crypto: caam - fix DMA corruption on long hmac keys

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

When a key longer than block size is supplied, it is copied and then
hashed into the real key. The memory allocated for the copy needs to
be rounded to DMA cache alignment, as otherwise the hashed key may
corrupt neighbouring memory.

The rounding was performed, but never actually used for the allocation.
Fix this by replacing kmemdup with kmalloc for a larger buffer,
followed by memcpy.

Fixes: 199354d7fb6e ("crypto: caam - Remove GFP_DMA and add DMA alignment padding")
Reported-by: Paul Bunyan <pbunyan@redhat.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Horia Geantă and committed by

Herbert Xu 2 months ago 5ddfdcbe 4b56770d

+2 -1

1 changed file

expand all

drivers

crypto

caam

caamhash.c

+2 -1

drivers/crypto/caam/caamhash.c

··· 441 441 if (aligned_len < keylen) 442 442 return -EOVERFLOW; 443 443 444 - hashed_key = kmemdup(key, keylen, GFP_KERNEL); 444 + hashed_key = kmalloc(aligned_len, GFP_KERNEL); 445 445 if (!hashed_key) 446 446 return -ENOMEM; 447 + memcpy(hashed_key, key, keylen); 447 448 ret = hash_digest_key(ctx, &keylen, hashed_key, digestsize); 448 449 if (ret) 449 450 goto bad_free_key;

Configure Feed

Configure Feed