From patchwork Mon May 20 12:14:11 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg Kroah-Hartman X-Patchwork-Id: 164629 Delivered-To: patch@linaro.org Received: by 2002:a92:9e1a:0:0:0:0:0 with SMTP id q26csp239109ili; Mon, 20 May 2019 05:42:23 -0700 (PDT) X-Google-Smtp-Source: APXvYqyyUxkynRkVkqMD2vfMi/BuURdDebycaWczCMTyGGtzf64Bseo5J1IDzw4+aa/kPq4+sGzU X-Received: by 2002:a17:902:b492:: with SMTP id y18mr69980856plr.96.1558356143333; Mon, 20 May 2019 05:42:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558356143; cv=none; d=google.com; s=arc-20160816; b=T1T0hZ4f1aA7huVTzBb6EKp6qiiNlQ0OlGi37mr1Zq7WcyJ+naFKxz+QUTHQRhIfck acyLTrdQmtUWlEsV137f0Hcbs3aapfHH04m2dIpqlAjA+DA5xKSHV270Cfe7s+iQ8Upf 4f5tlsH11wBXj+EMsgZfy3lULJfA2xIz/OG1wuKLpcZfTPTeZuR9LwaL1zF60WrgTvWY S2D1bql6JpUp2wS+z2RHeu/xNgaszNbGODQDUCnNdlubp5iBgt+KRXr7rvzWvpZPVN2I i3nvSqcvzg+Z/Xl4ucTCSpeDphmGAj2klRYpp73bIRsxmh6IzDelaQBM2e+zMTd7vOK4 AC+Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=MMF6Y+gg+sB1EwkDh/AigBgSVFaxZkCYkwOOELsu30U=; b=ho7hg/xkqY3pm6yEzuFH/awtqt74bofmViDAq4M8aBGYGDe8N+dZa48qsDD9meu+3j 6rBd2cxTtx5e34wTibE7sSIIiGLA9qJJOMElVLR2I5f/fDX7tAMgP6rjIsB8RckD4k8W BWQu23NqKabbDT0aVWnS//2JTFwT7SdryaycJ9w3mgP/27B7iRxpD4v7ZxjfekPOEbxv Cz33VcLp5pLWNmrZpNOC7ZwLBHAixM7FjTJ4WfrstGwB8zoUGDmDGNCN7PLbOGse8DGX tnOKSmuC0TRk7Uk5npoHmBkm5MQVBYbJnWasDR/nFgWzPg4w6qS5q1VlSwC2fk9FIElt gHFA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="1YOeaN/y"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e11si12396932pgv.569.2019.05.20.05.42.19; Mon, 20 May 2019 05:42:23 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="1YOeaN/y"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2391412AbfETMjl (ORCPT + 30 others); Mon, 20 May 2019 08:39:41 -0400 Received: from mail.kernel.org ([198.145.29.99]:50946 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390783AbfETMdr (ORCPT ); Mon, 20 May 2019 08:33:47 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id D1DCA21479; Mon, 20 May 2019 12:33:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1558355626; bh=ThuQJlJWUbJBxZLkx4DtB+RwKwOeEAz2/qoq9LVWops=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=1YOeaN/ySDbdfbMbNsJicDMIq+flf5LiUOznorgb1ouXvoW12usOQnRJRh1k35eDQ jZGn6MTd0L3M3G9WMsz5yUk4MZlUSQ7b9QasZ2u4laKhTkAT4kIM9h3EDSFu70NoB2 lZFh6qdjryV82u9dIVYWRoQb8pD9nBkfQHkl3gDw= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Gilad Ben-Yossef , Herbert Xu Subject: [PATCH 5.1 064/128] crypto: ccree - dont map AEAD key and IV on stack Date: Mon, 20 May 2019 14:14:11 +0200 Message-Id: <20190520115254.120694661@linuxfoundation.org> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190520115249.449077487@linuxfoundation.org> References: <20190520115249.449077487@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Gilad Ben-Yossef commit e8662a6a5f8f7f2cadc0edb934aef622d96ac3ee upstream. The AEAD authenc key and IVs might be passed to us on stack. Copy it to a slab buffer before mapping to gurantee proper DMA mapping. Signed-off-by: Gilad Ben-Yossef Cc: stable@vger.kernel.org # v4.19+ Signed-off-by: Herbert Xu Signed-off-by: Greg Kroah-Hartman --- drivers/crypto/ccree/cc_aead.c | 11 ++++++++++- drivers/crypto/ccree/cc_buffer_mgr.c | 15 ++++++++++++--- drivers/crypto/ccree/cc_driver.h | 1 + 3 files changed, 23 insertions(+), 4 deletions(-) --- a/drivers/crypto/ccree/cc_aead.c +++ b/drivers/crypto/ccree/cc_aead.c @@ -424,7 +424,7 @@ static int validate_keys_sizes(struct cc /* This function prepers the user key so it can pass to the hmac processing * (copy to intenral buffer or hash in case of key longer than block */ -static int cc_get_plain_hmac_key(struct crypto_aead *tfm, const u8 *key, +static int cc_get_plain_hmac_key(struct crypto_aead *tfm, const u8 *authkey, unsigned int keylen) { dma_addr_t key_dma_addr = 0; @@ -437,6 +437,7 @@ static int cc_get_plain_hmac_key(struct unsigned int hashmode; unsigned int idx = 0; int rc = 0; + u8 *key = NULL; struct cc_hw_desc desc[MAX_AEAD_SETKEY_SEQ]; dma_addr_t padded_authkey_dma_addr = ctx->auth_state.hmac.padded_authkey_dma_addr; @@ -455,11 +456,17 @@ static int cc_get_plain_hmac_key(struct } if (keylen != 0) { + + key = kmemdup(authkey, keylen, GFP_KERNEL); + if (!key) + return -ENOMEM; + key_dma_addr = dma_map_single(dev, (void *)key, keylen, DMA_TO_DEVICE); if (dma_mapping_error(dev, key_dma_addr)) { dev_err(dev, "Mapping key va=0x%p len=%u for DMA failed\n", key, keylen); + kzfree(key); return -ENOMEM; } if (keylen > blocksize) { @@ -542,6 +549,8 @@ static int cc_get_plain_hmac_key(struct if (key_dma_addr) dma_unmap_single(dev, key_dma_addr, keylen, DMA_TO_DEVICE); + kzfree(key); + return rc; } --- a/drivers/crypto/ccree/cc_buffer_mgr.c +++ b/drivers/crypto/ccree/cc_buffer_mgr.c @@ -560,6 +560,7 @@ void cc_unmap_aead_request(struct device if (areq_ctx->gen_ctx.iv_dma_addr) { dma_unmap_single(dev, areq_ctx->gen_ctx.iv_dma_addr, hw_iv_size, DMA_BIDIRECTIONAL); + kzfree(areq_ctx->gen_ctx.iv); } /* Release pool */ @@ -664,19 +665,27 @@ static int cc_aead_chain_iv(struct cc_dr struct aead_req_ctx *areq_ctx = aead_request_ctx(req); unsigned int hw_iv_size = areq_ctx->hw_iv_size; struct device *dev = drvdata_to_dev(drvdata); + gfp_t flags = cc_gfp_flags(&req->base); int rc = 0; if (!req->iv) { areq_ctx->gen_ctx.iv_dma_addr = 0; + areq_ctx->gen_ctx.iv = NULL; goto chain_iv_exit; } - areq_ctx->gen_ctx.iv_dma_addr = dma_map_single(dev, req->iv, - hw_iv_size, - DMA_BIDIRECTIONAL); + areq_ctx->gen_ctx.iv = kmemdup(req->iv, hw_iv_size, flags); + if (!areq_ctx->gen_ctx.iv) + return -ENOMEM; + + areq_ctx->gen_ctx.iv_dma_addr = + dma_map_single(dev, areq_ctx->gen_ctx.iv, hw_iv_size, + DMA_BIDIRECTIONAL); if (dma_mapping_error(dev, areq_ctx->gen_ctx.iv_dma_addr)) { dev_err(dev, "Mapping iv %u B at va=%pK for DMA failed\n", hw_iv_size, req->iv); + kzfree(areq_ctx->gen_ctx.iv); + areq_ctx->gen_ctx.iv = NULL; rc = -ENOMEM; goto chain_iv_exit; } --- a/drivers/crypto/ccree/cc_driver.h +++ b/drivers/crypto/ccree/cc_driver.h @@ -168,6 +168,7 @@ struct cc_alg_template { struct async_gen_req_ctx { dma_addr_t iv_dma_addr; + u8 *iv; enum drv_crypto_direction op_type; };