if (err)
 		goto out_free_sync_hash;
 
+	if (!ahash_is_async(hash) && crypto_ahash_reqsize(hash) >
+				     MAX_SYNC_HASH_REQSIZE) {
+		if (alg->exit_tfm)
+			alg->exit_tfm(hash);
+		err = -EINVAL;
+		goto out_free_sync_hash;
+	}
+
 	return 0;
 
 out_free_sync_hash:
@@ -954,6 +970,10 @@  static int ahash_prepare_alg(struct ahash_alg *alg)
 	if (base->cra_reqsize && base->cra_reqsize < alg->halg.statesize)
 		return -EINVAL;
 
+	if (!(base->cra_flags & CRYPTO_ALG_ASYNC) &&
+	    base->cra_reqsize > MAX_SYNC_HASH_REQSIZE)
+		return -EINVAL;
+
 	err = hash_prepare_alg(&alg->halg);
 	if (err)
 		return err;